AJ ONeal a7f1398ba4 | ||
---|---|---|
.. | ||
README.md | ||
telebit.go |
README.md
Telebit Relay
| Telebit Client | Telebit Relay | Telebit Mgmt |
Secure tunnel, relay, and reverse-proxy server.
Usage
Only port 443 must be public.
./telebit-relay --acme-http-01
# allow access to privileged ports
sudo setcap 'cap_net_bind_service=+ep' ./telebit-relay
Copy examples/relay.env
as .env
in the working directory.
# --secret
export SECRET=XxX-mgmt-secret-XxX
# --api-hostname
export API_HOSTNAME=tunnel.example.com
# --listen
export LISTEN=":443"
# --locals
export LOCALS=https:mgmt.example.com:6468
# --auth-url
export AUTH_URL=http://localhost:6468/api
# --proxy-http-01
export PROXY_HTTP_01=http://mgmt.example.com:6468
# --acme-agree
export ACME_AGREE=true
# --acme-email
export ACME_EMAIL=telebit@example.com
# --acme-relay
export ACME_RELAY_URL=http://localhost:6468/api/acme-relay
See ./telebit-relay --help
for all options.
See examples/relay.env
for detail explanations.
Note: It is not necessary to specify the --flags
when using the ENVs.
API
Discovery
Each telebit relay with expose its discovery endpoint at
.well-known/telebit.app/index.json
The response will look something like
System Services
You can use serviceman
to run postgres
, telebit
, and telebit-mgmt
as system services
curl -fsS https://webinstall.dev/serviceman | bash
See the Cheat Sheet at https://webinstall.dev/serviceman
You can, of course, configure systemd (or whatever) by hand if you prefer.
API
List all connected devices
bash examples/admin-list-devices.sh
curl -L https://devices.example.com/api/subscribers -H "Authorization: Bearer ${TOKEN}"
{
"success": true,
"subscribers": [{ "since": "2020-07-22T08:20:40Z", "sub": "ruby", "sockets": ["73.228.72.97:50737"], "clients": 0 }]
}
Show connectivity, of a single device, if any
curl -L https://devices.example.com/api/subscribers -H "Authorization: Bearer ${TOKEN}"
{
"success": true,
"subscribers": [{ "since": "2020-07-22T08:20:40Z", "sub": "ruby", "sockets": ["73.228.72.97:50737"], "clients": 0 }]
}
Force a device to disconnect:
bash examples/admin-disconnect-device.sh
Build
You can build with go build
:
go generate -mod vendor ./...
go build -mod vendor -race -o telebit-relay cmd/telebit/*.go
Or with goreleaser
:
goreleaser --rm-dist --skip-publish --snapshot
Or cross-compile:
go generate -mod vendor ./...
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -mod vendor -o telebit-relay-linux ./cmd/telebit/*.go
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -mod vendor -o telebit-relay-macos ./cmd/telebit/*.go
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -mod vendor -o telebit-relay-windows-debug.exe ./cmd/telebit/*.go
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -mod vendor -ldflags "-H windowsgui" -o telebit-relay-windows.exe ./cmd/telebit/*.go