DEV Community

Cover image for Reverse Proxy Server for noobs (not Nginx / Apache!)
Toby Chui
Toby Chui

Posted on

Reverse Proxy Server for noobs (not Nginx / Apache!)

I guess most of the web devs out there know what is a reverse proxy server. It is especially useful when you have multiple services deployed on a single homelab rack or a cluster of servers and want to expose them to the internet using a single gateway server with different subdomains. In this blog post, I will simply share my experience on why I wrote my own reverse proxy server in Go to replace apache / nginx in my distributed homelab setup.

What is Reverse Proxy Server?

Imagine you're at a music festival, grooving to your favorite tunes, and suddenly you need a refreshing drink. You don't want to miss a beat, so you send your friend, the reverse proxy, to fetch it for you. Your friend navigates through the crowd, stands in line, and brings back that ice-cold beverage without interrupting your dance moves. In this scenario, the reverse proxy server acts as your go-between, shielding you (the user) from the chaos of the festival (the backend servers) and delivering the content you desire.

Modern reverse proxy do more things just to relay and fetch webpage for you. For example, load balancing, failover, some managers like Nginx Proxy Manager (NPM, not the blackhole npm) even have build in automatic SSL certificates renew and so on. That is why reverse proxy is usually considered the "heart" of a homelab system (or any kind of web systems)

Why I am writing my own Reverse Proxy Server?

If you have never experience with the pain of writing an apache or nginx config as a senior dev-ops, it is a really memorable experience. You try copy things from the internet, modify them according to your knowledge and figure out its routing is unpredictable. Sometime the routing only works in testing environment but not the productions, and many web services that depends on some special settings in rewrite rules and headers. It is just pain in the *** to make all the service running.

Besides, it is just inconvenience to ssh into your gateway server and modify the config when you just want to add a temporary rules for proxying a testing environment or systems.

There are alternatives or solutions to these issue in the open source world. Like NPM is the one that most recommended by Redditors in r/selfhost. However, it have been outdated and it is known to break a lot of stuffs with the latest updates. That is why I decided to write my own to solve my issue in the foreseeable future.

That is why Zoraxy was born

GitHub logo tobychui / zoraxy

A general purpose HTTP reverse proxy and forwarding tool. Now written in Go!

Zoraxy

A general purpose HTTP reverse proxy and forwarding tool. Now written in Go!

Features

  • Simple to use interface with detail in-system instructions
  • Reverse Proxy (HTTP/2)
    • Virtual Directory
    • WebSocket Proxy (automatic, no set-up needed)
    • Basic Auth
    • Alias Hostnames
    • Custom Headers
  • Redirection Rules
  • TLS / SSL setup and deploy
    • ACME features like auto-renew to serve your sites in https
    • SNI support (and SAN certs)
    • DNS Challenge for Let's Encrypt and these DNS providers
  • Blacklist / Whitelist by country or IP address (single IP, CIDR or wildcard for beginners)
  • Global Area Network Controller Web UI (ZeroTier not included)
  • Stream Proxy (TCP & UDP)
  • Integrated Up-time Monitor
  • Web-SSH Terminal
  • Utilities
    • CIDR IP converters
    • mDNS Scanner
    • Wake-On-Lan
    • Debug Forward Proxy
    • IP Scanner
  • Others
    • Basic single-admin management mode
    • External permission management system for easy system integration
    • SMTP config for password reset

Downloads

Windows / Linux (amd64) / Linux (arm64)

For other systems or architectures…


Zoraxy is a Go-Powered Reverse Proxy and Forwarding Tool for Web Developers

Image description

Looking for a versatile and user-friendly reverse proxy and forwarding tool? Look no further than Zoraxy! Built from the ground up using the power of Go, Zoraxy is a go-to solution for low-power devices and beyond. With its comprehensive set of features and straightforward interface, Zoraxy empowers both senior and casual web developers to effortlessly manage their web services and enhance their online presence.

Image description

Let's delve into the exciting world of Zoraxy and explore its impressive feature set. First and foremost, Zoraxy shines as a reverse proxy, allowing you to seamlessly route incoming requests to the appropriate backend servers. Whether you need subdomain reverse proxy capabilities or virtual directory reverse proxy functionality, Zoraxy has got you covered.

Image description

But that's not all! Zoraxy goes above and beyond with its extensive array of features. Need to set up redirection rules? Zoraxy has you covered.

Image description

Looking to implement TLS/SSL for enhanced security? Zoraxy has your back there too.

Image description

Worried about unwanted traffic? Zoraxy offers the ability to blacklist specific countries or IP addresses, providing you with granular control over your network.

Image description

Image description

Zoraxy doesn't stop at just being a reverse proxy either. It comes packed with handy utilities like CIDR IP converters, mDNS Scanner, and IP Scanner, making your web development tasks a breeze.

Image description

And for those times when you need remote access, Zoraxy even provides a convenient Web-SSH Terminal.

Image description

Image description

Want to know who are visiting your site? Zoraxy also got a build in statistic viewer where you can get an overview on the traffics on your site without the need of cookies (non-personalized tracking)

Image description

Managing Zoraxy is a breeze thanks to its simple-to-use interface and in-depth instructions built right into the system. Whether you're a seasoned developer or just starting out, Zoraxy offers a basic single-admin management mode (like a home router) that ensures a hassle-free experience. If you already got an upstream reverse proxy server with permission management set-up, you can even run Zoraxy in no-auth mode, making it integrate with your current infrastructure with ease.

Work In Progress

As this was just open source a few weeks ago, I still got a few more functions that I wanted to add and it is working in progress. One of the most requested features are the ACME automatic certificate update. However, I am still working on the details on how ACME works.

Image description

Image description

Meanwhile, there are a few experimental functions that is nearly completed. Like the TCP Proxy and ZeroTier controller integrations.

Know More

If you are interested to learn more about this open source project, feel free to take a look at our website at

Reverse Proxy Server | Zoraxy

A reverse proxy server and cluster network gateway for noobs

favicon zoraxy.arozos.com

or our github repo over at

GitHub logo tobychui / zoraxy

A general purpose HTTP reverse proxy and forwarding tool. Now written in Go!

Zoraxy

A general purpose HTTP reverse proxy and forwarding tool. Now written in Go!

Features

  • Simple to use interface with detail in-system instructions
  • Reverse Proxy (HTTP/2)
    • Virtual Directory
    • WebSocket Proxy (automatic, no set-up needed)
    • Basic Auth
    • Alias Hostnames
    • Custom Headers
  • Redirection Rules
  • TLS / SSL setup and deploy
    • ACME features like auto-renew to serve your sites in https
    • SNI support (and SAN certs)
    • DNS Challenge for Let's Encrypt and these DNS providers
  • Blacklist / Whitelist by country or IP address (single IP, CIDR or wildcard for beginners)
  • Global Area Network Controller Web UI (ZeroTier not included)
  • Stream Proxy (TCP & UDP)
  • Integrated Up-time Monitor
  • Web-SSH Terminal
  • Utilities
    • CIDR IP converters
    • mDNS Scanner
    • Wake-On-Lan
    • Debug Forward Proxy
    • IP Scanner
  • Others
    • Basic single-admin management mode
    • External permission management system for easy system integration
    • SMTP config for password reset

Downloads

Windows / Linux (amd64) / Linux (arm64)

For other systems or architectures…

If you like this project, please give us a star so we know there are users waiting and looking forward to this project to enter Beta phrase. Thanks for the support :)

Top comments (1)

Collapse
 
dyfet profile image
David Sugar

An interesting use case may be tailscale, where you forward a public appearing service to a host hidden behind tailscale.