All source listed below is under MIT license if no LICENSE file stating different is available.

rproxy

rproxy is a high-performance reverse proxy server written in C. It routes HTTP and WebSocket requests to upstream services based on hostname, with support for SSL/TLS termination and connection pooling.

Features

  • Reverse proxy routing by hostname
  • SSL/TLS support for upstream connections with certificate verification
  • WebSocket proxying
  • Connection pooling and idle timeout management
  • Real-time monitoring and statistics
  • Web-based dashboard for metrics visualization
  • SQLite-based persistent statistics storage
  • Epoll-based event handling for high concurrency
  • Graceful shutdown with connection draining
  • Live configuration reload via SIGHUP
  • Dashboard authentication (HTTP Basic Auth)
  • Rate limiting per client IP
  • Health checks for upstream servers
  • Automatic upstream connection retries
  • File logging support

Dependencies

  • GCC
  • OpenSSL (libssl, libcrypto)
  • SQLite3
  • pthreads
  • cJSON library

Build

make

This compiles the source files in src/ and produces the rproxy executable.

Configuration

Configuration is defined in proxy_config.json:

{
  "port": 9998,
  "reverse_proxy": [
    {
      "hostname": "example.com",
      "upstream_host": "127.0.0.1",
      "upstream_port": 5000,
      "use_ssl": false,
      "rewrite_host": true
    }
  ]
}
  • port: Listening port for incoming connections
  • reverse_proxy: Array of routing rules
    • hostname: Host header to match for routing
    • upstream_host: Target server hostname/IP
    • upstream_port: Target server port
    • use_ssl: Enable SSL for upstream connection
    • rewrite_host: Rewrite Host header to upstream hostname

Environment Variables

Variable Description
DEBUG Enable debug logging (set to 1)
LOG_FILE Path to log file (default: stdout)
RATE_LIMIT Max requests per minute per IP
DASHBOARD_USER Dashboard authentication username
DASHBOARD_PASS Dashboard authentication password
SSL_VERIFY Disable SSL verification (set to 0)
SSL_CA_FILE Path to custom CA certificate file
SSL_CA_PATH Path to CA certificate directory

Usage

./rproxy [config_file]

If no config file is specified, defaults to proxy_config.json.

Examples:

# Basic usage
./rproxy

# With custom config
./rproxy /etc/rproxy/config.json

# With debug logging
DEBUG=1 ./rproxy

# With file logging
LOG_FILE=/var/log/rproxy.log ./rproxy

# With rate limiting (100 requests/minute)
RATE_LIMIT=100 ./rproxy

# With dashboard authentication
DASHBOARD_USER=admin DASHBOARD_PASS=secret ./rproxy

# Reload configuration
kill -HUP $(pidof rproxy)

Endpoints

  • Dashboard: http://localhost:{port}/rproxy/dashboard
  • API Stats: http://localhost:{port}/rproxy/api/stats

Signals

Signal Action
SIGINT Graceful shutdown
SIGTERM Graceful shutdown
SIGHUP Reload configuration

Architecture

  • main.c: Entry point, event loop, signal handling
  • connection.c: Connection management, epoll handling
  • http.c: HTTP request/response parsing
  • ssl_handler.c: SSL/TLS connection handling
  • monitor.c: System and per-vhost statistics collection
  • dashboard.c: Web dashboard generation
  • config.c: JSON configuration parsing
  • buffer.c: Circular buffer implementation
  • logging.c: Logging utilities
  • rate_limit.c: Per-IP rate limiting
  • auth.c: Dashboard authentication
  • health_check.c: Upstream health monitoring

Testing

make test

Runs unit tests for core components.

.gitea/workflows
src
tests
.gitignore
cJSON.c
cJSON.h
Makefile
README.md
rproxy.c