Trooper.AI Web Proxy Template

Securing your connection to your GPU server is a key consideration for every developer. Ensuring your work is accessible while maintaining security is important as you develop the next big AI thing!

Simple, Secure Exposure of an Internal Service to the Internet

This template provides a lightweight way for clients to expose an internal service (HTTP or WebSocket) to the public internet through the Trooper.AI router system. It automatically creates a secure HTTPS endpoint with a free SSL certificate, while forwarding traffic to any internal port on the client’s machine.

The goal is simplicity: install a small proxy, specify two ports, and instantly get a secure, externally reachable URL.

All traffic from the Webproxy’s SSL Endpoint to your machine’s public port is routed internally, completely bypassing the internet. This is a significant security advantage of Trooper.AI.

Key Features

1. Public HTTPS Endpoint

Your internal service becomes available under a *.secure.trooper.ai subdomain, routed through the Trooper.AI infrastructure with automatic SSL certificates.

2. Full WebSocket Support

The template forwards both standard HTTP traffic and WebSocket connections without additional configuration.

3. Optional Password Protection

If a username and password are provided, the endpoint is secured with Basic Auth. Leaving both values empty disables authentication.

4. Clean and Minimal Setup

The configuration generates a dedicated proxy endpoint, listens on a chosen port, and forwards everything to your internal service.

How It Works

Inputs

Example config
Example config

You only set template configuration before installation.

The external port will be assigned automatically and displayed next to the template name, just like with other templates.

Internal Flow

  1. Nginx is installed (including htpasswd support).
  2. If authentication is enabled, a password file is created.
  3. A proxy configuration is placed under /etc/nginx/sites-available/trooperai-webproxy-<external_port>
  4. The config forwards all incoming traffic to http://127.0.0.1:<internal_port>.
  5. WebSocket upgrade headers are automatically passed through.
  6. Nginx is reloaded and the endpoint becomes active.

Free SSL Certificate included

Once active, Trooper.AI’s router detects the exposed port, issues a free SSL certificate, and publishes your secure endpoint.

Example Result

Given a Trooper.AI-assigned domain such as:

Code 
myapp123-husky-delta.secure.trooper.ai

and a publicly available port within your configured range (e.g., 12345), with an internal service listening on port 8080,

the connection flow will be: 8080 -> 12345 -> https://myapp123-husky-delta.secure.trooper.ai.

This securely forwards traffic from the public HTTPS endpoint to your internal service.