mucsbr/codex-reset-proxy

★ 13PythonAudience · developerComplexity · 3/5Setup · moderate

Mindmap

mindmap
  root((codex-reset-proxy))
    What it does
      Stall detection
      Fast-fail and retry
      Request body buffering
    Proxy Modes
      Plain HTTP reverse proxy
      SOCKS5 tunnel
      SOCKS5 MITM
      WebSocket to HTTP bridge
    Features
      API key injection
      Connection pool reuse
      Server-sent event streaming
      Local CA certificate gen
    Use Cases
      Codex reliability fix
      Hard-coded client support
      WebSocket to HTTP bridging
    Setup
      Docker Compose config
      Env vars for all settings
      CA cert install for MITM

mindmap root((codex-reset-proxy)) What it does Stall detection Fast-fail and retry Request body buffering Proxy Modes Plain HTTP reverse proxy SOCKS5 tunnel SOCKS5 MITM WebSocket to HTTP bridge Features API key injection Connection pool reuse Server-sent event streaming Local CA certificate gen Use Cases Codex reliability fix Hard-coded client support WebSocket to HTTP bridging Setup Docker Compose config Env vars for all settings CA cert install for MITM

Click or tap to explore — scroll the page freely

Things people build with this

USE CASE 1

Wrap Codex requests to automatically retry after a stall instead of hanging indefinitely waiting for response headers.

USE CASE 2

Run a SOCKS5 MITM proxy for clients that hard-code the Codex endpoint URL and cannot be pointed at a different address.

USE CASE 3

Bridge the Codex Responses WebSocket protocol to HTTP clients using server-sent events so they do not need a WebSocket library.

USE CASE 4

Reuse idle WebSocket connections across multiple Codex requests with the same credentials using the built-in connection pool.

Tech stack

PythonDockerDocker Compose

Getting it running

Difficulty · moderate Time to first run · 30min

MITM mode requires generating a local CA certificate and installing it into any client containers that need to trust the proxy.

No license information is mentioned in the explanation.

In plain English

codex-reset-proxy is a small reverse proxy written in Python, built to handle a specific failure mode in Codex (OpenAI's coding model) requests. When the upstream server accepts a connection but then stalls without ever sending response headers, a normal client will simply wait. This proxy detects that condition, fails fast after a configurable timeout, and retries the request from the beginning. The retry behavior is intentionally careful. Request bodies are buffered in memory so the proxy can replay the full request on a retry. Retries only happen before any response headers arrive: once the upstream starts sending a response, the proxy switches to simply forwarding bytes and does not interrupt. This avoids the risk of replaying a request that was already partially processed by the upstream. The proxy runs in one of three protocol modes. The standard mode is a plain HTTP reverse proxy that forwards any path to the configured upstream base URL, optionally injecting an API key. A second mode runs as a SOCKS5 tunnel, which passes traffic through without intercepting it. A third mode is a SOCKS5 man-in-the-middle proxy for clients that hard-code the Codex endpoint URL and cannot be redirected, it generates a local certificate authority, decrypts the HTTPS traffic, applies the fast-fail retry logic, then re-encrypts before sending to the actual upstream. For the Codex Responses protocol specifically, there is also a WebSocket bridge mode. In this mode, each incoming HTTP request is translated into an upstream WebSocket connection, the request body is wrapped in the correct message format, and the upstream WebSocket messages are streamed back to the HTTP client as server-sent events. An optional connection pool reuses idle WebSocket connections across requests with the same authentication credentials, keyed by a hash of the auth headers. The project is designed to run via Docker Compose with environment variables for all configuration. A helper script is included for installing the generated CA certificate into other containers that need to trust the MITM proxy.

Copy-paste prompts

Prompt 1

Configure codex-reset-proxy in Docker Compose as an HTTP reverse proxy in front of my Codex endpoint with a 30-second stall timeout and automatic retry on hang.

Prompt 2

Set up SOCKS5 MITM mode for a client that hard-codes the Codex URL, then install the generated CA certificate into that client's container so it trusts the proxy.

Prompt 3

Enable the WebSocket bridge mode so my HTTP client can stream Codex Responses protocol replies as server-sent events without opening a WebSocket connection itself.

Open on GitHub → Explain another repo

← mucsbr on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.