blob: 2fcfd9f65c63517fae0a2ecb24b0529981b31526 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
---
title: Network
description: Configure proxies and custom certificates.
---
OpenCode supports standard proxy environment variables and custom certificates for enterprise network environments.
---
## Proxy
OpenCode respects standard proxy environment variables.
```bash
# HTTPS proxy (recommended)
export HTTPS_PROXY=https://proxy.example.com:8080
# HTTP proxy (if HTTPS not available)
export HTTP_PROXY=http://proxy.example.com:8080
# Bypass proxy for local server (required)
export NO_PROXY=localhost,127.0.0.1
```
:::caution
The TUI communicates with a local HTTP server. You must bypass the proxy for this connection to prevent routing loops.
:::
You can configure the server's port and hostname using [CLI flags](/docs/cli#run).
---
### Authenticate
If your proxy requires basic authentication, include credentials in the URL.
```bash
export HTTPS_PROXY=http://username:[email protected]:8080
```
:::caution
Avoid hardcoding passwords. Use environment variables or secure credential storage.
:::
For proxies requiring advanced authentication like NTLM or Kerberos, consider using an LLM Gateway that supports your authentication method.
---
## Custom certificates
If your enterprise uses custom CAs for HTTPS connections, configure OpenCode to trust them.
```bash
export NODE_EXTRA_CA_CERTS=/path/to/ca-cert.pem
```
This works for both proxy connections and direct API access.
|
