Description

Provides a forwarding HTTPS server which transparently fetches and caches certificates via Let's Encrypt. This must run on 443 and 80 (http:// just forwards to https://, no forwarding happens unencrypted) and can't coexist with any other web server on your machine.

Why? This is so you can host random and long-lived services publicly on the internet—perfect for other services which are served on http://, don't care about certificates or HTTPS at all, and might be provided by Node or Go on a random high port (e.g., some dumb service running on localhost:8080).

Note! This doesn't magic up domain names. You would use this service only if you're able to point DNS records to the IP address of a machine you're running this on, and that the machine is able to handle incoming requests on port 443 and 80 (e.g., on a home network, you'd have to set up port forwarding on your router).

Configure this via /var/snap/https-forward/common/config, which is empty after install. It should be authored like this:

# hostname            forward-to          optional-basic-auth
host.example.com      localhost:8080
blah.example.com      192.168.86.24:7999  user:pass
user-only.example.com localhost:9002      user       # accepts any password

# Specify host with '.' to suffix all following
.example.com
test                  localhost:9000
under-example         any-hostname-here.com:9000

# Clear the current suffix with a single "." (otherwise below would be "*.example.com.example.com")
.

# You can include ? or * to glob-match domain parts (this does NOT match "-")
*.example.com         localhost:9000
test-v?*.example.com  localhost:9999    # matches "test-v1", "test-v100", but NOT "test-v" or "test-vx-123"

# serves a blank dummy page (but generate https cert, perhaps as a placeholder)
serves-nothing.example.com

(example.com used above purely as an example. You'd replace it with a domain name you controlled, preferably with a wildcard DNS (https://en.wikipedia.org/wiki/Wildcard_DNS_record) record like *.example.com.)

Restart with snap restart https-forward to reread the config file (or try killall -SIGHUP https-forward to signal it instead). You can read logs to ensure that the file has been parsed properly:

sudo journalctl -f -u snap.https-forward.https-forward

Screenshots

Get it from the Snap Store

Search for another snap, or go back to the homepage.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙