README
¶
Tunnel
Tunnel is a project written in go to create L4 tunnels to your local host automatically.
How it works
The tunnelctl create host command will provision a new server in DigitalOcean and install envoy;
this will be your public proxy and will be configured to forward requests to an internal port.
Once the public host is created, from the local machine you want to expose, running tunneld will create and maintain
a ssh tunnel to the public host to tunnel the requests from envoy to your local address.
Install
curl -L https://raw.githubusercontent.com/costap/tunnel/master/scripts/install.sh | sudo bash -
Usage
The below example will proxy ports 443 and 6443 from the public host to local addresses 127.0.0.1:443 and 127.0.0.1:6443.
- setup a config file in
~/.tunnelctl.yamllikeconfigs/tunnelctl.yamlwith your DigitalOcean API token - create ssh keys pair if you don't have one
tunnelctl keys create -p ~/.ssh -n id_rsa_tunnel
- create public host in DO
tunnelctl hosts create -p ~/.ssh --sshName id_rsa_tunnel --proxy 443:10443 --proxy 6443:16443 --name tunnel-proxy
take note of new host external IP and replace below
- start the tunnels on your local machine
nohup tunneld -c ~/.ssh/id_rsa_tunnel \
--sshServer root@<NEWHOSTIP> \
--localAddr 127.0.0.1:443 \
--remoteAddr 0.0.0.0:10443 \
--adminPort 8080 > /dev/null 2>&1 &
nohup tunneld -c ~/.ssh/id_rsa_tunnel \
--sshServer root@<NEWHOSTIP> \
--localAddr 127.0.0.1:6443 \
--remoteAddr 0.0.0.0:16443 \
--adminPort 8081 > /dev/null 2>&1 &
- Check tunnels are ok
$ curl http://localhost:8080/health
{ "started": true }
$ curl http://localhost:8081/health
{ "started": true }
- Check external endpoints
$ curl https://<NEWHOSTIP>/ -k
$ curl https://<NEWHOSTIP>:6443/ -k
- Enjoy!
Build
To build the project locally simply run make.
Directories
Click to show internal directories.
Click to hide internal directories.