A monorepo with an iOS and MacOS client for NaiveProxy (Packet Tunnel + sing-box Libbox) and a run-and-forget server script using Caddy with the forwardproxy (naive) plugin.
TestFlight: Join the beta. Apple's App Store publication is pending.
| Directory | Purpose |
|---|---|
app/ |
NaiveVPN iOS app, tunnel extension, shared configuration code |
misc/ |
Split archive of Libbox.xcframework (restore into app/ — see below) |
server/ |
start_server.sh — install and run Caddy (naive forward proxy) on a Linux server |
- Obtain
Libbox.xcframeworkunderapp/— either build from source or restore from the archive inmisc/(the framework is not kept in git due to GitHub limits):
Build:
cd app
./Scripts/build_libbox.shRestore from misc/ (parts Libbox.xcframework.zip.aa, .ab, … are concatenated into one zip, then unpacked into app/):
# from the repository root
cat misc/Libbox.xcframework.zip.* > /tmp/Libbox.xcframework.zip
unzip -o /tmp/Libbox.xcframework.zip -d app
rm /tmp/Libbox.xcframework.zipMake it compatible with iOS builds:
./app/Scripts/libbox_flatten_framework.sh-
Open
NaiveVPN.xcodeprojin Xcode. -
Configure code signing.
-
Build and run on a physical device (Packet Tunnel does not work in the simulator).
The script targets Linux and must be run as root (sudo). It:
- checks that the domain resolves to the machine’s public IP;
- on first run, asks for the domain, Let’s Encrypt email, proxy login and password, and writes
/etc/caddy/Caddyfile; - downloads a static
index.html(thanks, Igor Sysoev!) and a Caddy binary with forwardproxy (naive) (the version I tested — and it works); - prints a share link and, if utilities are available, a QR code for import into a naive client;
- runs Caddy in the foreground (
exec).
Requirements: python3, tar, and for downloads curl or wget; for DNS checks dig, getent, or host.
Direct raw link (branch main):
https://raw.githubusercontent.com/ZonD80/naivetools/main/server/start_server.sh
Example:
mkdir -p ~/naive-server && cd ~/naive-server
wget -O start_server.sh "https://raw.githubusercontent.com/ZonD80/naivetools/main/server/start_server.sh"
chmod +x start_server.shscreen session so the process survives SSH disconnect:
screen -S naive-caddy
sudo ./start_server.shDetach from screen while leaving Caddy running: Ctrl+A, then D. Reattach: screen -r naive-caddy.
Before the first run, point the domain’s DNS A record at this server’s IP — the script verifies this.
cd naivetools/server
chmod +x start_server.sh
screen -S naive-caddy
sudo ./start_server.shThe naivetools directory is the repository after git clone https://github.com/ZonD80/naivetools.git.
On subsequent runs, if /etc/caddy/Caddyfile already exists, interactive prompts for domain and credentials are skipped — the existing configuration is used.
- NaiveProxy — original implementation.
- sing-box — Libbox (Packet Tunnel / gomobile build for iOS).
- forwardproxy (naive) — server side.
- nginx — excellent web server and typical default page; nginx serves roughly 70% of sites on the web (by share among web servers).
Android: you can use the Exclave client and the separate upstream Naive Proxy Plugin release (see the Download section in the Exclave repo).
If this project helped you, you can buy the author a coffee on Buy Me a Coffee.