Local HTTPS development proxy with subdomain routing and request inspection.
devproxy provides trusted HTTPS access to multiple local services through subdomain routing. It wraps mitmproxy to deliver a simple YAML-configured proxy that eliminates browser security warnings and enables cookie sharing across local services.
- Trusted HTTPS locally - No browser warnings using mkcert certificates
- Subdomain routing -
app.local.stridelabs.ai→localhost:3000 - Single configuration - One YAML file defines all service routing
- Request inspection - Built-in web UI for debugging HTTP traffic
- Process manager integration - Works with Procfile/honcho workflows
Install mkcert for certificate generation:
# macOS
brew install mkcert
# Linux (Debian/Ubuntu)
sudo apt install mkcert
# Linux (Arch)
sudo pacman -S mkcertInstall the CA certificate (one-time setup):
mkcert -install# Using uv (recommended)
uv tool install devproxy
# Or install from source
git clone https://github.com/charliek/devproxy.git
cd devproxy
uv sync- Create a configuration file:
devproxy init --domain local.stridelabs.ai- Edit
devproxy.yamlwith your services:
domain: local.stridelabs.ai
services:
app: 3000 # https://app.local.stridelabs.ai
api: 8000 # https://api.local.stridelabs.ai
admin: 3001 # https://admin.local.stridelabs.ai
proxy:
https_port: 6789
web_ui_port: 8081-
DNS Setup: Configure your domain to resolve to localhost. Options:
Option A: Wildcard DNS (Recommended)
Add a DNS record:
*.local.yourdomain.com → 127.0.0.1Option B: Hosts file
sudo devproxy hosts --add
-
Start the proxy:
devproxy upAccess your services at:
| Command | Description |
|---|---|
devproxy up |
Start the proxy server |
devproxy init |
Create a new configuration file |
devproxy status |
Show configuration and status |
devproxy certs |
Manage TLS certificates |
devproxy hosts |
Manage /etc/hosts entries |
devproxy version |
Show version information |
# Start with verbose logging
devproxy up -v
# Use custom config file
devproxy up -c myconfig.yaml
# Override port (use 443 for clean URLs, requires sudo)
sudo devproxy up --port 443
# Disable web UI
devproxy up --no-web-ui# Base domain for all services
domain: local.stridelabs.ai
# Service definitions
services:
# Simple syntax (port only)
app: 3000
# Extended syntax
api:
port: 8000
host: localhost
enabled: true
# Proxy settings
proxy:
https_port: 6789 # HTTPS listen port
web_ui_port: 8081 # mitmproxy web UI port (null to disable)
web_ui_host: 127.0.0.1 # Web UI bind address
# Certificate settings
certs:
cert_dir: ~/.devproxy/certs
auto_generate: true
# Or use custom certificates:
# cert_file: /path/to/cert.pem
# key_file: /path/to/key.pemOverride any setting with DEVPROXY_ prefix:
export DEVPROXY_DOMAIN=local.example.com
export DEVPROXY_PROXY__HTTPS_PORT=443
export DEVPROXY_VERBOSE=trueRun devproxy alongside your services:
proxy: devproxy up --no-web-ui
web: npm run dev
api: python manage.py runserver 8000honcho startSee docs/troubleshooting.md for common issues:
- Certificate and browser trust issues
- Port binding permissions
- Connection refused errors
- Cookie/session problems
# Clone the repository
git clone https://github.com/charliek/devproxy.git
cd devproxy
# Install dev dependencies
uv sync --extra dev
# Install pre-commit hooks
uv run pre-commit install# Run all linting checks
uv run ruff check .
uv run ruff format --check .
uv run pyrefly check
# Auto-fix issues
uv run ruff check --fix .
uv run ruff format .uv run pytestBrowser ──HTTPS──▶ devproxy (port 6789) ──HTTP──▶ localhost:3000 (app)
│ ──▶ localhost:8000 (api)
│ ──▶ localhost:3001 (admin)
│
└──▶ Web UI (port 8081) for request inspection
- DNS resolves
*.local.stridelabs.aito127.0.0.1 - Browser connects to devproxy over HTTPS
- devproxy terminates TLS using mkcert certificates
- Routes request to the appropriate local service based on subdomain
- Returns response to browser
MIT