Setting up a proxy on your Raspberry Pi

The Solution

Step 1. Set up SSH as a Socks Proxy running as a Service

sudo systemctl edit --force --full socksproxy.service
[Unit]
Description=My Socks Proxy
Wants=network-online.target
After=network-online.target
[Service]
User=pi
WorkingDirectory=/home/pi
ExecStart=/usr/bin/ssh -o ServerAliveInterval=60 -nNT -D 0.0.0.0:8000 127.0.0.1
RestartSec=5
Restart=always
[Install]
WantedBy=graphical.target
  1. Be sure to change the user (pi), home folder (/home/pi) to match your user.
  2. The main difference with the solution in the article is that I added RestartSec=5 and Restart=always, this because the service will not work if this runs before the network is available, in my case, network-online.target did not work, I tried other options like network.target, but it did not work either, maybe because I was using WiFi and not ethernet, in the end, the simplest solution was to add the retry options.
sudo systemctl enable socksproxy.service
sudo systemctl start socksproxy.service
systemctl status socksproxy.service
sudo systemctl edit --full socksproxy.service
sudo systemctl daemon-reload
sudo systemctl restart socksproxy.service

Step 2. Set up Nginx

sudo apt-get install nginx
ip -br -4 addr
lo               UNKNOWN        127.0.0.1/8 
wlan0 UP 10.66.77.100/24
nginx welcome message

Step 3. Create your proxy.pac file

  1. Your Raspberry Pi IP is 10.66.77.100, and the socks proxy is running in port 8000
  2. That you want to route traffic going to grafana.some.place.in.aws.com, in this case, a specific domain
  3. That you want to route all sub-domains of .company.internal, for example, git.company.internal or jira.tools.company.internal
sudo nano /var/www/html/proxy.pac
function FindProxyForURL(url, host){
if(
dnsDomainIs(host, 'grafana.some.place.in.aws.com') ||
dnsDomainIs(host, '.company.internal')
){
return 'SOCKS 10.66.77.100:8000';
}
return 'DIRECT';
}
|| dnsDomainIs(host, ‘{domain}’)
sudo nano /etc/nginx/mime.types
application/x-ns-proxy-autoconfig     pac;
sudo /etc/init.d/nginx restart
curl -v http://10.66.77.100/proxy.pac
* Expire in 0 ms for 6 (transfer 0x5a0880)
* Trying 10.66.77.100...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x5a0880)
* Connected to 10.66.77.100 (10.66.77.100) port 80 (#0)
> GET /proxy.pac HTTP/1.1
> Host: 10.66.77.100
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.14.2
< Date: Sun, 19 Jan 2020 03:39:03 GMT
< Content-Type: application/x-ns-proxy-autoconfig
< Content-Length: 221
< Last-Modified: Thu, 28 Nov 2019 07:39:25 GMT
< Connection: keep-alive
< ETag: "5ddf79ad-dd"
< Accept-Ranges: bytes
<
function FindProxyForURL(url, host){
if(
dnsDomainIs(host, 'grafana.some.place.in.aws.com') ||
dnsDomainIs(host, '.company.internal')
){
return 'SOCKS 10.66.77.100:8000';
}

return 'DIRECT';
}
* Connection #0 to host 10.66.77.100 left intact

Step 4. Set up the proxy file in Windows

Search for proxy settings
Proxy settings window

Step 5. Solve DNS problems

This site can’t be reached error
dig +short jira.company.internal
10.10.1.6 jira.company.internal

Notes

--

--

--

I’m passionate about building great teams and ship game-changing products. http://pedrofuentes.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Publish files to Cornell Box from your application

[Xcode]排除 ”this class is not key value coding-compliant for the key xxx.” 錯誤訊息

Sentry Real-Time Error Tracking

Which API Can Classify A Website Through The IAB Categories?

Update on Adadex Tools Project Development

Upgrade Your GitHub README.md

What I learnt in first two years of Agile Implementation

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Pedro Pablo Fuentes Schuster

Pedro Pablo Fuentes Schuster

I’m passionate about building great teams and ship game-changing products. http://pedrofuentes.com

More from Medium

How to install Linux bash shell on Windows 10

Cancel a terminal command during preexec ZSH function

Setup guide and introduction for Zsh and Oh-My-Zsh in Ubuntu(Include Powerlevel10k)

A schematic diagram for an architecture of operating system.

Linux Upskill Challenge — Day 13