DEV.co
Open-Source DevOps · WJQSERVER-STUDIO

ghproxy

GHProxy is a Go-based reverse proxy designed to accelerate GitHub resource downloads (repos, files, Docker images) and bypass regional access restrictions. It supports caching, rate limiting, authentication, and Docker image proxying with a web UI.

Source: GitHub — github.com/WJQSERVER-STUDIO/ghproxy
698
GitHub stars
113
Forks
Go
Primary language
MPL-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryWJQSERVER-STUDIO/ghproxy
OwnerWJQSERVER-STUDIO
Primary languageGo
LicenseMPL-2.0 — OSI-approved
Stars698
Forks113
Open issues13
Latest release4.3.4 (2025-09-13)
Last updated2026-06-01
Sourcehttps://github.com/WJQSERVER-STUDIO/ghproxy

What ghproxy is

A high-concurrency reverse proxy written in Go using the Touka HTTP framework, proxying GitHub raw files, Git clones, releases, and Docker/GHCR registries. Features include bandwidth throttling, custom allowlist/blocklist, shell script nesting, and optional Git clone caching integration via Smart-Git.

Quickstart

Get the ghproxy source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/WJQSERVER-STUDIO/ghproxy.gitcd ghproxy# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Regional GitHub Access Acceleration

Deploy as a regional proxy for teams in areas with slow or unstable GitHub connectivity, significantly reducing clone and download times.

Corporate Docker Registry Proxy

Intercept and cache Docker image pulls from Docker Hub, GHCR, and other registries to reduce external bandwidth and accelerate CI/CD pipelines.

Rate-Limited CI/CD Pipeline Resilience

Use as a transparent cache layer to absorb GitHub API rate limits and prevent CI/CD job failures when pulling dependencies frequently.

Implementation considerations

  • Dual-license model (WJQserver Studio License 2.1 + MPL-2.0) requires legal review; commercial use permissibility is unclear.
  • Project is ~18 months old with active commits; stability and long-term maintenance commitment unknown.
  • Front-end components are in a separate repository with independent licenses; review each theme's terms before deployment.
  • Bandwidth and rate-limiting features should be tested under production load; no published benchmarks provided.
  • Deployment via Docker Compose recommended; binary deployment is explicitly discouraged by maintainers.

When to avoid it — and what to weigh

  • Strict Compliance Requirements for License — The dual-license model (WJQserver Studio License 2.1 + MPL-2.0) introduces non-standard licensing terms. Requires legal review before use in regulated environments or commercial closed-source products.
  • Need for Enterprise Support Contract — No indication of commercial support offerings, SLAs, or vendor backing. Use only if internal support capability exists or downtime is acceptable.
  • Multi-Tenancy with Hard Security Isolation — Project documentation does not describe multi-tenant isolation or defense against cross-tenant cache-poisoning; avoid for untrusted user scenarios.
  • Seamless Drop-In for Standard Proxies — Requires custom configuration and frontend theme setup; not a zero-config replacement for standard HTTP proxies or Docker registry mirrors.

License & commercial use

Dual-licensed under WJQserver Studio License 2.1 (non-standard) and Mozilla Public License 2.0 (permissive OSI license). Licensee can choose one. WJQserver Studio License 2.1 terms are not published in the repository; refer to https://wjqserver-studio.github.io/LICENSE/LICENSE.html. Front-end components have separate, independent licenses.

Requires careful review. MPL-2.0 is permissive for commercial use, but WJQserver Studio License 2.1 is non-standard and its terms for commercial use are unclear. Before using in a commercial product or service, confirm compatibility with WJQserver Studio License 2.1 via legal counsel. No commercial support tier identified.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityNeeds review
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceMedium
Security considerations

Project does not publish a security policy or vulnerability disclosure process. Considerations: (1) Proxy handles sensitive GitHub tokens in requests; cache layer may inadvertently store credential information. (2) Custom blacklist/whitelist logic must be correctly configured to prevent unwanted proxying. (3) User authentication feature exists but implementation details and cryptographic practices not documented. (4) No published security audit or penetration test results. (5) Recommend testing in isolated environment before exposing to untrusted networks.

Alternatives to consider

ghproxy (node-based, github.com/hunshcn/gh-proxy)

Older, more established Python/Node alternative; simpler deployment but potentially lower performance under high concurrency.

Docker Registry (official mirror or nexus)

Standard Docker image caching solution with enterprise support and multi-registry support; does not proxy raw GitHub files or clones.

Cloudflare Workers / Fastly VCL custom proxy

Cloud-native reverse proxy with global edge caching; eliminates on-premises infrastructure but less control over business logic.

Software development agency

Build on ghproxy with DEV.co software developers

GHProxy is an active, Go-based solution for accelerating GitHub downloads and caching Docker images. Requires legal review of dual-license terms before commercial use. Contact us to evaluate for your DevOps infrastructure.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

ghproxy FAQ

Can I use this in a commercial closed-source SaaS?
Requires legal review. MPL-2.0 permits commercial use, but WJQserver Studio License 2.1 terms are unclear and must be verified. Consult counsel before production deployment.
Does this project have a long-term maintenance guarantee?
Unknown. Project is ~18 months old with active commits but no published roadmap, SLA, or commercial support offering. Assume community-maintained.
Can I run this as a managed service or resell it?
Unknown. Dual-license terms and WJQserver Studio License 2.1 restrictions are not clearly stated; review license links and consider contacting maintainers for clarification.
What are the performance limits?
No published benchmarks. Documentation mentions high concurrency and bandwidth throttling, but max throughput, connection limits, and cache hit ratios are not documented. Test in staging with production load.

Software developers & web developers for hire

Need help beyond evaluating ghproxy? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source devops integrations — and maintain them long-term.

Need a High-Performance GitHub Proxy?

GHProxy is an active, Go-based solution for accelerating GitHub downloads and caching Docker images. Requires legal review of dual-license terms before commercial use. Contact us to evaluate for your DevOps infrastructure.