2016-03-29 03:41:47 +00:00
Compy
=====
Compy is an HTTP/HTTPS forward proxy with content compression/transcoding capabilities.
One use case is to reduce bandwidth usage when browsing on limited mobile broadband connection.
Features:
---------
- HTTPS proxy (encrypted connection between client and proxy)
- man in the middle support (compress HTTPS traffic)
2017-01-17 00:35:53 +00:00
- HTTP2 support (over TLS)
2017-01-13 07:17:24 +00:00
- Brotli and gzip compression
2017-01-17 00:35:53 +00:00
- transcode animated GIFs to static images
- transcode JPEG images to desired quality using libjpeg
2017-01-15 03:26:45 +00:00
- transcode PNG and JPEG images to WebP
2017-01-17 00:35:53 +00:00
- HTML/CSS/JavaScript minification
2016-03-29 03:41:47 +00:00
Installation
------------
2017-01-17 00:35:53 +00:00
```
go get github.com/barnacs/compy
```
2016-03-29 03:41:47 +00:00
### HTTPS
To use the proxy over HTTPS, you will need a certificate for your host. If you don't already have one, you can get one for [free ](https://letsencrypt.org/ ) or you can generate a self-signed cert by running:
2016-03-29 11:21:37 +00:00
```
2017-01-17 00:35:53 +00:00
openssl req -x509 -newkey rsa:2048 -nodes -keyout cert.key -out cert.crt -days 3650 -subj '/CN=< your-domain > '
```
then visit the proxy URL and confirm that you trust your own certificate
To connect to the proxy over TLS, you will need to supply a PAC (proxy auto-config) file to the browser, as most of them do not expose this option to the UI directly. Example:
```javascript
2016-03-29 11:21:37 +00:00
function FindProxyForURL(url, host) {
if (url.substring(0, 5) == 'http:' || url.substring(0, 6) == 'https:') {
return "HTTPS < your-domain > :9999";
}
return "DIRECT";
}
```
2017-01-17 00:35:53 +00:00
This tells the browser to fetch HTTP and HTTPS URLs via the HTTPS proxy and for all other schemas, e.g., WebSocket, connect directly.
2016-03-29 11:21:37 +00:00
Set the path to this file in the browser UI and you're good to go.
2016-03-29 03:41:47 +00:00
### MitM
To enable man-in-the-middle support, you will need to generate a root cert to sign all the certs generated by the proxy on the fly:
2017-01-17 00:35:53 +00:00
```
openssl req -x509 -newkey rsa:2048 -nodes -keyout ca.key -out ca.crt -days 3650 -subj '/CN=< your-domain > '
```
2016-03-29 03:41:47 +00:00
and add it to your client (browser) as a trusted certificate authority
Usage
-----
To run a simple http forward proxy:
2017-01-17 00:35:53 +00:00
```
compy
```
2016-03-29 03:41:47 +00:00
2017-01-17 00:35:53 +00:00
To run it over TLS:
```
compy -cert cert.crt -key cert.key
```
2016-03-29 03:41:47 +00:00
With man in the middle support:
2017-01-17 00:35:53 +00:00
```
compy -ca ca.crt -cakey ca.key
```
2016-03-29 03:41:47 +00:00
2017-01-17 00:35:53 +00:00
Probably the best option is to run it with both TLS and MitM support, combining the two:
```
compy -cert cert.crt -key cert.key -ca ca.crt -cakey ca.key
```
2016-03-29 03:41:47 +00:00
You can also specify the listen port (defaults to 9999):
2017-01-17 00:35:53 +00:00
```
compy -host :9999
```
2016-03-29 03:41:47 +00:00
For compression, transcoding and minification options, see `compy --help`
2017-01-17 00:35:53 +00:00
References
----------
* [Google Flywheel ](https://www.usenix.org/conference/nsdi15/technical-sessions/presentation/agababov ) - NSDI 2015 paper discussing techniques used by Chrome data saver
* [Mozilla Janus ](https://wiki.mozilla.org/Mobile/Janus ) - now-defunct experiment similar to compy
* [Ziproxy ](https://en.wikipedia.org/wiki/Ziproxy ) - older approach similar to compy
2016-03-29 03:41:47 +00:00
Credits
-------
2016-03-29 11:21:37 +00:00
https://github.com/pixiv/go-libjpeg
2016-03-29 03:41:47 +00:00
https://github.com/tdewolff/minify
License
-------
ISC, see LICENSE