NGRProxy is an OpenWrt/LuCI app that manages nginx reverse-proxy configuration via UCI with hardened defaults and DHCP-aware upstream selection.
- UCI-first OpenWrt model (
/etc/config/ngrproxy). - Per-host classes:
http_hostfor HTTP/TLS reverse proxies.stream_hostfor encrypted TCP passthrough (mail and similar protocols).
- Secure HTTPS upstream handling:
- requires SNI (
upstream_sni), - requires trusted CA bundle (
upstream_ca), - enforces verification for HTTPS backends.
- requires SNI (
- Upstream host dropdown populated from:
- static DHCP leases (
/etc/config/dhcp), - dynamic leases (
/tmp/dhcp.leases).
- static DHCP leases (
- LuCI preview helper with upstream URL + favicon thumbnail.
- Optional screenshot thumbnail endpoint integration via LuCI controller redirect.
- Per-host ACL controls for HTTP and stream hosts.
- Optional PROXY protocol support for stream listeners/upstreams.
- Legacy config migration utility (
/usr/libexec/ngrproxy/migrate.sh).
luci-app-ngrproxy/Makefileluci-app-ngrproxy/luasrc/controller/ngrproxy.lualuci-app-ngrproxy/luasrc/model/cbi/ngrproxy.lualuci-app-ngrproxy/root/etc/config/ngrproxyluci-app-ngrproxy/root/etc/init.d/ngrproxyluci-app-ngrproxy/root/usr/libexec/ngrproxy/render.shluci-app-ngrproxy/root/usr/share/rpcd/acl.d/luci-app-ngrproxy.json
- Add/copy
luci-app-ngrproxyinto your OpenWrt feed tree. - Run:
./scripts/feeds update -a./scripts/feeds install luci-app-ngrproxy
- Enable package in
make menuconfig. - Build and install package.
- Ensure nginx includes:
include /etc/nginx/conf.d/*.conf;inhttp {}include /etc/nginx/stream.d/*.conf;instream {}
- Configure hosts in LuCI and apply.
- Generated symlinks:
/etc/nginx/conf.d/zz-ngrproxy-generated.conf/etc/nginx/stream.d/zz-ngrproxy-generated.conf
- Optional global screenshot endpoint:
- Set
settings.thumbnail_endpointwith%splaceholder (URL-encoded upstream URL is substituted).
- Set
- Migration:
- Service startup runs legacy migration once, guarded by
/etc/ngrproxy/.migrated-v1.
- Service startup runs legacy migration once, guarded by