Reverse proxy server usign Node.js.
Before starting the server, there are a few steps you need to complete.
1️⃣ Setup .env file:
SSL_KEY="PATH/TO/SSL_KEY"
SSL_CERT="PATH/TO/SSL_CERTIFICATE"
2️⃣ Setup list.json file:
[
{
"name": "",
"protocol": "",
"port": 8000,
"host": [ "HOSTNAME" ],
"forward": {
"address": "HOSTNAME",
"port": 8000
}
},
]name(optional): Before starting the server, there are a few steps you need to complete.protocol: Canbahttp,httpsortcp.port: The port on which the reverse proxy listens.host: An array of hostnames that the proxy should handle.forward: The destination server details.
Example:
[
{
"name": "Chat Server",
"protocol": "tcp",
"port": 8000,
"host": [ "your.domain.com", "www.domain.com", "my.domain.com" ],
"forward": {
"address": "your-server.local",
"port": 3000
}
},
{
"protocol": "https",
"port": 8001,
"host": [ "domain.com" ],
"forward": {
"address": "your-web-server.local",
"port": 3000
}
},
{
"protocol": "tcp",
"port": 8002,
"host": "*",
"forward": {
"address": "your-web-db.local",
"port": 3000
}
}
]Explaination:
- Requests to
your.domain.com:8000,www.domain.com:8000, ormy.domain.com:8000will be forwarded toyour-server.local:3000over TCP. - Requests to
domain.com:8001over HTTPS will be forwarded toyour-web-server.local:3000over HTTP. - Requests to every doamin in port
:8002will be forwarded toyour-web-db.local:3000over TCP.
After cloning this project, follow these steps:
1️⃣ Navigate to the project directory:
cd reverse-proxy2️⃣ Install dependencies:
npm install3️⃣ Start the server:
npm startYou can run this reverse proxy inside a Docker container using either the Docker CLI or Docker Compose.
When running in Docker, you need to ensure the container can access your configurations and certificates, and that ports are mapped correctly.
The container needs to expose the ports you configured in list.json.
- If you configured a proxy on ports
80and443, you must map these ports from your host to the container.
Since the container is isolated, any local SSL certificate paths on your host won't work out-of-the-box inside the container. You must mount the certificates into the container.
- For example, if your certificates are on the host at
/etc/letsencrypt/live/example.com/, you can mount them to/usr/src/app/certs/inside the container. - Set the paths in your
.envfile relative to the container directory:SSL_KEY="/usr/src/app/certs/privkey.pem" SSL_CERT="/usr/src/app/certs/fullchain.pem"
- Open docker-compose.yml and configure your ports and volumes.
- Mount your SSL certificate directory if using HTTPS:
services:
reverse-proxy:
build: .
container_name: reverse-proxy
restart: unless-stopped
ports:
# Map all ports configured in your list.json
- "80:80"
- "443:443"
- "8000:8000"
volumes:
# Mount list.json to update rules without rebuilding the image
- ./list.json:/usr/src/app/list.json
# Mount your .env file
- ./.env:/usr/src/app/.env
# Mount SSL certificates from host to container (read-only)
- /path/to/host/certs:/usr/src/app/certs:ro- Start the container in detached mode:
docker compose up -d- View logs:
docker compose logs -fYou can pull and run the pre-built image directly from GitHub Container Registry (GHCR). This uses host network mode and mounts your local configuration folder:
docker run -d --name reverse-proxy --restart unless-stopped --network host -v $(pwd)/config:/usr/src/app/config:ro ghcr.io/banktnbd/reverse-proxy:latest-
Build the Docker Image:
docker build -t node-reverse-proxy . -
Run the Container: Map the ports and mount
list.json,.env, and your SSL certs folder:docker run -d \ --name reverse-proxy \ --restart unless-stopped \ -p 80:80 \ -p 443:443 \ -p 8000:8000 \ -v $(pwd)/list.json:/usr/src/app/list.json \ -v $(pwd)/.env:/usr/src/app/.env \ -v /path/to/host/certs:/usr/src/app/certs:ro \ node-reverse-proxy