2020-11-13 09:43:17 +00:00
|
|
|
# Telebit Relay
|
|
|
|
|
2020-11-13 12:13:09 +00:00
|
|
|
| [Telebit Client](/README.md) | **Telebit Relay** | [Telebit Mgmt](../mgmt) |
|
2020-11-13 09:43:17 +00:00
|
|
|
|
2020-11-13 11:26:25 +00:00
|
|
|
Secure tunnel, relay, and reverse-proxy server.
|
|
|
|
|
|
|
|
# Usage
|
|
|
|
|
|
|
|
**Only** port 443 must be public.
|
|
|
|
|
|
|
|
```bash
|
|
|
|
./telebit-relay --acme-http-01
|
|
|
|
```
|
|
|
|
|
|
|
|
```bash
|
|
|
|
# allow access to privileged ports
|
|
|
|
sudo setcap 'cap_net_bind_service=+ep' ./telebit-relay
|
|
|
|
```
|
2020-11-13 09:43:17 +00:00
|
|
|
|
|
|
|
Copy `examples/relay.env` as `.env` in the working directory.
|
|
|
|
|
|
|
|
```bash
|
2020-11-13 11:26:25 +00:00
|
|
|
# --secret
|
|
|
|
export SECRET=XxX-mgmt-secret-XxX
|
|
|
|
# --api-hostname
|
|
|
|
export API_HOSTNAME=tunnel.example.com
|
|
|
|
# --listen
|
|
|
|
export LISTEN=":443"
|
|
|
|
# --locals
|
|
|
|
export LOCALS=https:mgmt.example.com:6468
|
|
|
|
# --auth-url
|
|
|
|
export AUTH_URL=http://localhost:6468/api
|
2020-11-18 09:05:36 +00:00
|
|
|
# --proxy-http-01
|
|
|
|
export PROXY_HTTP_01=http://mgmt.example.com:6468
|
2020-11-13 11:26:25 +00:00
|
|
|
# --acme-agree
|
|
|
|
export ACME_AGREE=true
|
|
|
|
# --acme-email
|
|
|
|
export ACME_EMAIL=telebit@example.com
|
|
|
|
# --acme-relay
|
|
|
|
export ACME_RELAY_URL=http://localhost:6468/api/acme-relay
|
2020-11-13 09:43:17 +00:00
|
|
|
```
|
|
|
|
|
2020-11-13 11:26:25 +00:00
|
|
|
See `./telebit-relay --help` for all options. \
|
|
|
|
See [`examples/relay.env`][relay-env] for detail explanations.
|
|
|
|
|
2020-11-13 12:13:09 +00:00
|
|
|
[relay-env]: /examples/relay.env
|
2020-11-13 11:26:25 +00:00
|
|
|
|
2020-11-13 09:43:17 +00:00
|
|
|
Note: It is not necessary to specify the `--flags` when using the ENVs.
|
|
|
|
|
2020-11-13 11:26:25 +00:00
|
|
|
## System Services
|
|
|
|
|
|
|
|
You can use `serviceman` to run `postgres`, `telebit`, and `telebit-mgmt` as system services
|
|
|
|
|
2020-11-13 09:43:17 +00:00
|
|
|
```bash
|
2020-11-13 11:26:25 +00:00
|
|
|
curl -fsS https://webinstall.dev/serviceman | bash
|
2020-11-13 09:43:17 +00:00
|
|
|
```
|
|
|
|
|
2020-11-13 11:26:25 +00:00
|
|
|
See the Cheat Sheet at https://webinstall.dev/serviceman
|
|
|
|
|
|
|
|
You can, of course, configure systemd (or whatever) by hand if you prefer.
|
|
|
|
|
|
|
|
# API
|
2020-11-13 09:43:17 +00:00
|
|
|
|
|
|
|
List all connected devices
|
|
|
|
|
|
|
|
```bash
|
|
|
|
bash examples/admin-list-devices.sh
|
|
|
|
```
|
|
|
|
|
|
|
|
```bash
|
|
|
|
curl -L https://devices.example.com/api/subscribers -H "Authorization: Bearer ${TOKEN}"
|
|
|
|
```
|
|
|
|
|
|
|
|
```json
|
|
|
|
{
|
|
|
|
"success": true,
|
|
|
|
"subscribers": [{ "since": "2020-07-22T08:20:40Z", "sub": "ruby", "sockets": ["73.228.72.97:50737"], "clients": 0 }]
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
Show connectivity, of a single device, if any
|
|
|
|
|
|
|
|
```bash
|
|
|
|
curl -L https://devices.example.com/api/subscribers -H "Authorization: Bearer ${TOKEN}"
|
|
|
|
```
|
|
|
|
|
|
|
|
```json
|
|
|
|
{
|
|
|
|
"success": true,
|
|
|
|
"subscribers": [{ "since": "2020-07-22T08:20:40Z", "sub": "ruby", "sockets": ["73.228.72.97:50737"], "clients": 0 }]
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
Force a device to disconnect:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
bash examples/admin-disconnect-device.sh
|
|
|
|
```
|
2020-11-13 11:26:25 +00:00
|
|
|
|
|
|
|
# Build
|
|
|
|
|
|
|
|
You can build with `go build`:
|
|
|
|
|
|
|
|
```bash
|
2020-11-13 21:18:53 +00:00
|
|
|
go generate -mod vendor ./...
|
2020-11-13 11:53:01 +00:00
|
|
|
go build -mod vendor -race -o telebit-relay cmd/telebit/*.go
|
2020-11-13 11:26:25 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
Or with `goreleaser`:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
goreleaser --rm-dist --skip-publish --snapshot
|
|
|
|
```
|
|
|
|
|
|
|
|
Or cross-compile:
|
|
|
|
|
|
|
|
```bash
|
2020-11-13 21:18:53 +00:00
|
|
|
go generate -mod vendor ./...
|
2020-11-13 11:26:25 +00:00
|
|
|
|
|
|
|
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -mod vendor -o telebit-relay-linux ./cmd/telebit/*.go
|
|
|
|
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -mod vendor -o telebit-relay-macos ./cmd/telebit/*.go
|
|
|
|
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -mod vendor -o telebit-relay-windows-debug.exe ./cmd/telebit/*.go
|
|
|
|
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -mod vendor -ldflags "-H windowsgui" -o telebit-relay-windows.exe ./cmd/telebit/*.go
|
|
|
|
```
|