sst
Support HTTP_PROXY & HTTPS_PROXY for millions of users who are behind fire walls in some regions and some organizations.
Support access LLM APIs with/without HTTP_PROXY & HTTPS_PROXY in these OSs:
in macos
export HTTP_PROXY=http://127.0.0.1:7897 export HTTPS_PROXY=http://127.0.0.1:7897
in linux
export HTTP_PROXY=http://127.0.0.1:7890 export HTTPS_PROXY=http://127.0.0.1:7890
in windows
for cmd
set HTTP_PROXY=http://127.0.0.1:7897 set HTTPS_PROXY=http://127.0.0.1:7897
for powershell
$env:HTTP_PROXY = "http://127.0.0.1:7897" $env:HTTPS_PROXY = "http://127.0.0.1:7897"
I could not get it working with a SOCKS5 proxy via environment variables (had to resort to using proxychains), but maybe it works with normal HTTP / HTTPS proxies.
same on my side. exporting https_proxy, http_proxy does not work. error is Unable to connect. Is the computer able to access the url?
i double check with our proxy admin, opencode is not hitting the proxy.
works for me now. was using windows executable in wsl, reinstalled via node. now i can connect.
@zerounix can you explain your setup in WSL ? Your http_proxy and https_proxy values in windows and wsl are the same or differ ?
I noticed that GEMINI-CLI has added a "--proxy" parameter in the startup arguments to ensure that all network communication layers use the specified proxy:
$ gemini --help --proxy Proxy for gemini client, like schema://user:password@host:port
You can refer to the following PR: https://github.com/google-gemini/gemini-cli/pull/2526
May I ask @thdxr if a similar implementation could be considered in opencode? This would maximize the correctness of the proxy network.
The temporary hack for me which worked was using it inside docker docker run -e <your proxy> opencode-ai:latest
--proxy Proxy for gemini client, like schema://user:password@host:port
need !
This is definitely a deal breaker for me to choose between opencode and gemini-cli
set this and it should work:
NO_PROXY=localhost,127.0.0.1
unfortunately - doesn't work:
export NO_PROXY=localhost,127.0.0.1
opencode
^[[I^[[I^[[I^[[I<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!--
/*
* Copyright (C) 1996-2024 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
*/
/*
Stylesheet for Squid Error pages
Adapted from design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License
*/
/* Page basics */
* {
font-family: verdana, sans-serif;
}
html body {
margin: 0;
padding: 0;
background: #efefef;
font-size: 12px;
color: #1e1e1e;
}
/* Page displayed title area */
#titles {
margin-left: 15px;
padding: 10px;
padding-left: 100px;
background: url('/squid-internal-static/icons/SN.png') no-repeat left;
}
/* initial title */
#titles h1 {
color: #000000;
}
#titles h2 {
color: #000000;
}
/* special event: FTP success page titles */
#titles ftpsuccess {
background-color:#00ff00;
width:100%;
}
/* Page displayed body content area */
#content {
padding: 10px;
background: #ffffff;
}
/* General text */
p {
}
/* error brief description */
#error p {
}
/* some data which may have caused the problem */
#data {
}
/* the error message received from the system or other software */
#sysmsg {
}
pre {
}
/* special event: FTP directory listing */
#dirmsg {
font-family: courier, monospace;
color: black;
font-size: 10pt;
}
#dirlisting {
margin-left: 2%;
margin-right: 2%;
}
#dirlisting tr.entry td.icon,td.filename,td.size,td.date {
border-bottom: groove;
}
#dirlisting td.size {
width: 50px;
text-align: right;
padding-right: 5px;
}
/* horizontal lines */
hr {
margin: 0;
}
/* page displayed footer area */
#footer {
font-size: 9px;
padding-left: 10px;
}
body
:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
:lang(he) { direction: rtl; }
--></style>
</head><body id=ERR_ACCESS_DENIED>
<div id="titles">
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>
<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="http://127.0.0.1:35569/agent">http://127.0.0.1:35569/agent</a></p>
<blockquote id="error">
<p><b>Access Denied.</b></p>
</blockquote>
<p>Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.</p>
<p>Your cache administrator is <a href="mailto:webmaster?subject=CacheErrorInfo%20-%20ERR_ACCESS_DENIED&body=CacheHost%3A%20pxweb1%0D%0AErrPage%3A%20ERR_ACCESS_DENIED%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Mon,%2008%20Dec%202025%2007%3A40%3A14%20GMT%0D%0A%0D%0AClientIP%3A%20172.18.162.153%0D%0A%0D%0AHTTP%20Request%3A%0D%0AGET%20%2Fagent%20HTTP%2F1.1%0AProxy-Connection%3A%20Keep-Alive%0D%0AConnection%3A%20keep-alive%0D%0AUser-Agent%3A%20opencode%2F1.0.119%0D%0AAccept%3A%20*%2F*%0D%0AHost%3A%20127.0.0.1%3A35569%0D%0AAccept-Encoding%3A%20gzip,%20deflate,%20br,%20zstd%0D%0A%0D%0A%0D%0A">webmaster</a>.</p>
<br>
</div>
<hr>
<div id="footer">
<p>Generated Mon, 08 Dec 2025 07:40:14 GMT by pxweb1 (squid/6.13)</p>
<!-- ERR_ACCESS_DENIED -->
</div>
</body></html>
hm well it may depend on ur proxy i set up one and that got it working ill check it oit tbo
set this and it should work:
NO_PROXY=localhost,127.0.0.1
Archlinux, HTTP proxy:
Forbidden: {
"error": {
"type": "forbidden",
"message": "Request not allowed"
}
}
hm well it may depend on ur proxy i set up one and that got it working ill check it oit tbo
The proxy runs on another host (setup by the company) - on my system no proxy is running. As the error output shows, http://127.0.0.1:35569/agent was blocked. Might this be a problem of a framework opencode is using?
You may also need:
If your enterprise environment uses custom CAs for HTTPS connections (whether through a proxy or direct API access), configure OpenCode Code to trust them: export NODE_EXTRA_CA_CERTS=/path/to/ca-cert.pem
My issue seems to be related by slightly different.
acheong@fishy ~/d/platform (develop)> echo $all_proxy
socks5://127.0.0.1:1090
acheong@fishy ~/d/platform (develop)> echo $HTTP_PROXY
socks5://127.0.0.1:1090
acheong@fishy ~/d/platform (develop)> echo $HTTPS_PROXY
socks5://127.0.0.1:1090
acheong@fishy ~/d/platform (develop)> opencode
Error: UnsupportedProxyProtocol fetching "http://127.0.0.1:42245/config/providers". For more information, pass `verbose: true` in the second argument to fetch()
Setting export NO_PROXY=localhost,127.0.0.1 lets me get to the TUI screen but sending a request still throws
Error: UnsupportedProxyProtocol fetching "https://api.github.com/copilot_internal/v2/token". For more
┃ information, pass `verbose: true` in the second argument to fetch()
No CA sniffing or whatnot. Standard socks proxy over ssh
You may also need:
If your enterprise environment uses custom CAs for HTTPS connections (whether through a proxy or direct API access), configure OpenCode Code to trust them: export NODE_EXTRA_CA_CERTS=/path/to/ca-cert.pem
sorry, error still persists. :^(
@olk your system blocks requests to a server running on ur own machine? Did u set NO_PROXY?
@olk your system blocks requests to a server running on ur own machine? Did u set NO_PROXY?
no, the server is running in the intranet at ai.abc.xyz. NO_PROXY=127.0.0.1,10.0.0.0/8,localhost,.abc.xyz
I could not get it working with a SOCKS5 proxy via environment variables (had to resort to using proxychains), but maybe it works with normal HTTP / HTTPS proxies.
How did you get it working with proxychains? It doesn't error but simply times out for me
By the way, the error comes from bun:
acheong@fishy ~> node -e 'fetch("https://api.github.com").then(r=>console.log("ok", r.status)).catch(e=>console.error(e.message))'
ok 200
acheong@fishy ~> bun -e 'fetch("https://api.github.com").then(r=>console.log("ok", r.status)).catch(e=>console.error(e
.message))'
UnsupportedProxyProtocol fetching "https://api.github.com/". For more information, pass `verbose: true` in the second argument to fetch()
PR is here: https://github.com/oven-sh/bun/pull/23220
I find it mildly concerning how much Bun is using Claude but eh... as long as it works.
Edit: Opencode bundles bun, just like Claude code. Using npm i -g does not remove the bun dependency
It would be great if a note could be added to the OpenCode docs that it does not support environments with corporate proxies right now and to keep an eye on this issue for when it'll be fixed. Would probably save a lot of people from wasting time trying to get this working and getting frustrated with OpenCode itself.
@olk @rekram1-node
Had same problem with corporate Squid proxy running elsewhere blocking requests to http://127.0.0.1:xxx/yyy.
export NO_PROXY=localhost,127.0.0.1
didn't fix it, but
export no_proxy=localhost,127.0.0.1
did.
Seems like opencode respects only the lowercase version of the ENV variable.
hm we don’t do special handling for either I think bun respects both but idk why the capitalized one didnt work for you
I was able to get opencode running. I created a docker image (using Ubuntu as base; passing the HTTP_PROXY/HTTPS_PROXY/NO_PROXY env variables). I don't know why it fails on Arch Linux with Proxy (company) and works at home (using Arch Linux too) without proxy.