Minimal, self-hosted, 0-config alternative to ngrok. Caddy+OpenSSH+50 lines of Python.
MIT License
If you have a webserver running on one computer (say your development laptop), and you want to expose it securely (ie HTTPS) via a public URL, SirTunnel allows you to easily do that.
If you have:
example.com
.example.com
.And you run the following command on your laptop:
ssh -tR 9001:localhost:8080 example.com sirtunnel.py sub1.example.com 9001
Now any requests to https://sub1.example.com
will be proxied to your local
webserver.
The command above does 2 things:
sirtunnel.py sub1.example.com 9001
on the server.sub1.example.com 9001
and uses the Caddy API tosub1.example.com
to port 9001 on the server. Caddysub1.example.com
.Note: The -t
is necessary so that doing CTRL-C on your laptop stops the
sirtunnel.py
command on the server, which allows it to clean up the tunnel
on Caddy. Otherwise it would leave sirtunnel.py
running and just kill your
SSH tunnel locally.
There are a lot of solutions to this problem. In fact, I've made something of a hobby of maintaining a list of the ones I've found so far.
The main advantages of SirTunnel are:
Assuming you already have an ssh server running, getting the SirTunnel server
going consists of simply downloading a copy of Caddy and running it with the
provided config. Take a look at install.sh
and
run_server.sh
for details.
Note: Caddy needs to bind to port 443, either by running as root (not
recommended), setting the CAP_NET_BIND_SERVICE
capability on the Caddy binary
(what the install.sh
script does), or changing caddy_config.json
to bind
to a different port (say 9000) and using something like iptables to forward
to that port.
SirTunnel is intended to be a minimal tool. As such, I'm unlikely to add many features moving forward. However, the simplicity makes it easier to modify for your needs. If you find a feature missing, maybe one of the forks below has what you need or gives you some ideas: