telebit/README.md

# Telebit

A secure, end-to-end Encrypted tunnel.

Because friends don't let friends localhost.

## Install Go

Installs Go to `~/.local/opt/go` for MacOS and Linux:

```bash
curl https://webinstall.dev/golang | bash
```

For Windows, see https://golang.org/dl

**Note**: The _minimum required go version_ is shown in `go.mod`. DO NOT use with `GOPATH`!

## Relay Server

All dependencies are included, at the correct version in the `./vendor` directory.

```bash
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -mod vendor -o telebit-relay-linux ./cmd/telebit-relay/telebit-relay.go
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -mod vendor -o telebit-relay-macos ./cmd/telebit-relay/telebit-relay.go
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -mod vendor -o telebit-relay-windows.exe ./cmd/telebit-relay/telebit-relay.go
```

### Configure

Command-line flags or `.env` may be used.

See `./telebit-relay --help` for all options, and `examples/relay.env` for their corresponding ENVs.

### Example

```bash
./telebit-relay --acme-agree=true
```

Copy `examples/relay.env` as `.env` in the working directory.

## Relay Client

All dependencies are included, at the correct version in the `./vendor` directory.

```bash
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -mod vendor -o telebit-client-linux ./cmd/telebit/telebit.go
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -mod vendor -o telebit-client-macos ./cmd/telebit/telebit.go
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -mod vendor -o telebit-client-windows.exe ./cmd/telebit/telebit.go
```

### Configure

Command-line flags or `.env` may be used.

See `./telebit-client --help` for all options, and `examples/client.env` for their corresponding ENVs.

### Example

```bash
# For .env
SECRET=abcdef1234567890
```

```bash
node-tunnel-client $ bin/stunnel.js --locals http://hfc.rootprojects.org:8080,http://test1.hfc.rootprojects.org:8080 --relay wss://localhost.rootprojects.org:8443 --secret abcdef1234567890
```

## Local Web Application

Currently only raw TCP is tunneled.

This means that either the application must handle and terminate encrypted TLS connections, or use HTTP (instead of HTTPS).
This will be available in the next release.

```bash
mkdir -p tmp-app
pushd tmp-app/

cat << EOF > index.html
Hello, World!
EOF

python3 -m http.server 3000
```

### Check Results

-   you should see traffic going to both node-clients hitting the single webserver on the back end.
-   Browse: https://rvpn.rootprojects.invalid:8443/api/org.rootprojects.rvpn/servers

```javascript
{
	"type": "servers/GET",
	"schema": "",
	"txts": 1490473843,
	"txid": 8,
	"error": "ok",
	"error_description": "",
	"error_uri": "",
	"result": {
		"servers": [{
			"server_name": "0xc42014a0c0",
			"server_id": 1,
			"domains": [{
				"domain_name": "hfc.rootprojects.org",
				"server_id": 1,
				"bytes_in": 4055,
				"bytes_out": 8119,
				"requests": 12,
				"responses": 12,
				"source_addr": "127.0.0.1:55875"
			}, {
				"domain_name": "test1.hfc.rootprojects.org",
				"server_id": 1,
				"bytes_in": 0,
				"bytes_out": 0,
				"requests": 0,
				"responses": 0,
				"source_addr": "127.0.0.1:55875"
			}],
			"duration": 182.561747754,
			"idle": 21.445976033,
			"bytes_in": 8119,
			"bytes_out": 4055,
			"requests": 12,
			"responses": 12,
			"source_address": "127.0.0.1:55875"
		}, {
			"server_name": "0xc4200ea3c0",
			"server_id": 2,
			"domains": [{
				"domain_name": "hfc.rootprojects.org",
				"server_id": 2,
				"bytes_in": 1098,
				"bytes_out": 62,
				"requests": 2,
				"responses": 2,
				"source_addr": "127.0.0.1:56318"
			}, {
				"domain_name": "test1.hfc.rootprojects.org",
				"server_id": 2,
				"bytes_in": 0,
				"bytes_out": 0,
				"requests": 0,
				"responses": 0,
				"source_addr": "127.0.0.1:56318"
			}],
			"duration": 65.481814913,
			"idle": 23.589609269,
			"bytes_in": 62,
			"bytes_out": 1098,
			"requests": 2,
			"responses": 2,
			"source_address": "127.0.0.1:56318"
		}]
	}
}
```