Add TCP Fast Open, systemd service install, rustdoc, and publish metadata

- TCP Fast Open support for listener and outgoing connections (net.rs)
- systemd service install/uninstall commands (service.rs)
- Rustdoc comments on all modules and public items
- Cargo.toml metadata for crates.io publishing
- Upgrade tokio-rustls-acme to v0.9
- Move CryptoProvider init to start of main()

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: madeye

.gitignore

@@ -1 +1,2 @@
 /target
+*.zip

Cargo.lock

@@ -2,6 +2,11 @@
 name = "https_proxy"
 version = "0.1.0"
 edition = "2021"
+description = "Stealth HTTPS forward proxy with automatic Let's Encrypt TLS and nginx camouflage"
+license = "MIT"
+repository = "https://github.com/madeye/https_proxy"
+keywords = ["proxy", "https", "tls", "acme", "stealth"]
+categories = ["network-programming", "command-line-utilities"]
 
 [dependencies]
 anyhow = "1"
@@ -11,11 +16,13 @@ clap = { version = "4", features = ["derive"] }
 http-body-util = "0.1"
 hyper = { version = "1", features = ["http1", "server", "client"] }
 hyper-util = { version = "0.1", features = ["tokio", "http1", "server-auto", "client-legacy"] }
+libc = "0.2"
 serde = { version = "1", features = ["derive"] }
+socket2 = { version = "0.5", features = ["all"] }
 serde_yaml = "0.9"
 tokio = { version = "1", features = ["full"] }
 tokio-rustls = "0.26"
-tokio-rustls-acme = { version = "0.6", features = ["axum"] }
+tokio-rustls-acme = { version = "0.9", features = ["axum"] }
 crossterm = "0.28"
 ratatui = "0.29"
 tracing = "0.1"

Cargo.toml

@@ -13,8 +13,33 @@ A stealth HTTPS forward proxy in Rust. It auto-obtains TLS certificates via Let'
 
 ## Build
 
+Requires Rust 1.70+ and a C compiler (for `aws-lc-sys`/`ring` crypto backends).
+
 ```bash
+# Native release build (stripped, LTO enabled)
 cargo build --release
+
+# Cross-compile for Linux x86_64 from macOS (requires cargo-zigbuild + zig)
+rustup target add x86_64-unknown-linux-gnu
+cargo zigbuild --release --target x86_64-unknown-linux-gnu
+```
+
+### Prerequisites
+
+**macOS:**
+```bash
+# Install Rust
+curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
+
+# For cross-compilation to Linux
+brew install zig
+cargo install cargo-zigbuild
+```
+
+**Linux (Debian/Ubuntu):**
+```bash
+curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
+apt install build-essential cmake
 ```
 
 The release binary is stripped with LTO enabled (~3 MB).
@@ -35,6 +60,7 @@ users:
     password: "hunter2"
 stealth:
   server_name: "nginx/1.24.0"
+fast_open: true
 ```
 
 | Field | Description |
@@ -46,6 +72,7 @@ stealth:
 | `acme.cache_dir` | Directory to persist certificates |
 | `users` | List of authorized proxy credentials |
 | `stealth.server_name` | `Server` header in fake 404 responses |
+| `fast_open` | Enable TCP Fast Open on listener and outgoing connections |
 
 ## Quick Start
 
@@ -84,8 +111,10 @@ curl --proxy https://wrong:creds@proxy.example.com:443 https://example.com
 https-proxy [COMMAND]
 
 Commands:
-  setup    Interactive TUI to create config.yaml
-  run      Start the proxy server (default if no command given)
+  setup      Interactive TUI to create config.yaml
+  run        Start the proxy server (default if no command given)
+  install    Install as a systemd background service (Linux, requires root)
+  uninstall  Remove the systemd service
 ```
 
 ## How It Works

README.md

@@ -9,3 +9,4 @@ users:
     password: "hunter2"
 stealth:
   server_name: "nginx/1.24.0"
+fast_open: true