One thing that OpenBSD doesn’t provide (yet?) is an HTTP proxy. I use [Plausible1 for basic visitor analytics 2 here, and one of the cool things you can do is to break all adblockers via serving Plausible from my own domain3

After two evenings of failed attempts, I reminded myself that I am a programmer, and I wrote one myself. You can find it on my [no longer available]. It was a great learning exercise and a chance to touch Golang4 for the first time.

Assuming you have it running (it works on my machine!), let’s adjust our relayd(8). Plaprox listens on port 9090, and we want to relay all requests to /js/script.js there.

Let’s add it to our relays in relayd.conf:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20

table <plausibleproxyd> { 127.0.0.1 }

http protocol "https" {
   # all our previous content omitted
    match request quick path "/js/script.js"  forward to <plausibleproxyd>
    match request quick path "/api/event"  forward to <plausibleproxyd>
}

relay "https" {
    listen on 0.0.0.0 port 443 tls
    protocol https
    forward to <httpd> port 8080
    forward to <plausibleproxyd> port 9090
}
relay "https6" {
    listen on :: port 443 tls
    protocol https
    forward to <httpd> port 8080
    forward to <plausibleproxyd> port 9090
}

You can also move the port number to a table.

Remember that in Relayd(8) last one wins. We already have a match for the domain and added another matcher for the path. The request will be forwarded to the last marching matcher - so we put our new matchers at the end of the protocol definition.

Updates

2023-07-28: remove wrong information abot PF. 2023-07-30: fix invalid cron format 2023-12-12: extracted to a dedicated article

  1. this is no longer the case ↩︎

  2. Yes, I want to know what people are reading! For details, refer to my two sence long privacy policy↩︎

  3. yes, it’s a dick move. But my reasoning was simple: Plausible gathers so little information that the harm is almost nonexistent, and I really want to know what people are reading. ↩︎

  4. I am a Ruby developer by trade and heart, but I will try anything that is not an IDE-driven language. LSP for Java/Scala is still a joke, and I refuse to pollute my system with Intellij. [[https://go.dev/][Go][, on the other hand, is a modern language designed for humans. I am not good at it, but I am infinitetly5 better than a week ago. ↩︎

  5. Any positive number would be infinite progress compared to zero, or as an old wise man once said: “to have a nickel and to not a nickel is already two nickles”. ↩︎