A modern, feature-rich reverse proxy manager built with ASP.NET Core and YARP, designed to replace traditional proxy managers with a more intuitive and integrated experience. Finally a proxy manager for the casual home server operator.
Note: This project is in very early development. Features are actively being built and APIs may change significantly. Simply do not use for production yet.
- Build and automate ultra-slim Docker containers
- Create one-click deploy configurations for TrueNAS Scale, Unraid, etc.
- Implement automated testing suite
- Battle test in real-world environments
- Public release
YetAnotherProxyManager (YAPM) aims to provide enterprise-grade reverse proxy capabilities through a clean, user-friendly web interface. Built on Microsoft's YARP (Yet Another Reverse Proxy), it combines powerful routing features with automated LetsEncrypt SSL management, real-time analytics, and sophisticated access control-all in a single, self-contained application.
- Host-based routing - Route traffic by hostname to multiple upstream servers
- Path-based routing - Match and forward requests based on URL path prefixes
- Load balancing - Multiple strategies including round-robin, random, least requests, and power of two choices
- Custom headers - Inject or modify request and response headers per route
- Configurable timeouts - Granular control over connect, request, and response timeouts
- Retry policies - Automatic retries with configurable conditions
- Native TCP and UDP port forwarding
- Real-time http connection tracking and statistics
- Dynamic configuration updates without restart
- Configurable buffer sizes and timeouts
- Let's Encrypt integration - Automated ACME-based certificate provisioning
- SNI support - Dynamic certificate selection per hostname
- Auto-renewal - Background service monitors and renews certificates before expiry
- Custom certificates - Support for self-signed or externally managed certificates
A sophisticated multi-layer filtering system with support for:
| Filter Type | Capabilities |
|---|---|
| IP-based | Single IP, IP ranges, CIDR notation, predefined rules (local-only, private-only) |
| Geolocation | Country and continent-level filtering with GeoIP lookups |
| Time-based | Day of week, time windows, date ranges with timezone support |
| Header-based | Custom HTTP header matching with regex support |
Filter rules can be combined into groups with AND/OR logic, priority ordering, and negation support.
- Centralized service catalog with multiple endpoints per service
- Integration support for Portainer, TrueNAS, Docker, etc for easy setup of existing services, with one click to proxy guides
- Routes can reference services for automatic URL resolution
- Dependency tracking prevents accidental deletion of in-use services
- Live request tracking with in-memory circular buffer (1M requests)
- Metrics including requests per minute, average response times, status code distribution, content type, etc.
- Geographic visualization with interactive world map
- Filtering by country, host, path, and status code
- Time-series charting with configurable grouping
A modern web UI built with Blazor and MudBlazor featuring:
- Dashboard with system overview
- Route management with full CRUD operations
- Certificate status and renewal management
- Visual filter rule builder
- Service registry editor
- Real-time analytics dashboard with charts and maps
- Global settings configuration
- Isolated management UI - Admin interface served at a configurable
/.proxy-managerbase path, keeping management traffic separate from proxied requests but still easy to access - Single executable - Self-contained with embedded LiteDB database, easy to deploy and host
- Multi-port architecture - Configurable HTTP, HTTPS ports
- Event-driven updates - Real-time configuration changes without service interruption
- Background services - Automated certificate renewal and stream forwarding
| Layer | Technology |
|---|---|
| Backend | ASP.NET Core (.NET 10) |
| Reverse Proxy | YARP 2.x |
| Database | LiteDB |
| SSL/ACME | Certes |
| Frontend | Blazor Server |
| UI Components | MudBlazor |
| Charts | Blazor-ApexCharts |
Planned features for future development:
- User Accounts & Route Authentication - Configurable user accounts with route-based authentication, allowing you to protect services behind a single unified login
- Social & SSO Integration - Support for OAuth providers and single sign-on for seamless, streamlined access to protected routes
Pre-configured routing templates optimized for popular self-hosted applications, eliminating guesswork and manual configuration:
| Service | Template Includes |
|---|---|
| Plex | WebSocket support, larger buffer sizes, extended timeouts for streaming |
| Jellyfin / Emby | WebSocket support, streaming-optimized settings |
| Sonarr / Radarr / Lidarr | Base path or subdomain options, API proxy settings |
| Overseer / Ombi | Root URL configuration, request forwarding |
| Home Assistant | WebSocket support, long-polling timeouts |
| Nextcloud | Large upload support, extended timeouts, CalDAV/CardDAV headers |
Template features:
- Choose between subdomain routing (
plex.domain.com) or base path routing (domain.com/plex) - Automatic configuration of protocol-specific settings (WebSockets, SSE, etc.)
- Sensible defaults for buffer sizes, timeouts, and retry policies per service type
- Community-contributed templates for additional services
- Route Preview & Testing - Test internal routing to services as if requests were coming through externally, making it easy to diagnose network or connection issues without leaving the management UI
- Automated Event Triggers - Configurable actions triggered by events such as service downtime, failed authentication attempts, SSL certificate errors, and more
- Router & DNS Setup Guides - Built-in guides to help configure network traffic routing into your reverse proxy, covering common router setups and DNS configuration
- Dynamic DNS Service - Simple IP monitoring with automatic updates to Cloudflare and other DNS providers when your external IP changes
- Network Tunnel Support - Easy configuration for tunneling solutions (Cloudflare Tunnel, etc.) enabling proxy access without port forwarding
Deep integration with popular home server and container platforms to streamline service discovery and route configuration:
| Platform | Capabilities |
|---|---|
| Docker | Auto-discover containers, read labels for routing hints, monitor container health |
| Portainer | Connect to Portainer API to list and manage services across environments |
| Kubernetes | Discover services and ingresses, sync route configuration with cluster state |
| TrueNAS Scale | List installed apps and services, detect exposed ports and endpoints |
| Unraid | Discover Docker containers and VMs, integrate with Unraid's app ecosystem |
For all platforms:
- Automatic service discovery and listing within the management UI
- Connectivity testing to verify services are reachable before creating routes
- Live service preview to inspect responses without configuring a full route
- One-click route creation with sensible defaults based on service metadata
- Native Desktop Client - Lightweight desktop application for quickly proxying local services, managing routes, and monitoring traffic without opening a browser
This project is in active early development. Current focus areas include:
- Core routing functionality
- UI / UX overhaul
- Certificate management
- Analytics infrastructure, storage and filtering
- Configuration improvments
Contributions, feedback, and feature suggestions are welcome as the project matures.
License information to be added, currently no licence is defined and as such production deployments, forking, etc are not recommended at this time