Guide on how to run the boringproxy server as a service

Self-hosted Applications
1

A quick how to on start the boringproxy server as a service.
(Same goes for client)
Probably 101 stuff but took me a bit of fiddling to get right.
I guess boringproxy users was a easy /boring experience so hope this helps.

On a vps running debian 11/ubuntu .
Assumes a password set for root (su passwd) so su works.

#created a user for boring proxy:
#add user boringproxy
adduser boringproxy
#for better way see comment below about
useradd -M -r -s /bin/false -c "boringproxy system user" boringproxy

#become user and cd to home dir
su boringproxy
cd

#install boring proxy in home dir /home/boringproxy/boringproxy-linux-x86_64 server -for example
#get BP
curl -LO https://github.com/boringproxy/boringproxy/releases/download/v0.10.0/boringproxy-linux-x86_64
#Make executable
chmod +x boringproxy-linux-x86_64
#Allow binding to ports 80 and 443
su /usr/sbin/setcap cap_net_bind_service=+ep boringproxy-linux-x86_64 exit
#Create an .ssh dir for boring proxy:

mkdir ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

#Configure boring proxy to run as a service as bop:

su
cd /etc/systemd/system/
touch boringproxy.service
nano boringproxy.service

#in the newly created file add:

[Unit]
Description=Boring Proxy service
After=network.target
StartLimitIntervalSec=0
[Service]
AmbientCapabilities=CAP_NET_BIND_SERVICE
Type=simple
Restart=always
RestartSec=1
User=bop
WorkingDirectory=/home/boringproxy
ExecStart=/home/boringproxy/boringproxy-linux-x86_64 server -admin-domain bop.domainname.com

[Install]
WantedBy=multi-user.target

#Note: without WorkingDirectory boring proxy can’t load the config

#test buy starting and stopping
systemctl start boringproxy
#access https://bop.domainname.com
systemctl stop boringproxy

#to start automatically:
systemctl enable boringproxy
#reboot and test - done

#To debug follow your log:
tail -f /var/log/daemon.log

#token will be in:
cat /home/boringproxy/boringproxy_db.json

I noticed my tunnel fails sometime like if the internet conenction restarts.

So here’s a working attempt at a monitoring script.

if curl -s -u user:password -I https://tunnel.bopdomain.com/ | head -n 1 | grep "HTTP/2 502" > /dev/null; then 
#boringproxy tunnel is down
   systemctl restart boringproxy
fi

user and password are the boringproxy tunnel ones.
remove " -u user:password" if tunnel is not passworded.

Run above script via cron at your choosen interval.