Skip to content

Quick deployment

Jump to bottom
Snawoot edited this page Sep 7, 2022 · 28 revisions

This guide explains deployment of secure (HTTP-over-TLS) proxy server on any mainstream Linux distro. This guide only assumes curl utility is present on server and you have a root shell. Make sure no errors reported on each step before proceeding to next one.

Step 1. Attach the domain name (public wildcard or your own)

Domain is needed for smooth TLS operation. You can either get (buy) some domain and attach it to IP address of your VPS, or use wildcard DNS service nip.io. In later case, nip.io allows you to do that binding by mapping any IP Address to a hostname using the following formats:

Without a name:

  • 10.0.0.1.nip.io maps to 10.0.0.1
  • 192-168-1-250.nip.io maps to 192.168.1.250
  • 0a000803.nip.io maps to 10.0.8.3

With a name:

  • app.10.8.0.1.nip.io maps to 10.8.0.1
  • app-116-203-255-68.nip.io maps to 116.203.255.68
  • app-c0a801fc.nip.io maps to 192.168.1.252
  • customer1.app.10.0.0.1.nip.io maps to 10.0.0.1
  • customer2-app-127-0-0-1.nip.io maps to 127.0.0.1
  • customer3-app-7f000101.nip.io maps to 127.0.1.1

So, for example, for VPS with address 198.51.100.11 we can use domain name someword-198-51-100-11.nip.io outright.

Step 2. Install dumbproxy

Assuming amd64 processor architecture, for other cases get binary here. Run command:

curl -Lo /usr/local/bin/dumbproxy 'https://github.com/Snawoot/dumbproxy/releases/download/v1.6.1/dumbproxy.linux-amd64' && chmod +x /usr/local/bin/dumbproxy

Check if installation was successful. Command /usr/local/bin/dumbproxy -version should output v1.6.1.

Step 3. Configure dumbproxy

Create password file. Run following command, replacing USERNAME and PASSWORD with actual desired values:

dumbproxy -passwd /etc/dumbproxy.htpasswd USERNAME PASSWORD

Configure dumbproxy. Create file /etc/default/dumbproxy with following content:

OPTIONS=-auth basicfile://?path=/etc/dumbproxy.htpasswd -autocert -bind-address :443

Place following content info file /etc/systemd/system/dumbproxy.service:

[Unit]
Description=Dumb Proxy
Documentation=https://github.com/Snawoot/dumbproxy/
After=network.target network-online.target
Requires=network-online.target

[Service]
EnvironmentFile=/etc/default/dumbproxy
User=root
Group=root
ExecStart=/usr/local/bin/dumbproxy $OPTIONS
TimeoutStopSec=5s
PrivateTmp=true
ProtectSystem=full
LimitNOFILE=20000

[Install]
WantedBy=default.target

Finally, apply systemd configuration:

systemctl daemon-reload

Step 4. Run dumbproxy

Enable autostart:

systemctl enable dumbproxy

Start service:

systemctl start dumbproxy

You can test if proxy is operational using this command:

curl -x https://USERNAME:PASSWORD@DOMAIN http://ifconfig.co

It should output server's IP address.

Done. You may proceed to setting up your clients to use your proxy.

Clone this wiki locally