Simple HTTPs reverse proxy for an http backend server
go get -u github.com/rydz/ssl-reverse-proxy
If this proxy is the first in your chain, you should enable the -strip-forwarded-for flag which will strip incoming X-Forwarded-For headers from the incoming requests.
X-Forwarded-For headers allow servers behind proxies to know the origin IP address of the request.
ssl-reverse-proxy \
-target "http://localhost:8080" \
-strip-forwarded-for \
-cert "certificate.crt" \
-key "key.key" \| Flag | Default | Description |
|---|---|---|
| u | :80 | address to bind to on upgrade server |
| a | :443 | address to bind to on HTTPs server |
| cert | cert.crt | location of certificate file |
| key | key.key | location of key file |
| strip-forwarded-for | false | strip existing forwarded for headers to prevent spoofing |
| formatter | text | logrus formatted for logs, one of 'text' or 'json' |
| color | false | enable color in the text formatter |
docker build -t reverse-proxy .
docker run \
--network=webappnetwork \
-e "TARGET=http://webapp" \
-p "80:80" \
-p "443:443" \
-v "./certs":"/var/certs/" \
-d \
--name reverse-proxy \
reverse-proxyEnvironment variables
TARGET http://webapp:8080
Location of target server
Location of certificate file
Location of key file
Port to host upgrade server on.
Port to host SSL server on
Strip the list of IPs from incoming X-Forwarded-For headers to prevent spoofing