tlsgate

TLS reverse proxy
git clone git://git.akobets.xyz/tlsgate
Log | Files | Refs | README | LICENSE

commit 6e1afccf3970d51d3dd5b23f9b3ca2044da6e8d2
parent 57c77b1eb423b0b09282f9eea09384593437bf2c
Author: Artem Kobets <artem@akobets.xyz>
Date:   Thu, 24 Sep 2020 16:49:40 +0300

documentation

Diffstat:
MREADME | 44++++++++++++++++++++++++++++++++------------
Mtlsgate.1 | 14+++++++++-----
2 files changed, 41 insertions(+), 17 deletions(-)

diff --git a/README b/README @@ -1,7 +1,11 @@ tlsgate ------- -TLS reverse proxy for unencrypted connections. -Can be used to set up an HTTPS connection for an HTTP server. +TLS reverse proxy. +It takes incoming client connections and redirects them to a server, like so: + + client -> proxy -> server + +It can be configured which side of the connection uses TLS: client or server. Dependencies @@ -14,17 +18,28 @@ Install make install -Example +Examples ------- -# accept connections on port 443 -# and pass them to a local http server on port 80 -tlsgate \ - -c /etc/path/to/cert/cert.pem \ - -k /etc/path/to/key/key.pem \ - -h 0.0.0.0 \ - -p 443 \ - -H 0.0.0.0 \ - -P 80 +Setup an HTTPS server: accept connections on port 443 and pass them to a local http server on port 80. + + tlsgate \ + -s \ + -h 0.0.0.0 \ + -p 443 \ + -H 0.0.0.0 \ + -P 80 \ + -c /etc/path/to/cert/cert.pem \ + -k /etc/path/to/key/key.pem + +Use TLS with an IRC client that does not support it (client is connecting to /tmp/irc.sock). +Timeout is set to 0 so proxy does not timeout. + + tlsgate \ + -S \ + -u /tmp/irc.sock \ + -H irc.server.com \ + -P 6697 \ + -t 0 Credits @@ -37,4 +52,9 @@ tlsgate was initially made to make HTTPS work with quark. Thanks to LibreSSL/libtls developers for a great tls library. +Author +----- +Artem Kobets <artem@akobets.xyz> + + See man page for details. diff --git a/tlsgate.1 b/tlsgate.1 @@ -7,8 +7,12 @@ tlsgate - TLS reverse proxy [-c cert] [-k key] [-C ca] [-t timeout] [-v] .SH DESCRIPTION .B tlsgate -is a TLS reverse proxy which can be used to expose an unencrypted connection. -For example, to set up an HTTPS connection for an HTTP server. +is a TLS reverse proxy. +It takes incoming client connections and redirects them to a server, like so: + + client -> proxy -> server + +It can be configured which side of the connection uses TLS: client or server. .SH OPTIONS .TP .B -s @@ -57,12 +61,12 @@ Accept connections on port 443 and pass them to a local http server on port 80. .PP tlsgate \\ -s \\ - -c /etc/path/to/cert/cert.pem \\ - -k /etc/path/to/key/key.pem \\ -h 0.0.0.0 \\ -p 443 \\ -H 0.0.0.0 \\ - -P 80 + -P 80 \\ + -c /etc/path/to/cert/cert.pem \\ + -k /etc/path/to/key/key.pem .PP Use TLS with an IRC client that does not support it (client is connecting to /tmp/irc.sock). Timeout is set to 0 so proxy does not timeout.