Fixie Socks is a Heroku add-on that enables users to make TCP connections from a known IP address via a SOCKS proxy. Common use cases are database connections, FTP, SCP, and SSH. By connecting via Fixie Socks Heroku, users can integrate with external services and databases that do IP allowlisting. Fixie Socks is language- and framework-agnostic.

Fixie Socks acts as a SOCKS V5 proxy for outbound traffic, tunneling your requests through a known IP address. Each Fixie subscriber is assigned a set of static IP addresses. Through this proxy, subscribers can connect to any database or service that requires a fixed IP range.

Fixie Socks provides a standard SOCKS V5 proxy URL that can be used to establish connections from any server-side language, including JavaScript/TypeScript, Ruby, Java, and Go. Fixie Socks can also be used by SSH, SCP, cURL, and other command-line tools.

If you are looking to connect to make HTTP and HTTPS requests, Fixie HTTP/S is generally a better fit for that use case.

Getting started

Fixie Socks can be attached to a Heroku application via the CLI:

$ heroku addons:create fixie-socks
-----> Adding fixie-socks to sharp-mountain-4005... done, v18 (free)

Configure your application

There are two ways to use Fixie Socks:

1.) The easiest way to integrate your application with Fixie Socks is by adding the fixie-wrench binary to your project. fixie-wrench provides a tunnel on a local port through a Fixie Socks cluster, so that any application can make any TCP request to any remote service without significant code changes. fixie-wrench works for all kinds of TCP connections: database connections, HTTP requests, etc.

fixie-wrench is a command line utility that makes it easy to proxy any TCP connection through Fixie Socks, even if your language or wrenchent library does not natively support SOCKS v5 proxies. By connecting through Fixie Socks, your application will have a stable set of outbound IP addresses, making it possible to address a remote service that performs IP address whitelisting from Heroku or other platforms that provide ephemeral instances.

fixie-wrench does port-forwarding, similar to SSH port forwarding, so your remote database, FTP server, or other service will appear to be running locally from the perspective of your application code.

To install fixie-wrench into your project: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/usefixie/fixie-wrench/HEAD/install.sh)"

Then, update your Procfile to start fixie-wrench:

web: ./bin/fixie-wrench LOCAL_PORT:REMOTE_HOST:REMOTE_PORT & ...

For more information, see the fixie-wrench readme and the example app.

2.) Many libraries support SOCKS v5 proxies out of the box. If you're using a language and library that supports SOCKS v5 proxies, you can integrate with Fixie Socks directly in your application code instead of using fixie-wrench

The list below is not exhaustive, but provides examples for many popular use cases. If you do not see your language/library below, you can always use fixie-wrench.

• JavaScript/TypeScript
• Ruby
• Java
• Go

In either case, after you provision Fixie Socks, a FIXIE_SOCKS_HOST config var is available in your app's configuration. This contains the SOCKS V5 proxy URL through which your application makes outbound requests. This can be confirmed using the heroku config:get command:

$ heroku config:get FIXIE_SOCKS_HOST
user:pass@criterium.usefixie.com:1080

After installing Fixie Socks Heroku, the application should be configured to fully integrate with the add-on.

Getting your static IP addresses

You can retrieve your static IP addresses in the "Account" tab of the Fixie Dashboard. Your IP addresses are listed under "Account Details."

Your static IP addresses are also shown in the command line when you enable Fixie using the Heroku CLI:

$ heroku addons:create fixie-socks
Adding fixie to sharp-mountain-4005… done, v18 (free)
Your static IP addresses are 54.174.229.200, 54.176.231.252

Dashboard

The Fixie Socks dashboard can be used to monitor your usage, retrieve your Fixie URL, and retrieve your outbound static IPs.

The dashboard can be accessed by visiting the Heroku Dashboard and selecting the application in question. Select Fixie Socks from the Add-ons menu.

The dashboard can also be accessed via the CLI:

$ heroku addons:open fixie-socks
Opening fixie for sharp-mountain-4005…

Local setup

For local development, it is necessary to replicate the FIXIE_SOCKS_HOST environment variable.

FIXIE_SOCKS_HOST can be retrieved either from the Fixie Socks dashboard or via the Heroku CLI:

$ heroku config:get FIXIE_SOCKS_HOST -s  >> .env

Credentials and other sensitive configuration values should not be committed to source-control. In Git, exclude the .env file with: echo .env >> .gitignore.

Migrating between plans

Use the heroku addons:upgrade command to migrate to a new plan. NOTE: Changing the plan won't affect your outbound IP address

$ heroku addons:upgrade fixie-socks:newplan
-----> Upgrading fixie-socks:newplan to sharp-mountain-4005... done, v18 ($/mo)
       Your plan has been updated to: fixie-socks:newplan

Removing the add-on

Fixie Socks Heroku can be removed via the CLI.

This will destroy all associated data and cannot be undone! If your application is configured to make requests through Fixie Socks Heroku, those requests will fail after removing the add-on.

$ heroku addons:destroy fixie-socks
-----> Removing fixie-socks from sharp-mountain-4005... done, v20 (free)

Support

All Fixie Socks Heroku support and runtime issues should be submitted via one of the Heroku Support channels.