Skip to content

Quick deployment

Jump to bottom
Snawoot edited this page Jan 4, 2025 · 22 revisions

This guide explains deployment of secure (HTTP-over-TLS) proxy server on any mainstream Linux distro. This guide only assumes curl utility is present on server and you have a root shell. Make sure no errors reported on each step before proceeding to next one.

Step 1. Attach the domain name

Domain is needed for smooth TLS operation. You can either get (buy) some domain and attach it to IP address of your VPS, or use some free domain service. In later case, parent domain of your domain has to be listed in the public suffix list. Otherwise there may be problems with Let's Encrypt rate limits for top domain of that service. This guide we use free domain service freemyip.com, which gives free domain to user without any registration.

  1. Visit page https://freemyip.com/.
  2. Pick some nice-looking domain name and claim it.
  3. Save that URL which you'll get back.
  4. Issue following command on your server: curl 'URL' where URL is that url you've got from freemyip. Note that single quotes around URL!

You may check if this step was a success: ping domain name, it should resolve to IP address of your VPS. If it's not happening, wait couple of minutes and retry.

Step 2. Install dumbproxy

Assuming amd64 processor architecture, for other cases get binary here. Run command:

curl -Lo /usr/local/bin/dumbproxy \
	'https://github.com/SenseUnit/dumbproxy/releases/download/v1.20.1/dumbproxy.linux-amd64' \
	&& chmod +x /usr/local/bin/dumbproxy

Check if installation was successful. Command /usr/local/bin/dumbproxy -version should output v1.20.1.

Step 3. Configure dumbproxy

Create password file. Run following command, replacing USERNAME and PASSWORD with actual desired values:

dumbproxy -passwd /etc/dumbproxy.htpasswd USERNAME PASSWORD

Configure dumbproxy. Create file /etc/default/dumbproxy with following content:

OPTIONS=-auth basicfile://?path=/etc/dumbproxy.htpasswd -autocert -bind-address :443

Place following content info file /etc/systemd/system/dumbproxy.service:

[Unit]
Description=Dumb Proxy
Documentation=https://github.com/SenseUnit/dumbproxy/
After=network.target network-online.target
Requires=network-online.target

[Service]
EnvironmentFile=/etc/default/dumbproxy
User=root
Group=root
ExecStart=/usr/local/bin/dumbproxy $OPTIONS
TimeoutStopSec=5s
PrivateTmp=true
ProtectSystem=full
LimitNOFILE=20000

[Install]
WantedBy=default.target

Finally, apply systemd configuration:

systemctl daemon-reload

Step 4. Run dumbproxy

Enable autostart:

systemctl enable dumbproxy

Start service:

systemctl start dumbproxy

You can test if proxy is operational using this command:

curl -x https://USERNAME:PASSWORD@DOMAIN https://api.ipify.org ; echo

It should output server's IP address.

Done. You may proceed to setting up your clients to use your proxy.

Clone this wiki locally