awesome-tunneling/README.md

71 lines
6.6 KiB
Markdown
Raw Normal View History

2020-09-16 22:37:48 +02:00
The purpose of this list is to track and compare tunneling solutions. This is
2020-09-17 00:52:47 +02:00
primarily targeting toward developers and self-hosters who want to do things
like exposing a local webserver via a public address.
2020-09-16 22:37:48 +02:00
2020-09-17 20:59:04 +02:00
# The dream
I started this list because I'm looking for a simple tool/service that does the
following:
2020-09-20 22:04:46 +02:00
* Allows me to register a domain name and set the records to point it at the
server.
2020-09-17 20:59:04 +02:00
* Automatically sets up HTTPS (apex and wildcard) for the domain.
* Provides a client tool that tunnels TCP connects through the server without
requiring root on the client.
* Provides a web interface to allow me to map X domain/subdomain to Y port on
Z client, and proxy all connections to that domain.
2020-09-20 22:04:46 +02:00
So far I haven't found it.
2020-09-17 20:59:04 +02:00
2020-09-16 22:37:48 +02:00
2020-09-17 00:52:47 +02:00
# Things to look out for when comparing solutions
* Underlying multiplexing technology. In particular, if a solution uses
TCP-over-TCP (ie any of them that are built on SSH), it'll be subject to
rather severe [issues](http://sites.inka.de/bigred/devel/tcp-tcp.html).
* Source code availability. Some of the best options are closed source only.
* Does it require root to run the client? For example, anything built on
WireGuard will likely have great performance (on systems where it's built
into the kernel at least), but typically requires elevated permissions to
create the tun devices.
2020-09-17 01:09:15 +02:00
# The list
2020-09-16 22:37:48 +02:00
2020-09-17 20:50:36 +02:00
# Open source
* [frp](https://github.com/fatedier/frp) [![frp github stars badge](https://img.shields.io/github/stars/fatedier/frp?style=flat)](https://github.com/fatedier/frp/stargazers) - Seems to be a pretty comprehensive open alternative to ngrok.
* [ngrok 1.0](https://github.com/inconshreveable/ngrok) [![ngrok 1.0 github stars badge](https://img.shields.io/github/stars/inconshreveable/ngrok?style=flat)](https://github.com/inconshreveable/ngrok/stargazers) - Original version of ngrok. No longer developed in favor of the commercial 2.0 version.
* [localtunnel](https://github.com/localtunnel) [![localtunnel github stars badge](https://img.shields.io/github/stars/localtunnel/localtunnel?style=flat)](https://github.com/localtunnel/localtunnel/stargazers) - Written in node. Popular suggestion.
* [inlets](https://github.com/inlets) [![inlets github stars badge](https://img.shields.io/github/stars/inlets/inlets?style=flat)](https://github.com/inlets/inlets/stargazers) - Open source ngrok alternative. Has pro option.
* [sshuttle](https://github.com/sshuttle/sshuttle) [![sshuttle github stars badge](https://img.shields.io/github/stars/sshuttle/sshuttle?style=flat)](https://github.com/sshuttle/sshuttle/stargazers) - Open source project originally from one of the founders of Tailscale. Server doesn't require root; client does. Explicitly designed to avoid TCP-over-TCP issues.
* [chisel](https://github.com/jpillora/chisel) [![chisel github stars badge](https://img.shields.io/github/stars/jpillora/chisel?style=flat)](https://github.com/jpillora/chisel/stargazers) - Another HTTPS+SSH option.
* [expose](https://github.com/beyondcode/expose) [![expose github stars badge](https://img.shields.io/github/stars/beyondcode/expose?style=flat)](https://github.com/beyondcode/expose/stargazers) - ngrok alternative written in PHP.
2020-09-20 21:38:38 +02:00
* [teleconsole](https://www.teleconsole.com/) [![teleconsole github stars badge](https://img.shields.io/github/stars/gravitational/teleconsole?style=flat)](https://github.com/gravitational/teleconsole/stargazers) - SSH-based, but uses special client script. Focused on forwarding SSH console sessions, but can also forward ports.
2020-09-17 20:50:36 +02:00
* [go-http-tunnel](https://github.com/mmatczuk/go-http-tunnel) [![go-http-tunnel github stars badge](https://img.shields.io/github/stars/mmatczuk/go-http-tunnel?style=flat)](https://github.com/mmatczuk/go-http-tunnel/stargazers) - Uses a single HTTP/2 connection for muxing, so likely avoids TCP-over-TCP issues. Need to manually generate certs for server and clients.
* [sish](https://github.com/antoniomika/sish) [![sish github stars badge](https://img.shields.io/github/stars/antoniomika/sish?style=flat)](https://github.com/antoniomika/sish/stargazers) - Open source ngrok/serveo alternative. SSH-based but uses a custom server written in Go. Supports WebSocket tunneling.
* [PageKite](https://pagekite.net/) [![pagekite github stars badge](https://img.shields.io/github/stars/pagekite/PyPagekite?style=flat)](https://github.com/pagekite/PyPagekite/stargazers) - Comprehensive open source solution with hosted options.
* [slt](https://github.com/inconshreveable/slt) [![slt github stars badge](https://img.shields.io/github/stars/inconshreveable/slt?style=flat)](https://github.com/inconshreveable/slt/stargazers) - Open source TLS proxy from the creator of ngrok. Supports SNI.
* [tunneller](https://github.com/skx/tunneller) [![tunneller github stars badge](https://img.shields.io/github/stars/skx/tunneller?style=flat)](https://github.com/skx/tunneller/stargazers) - Open source. Written in Go.
* [docker-tunnel](https://github.com/vitobotta/docker-tunnel) [![docker-tunnel github stars badge](https://img.shields.io/github/stars/vitobotta/docker-tunnel?style=flat)](https://github.com/vitobotta/docker-tunnel/stargazers) - Simple Docker-based nginx+SSH solution.
* [holepunch.io](https://holepunch.io) [![holepunch github stars badge](https://img.shields.io/github/stars/CypherpunkArmory/holepunch?style=flat)](https://github.com/CypherpunkArmory/holepunch/stargazers) - Has nice hosted solution. Uses SSH for muxing.
* [Telebit](https://telebit.cloud/) - Written in JS. [Code](https://git.coolaj86.com/coolaj86/telebit.js).
# Commerical/Closed source
2020-09-17 00:45:24 +02:00
* [ngrok 2.0](https://ngrok.com/) - Probably the gold standard and most popular. Closed source. Lots of features, including TLS and TCP tunnels. Doesn't require root to run client.
2020-09-16 22:37:48 +02:00
* [CloudFlare Argo Tunnel](https://www.cloudflare.com/products/argo-tunnel/) - $5/mo + $0.1/GB. Integrates with Argo smart routing. Client source code is [available](https://github.com/cloudflare/cloudflared).
* [serveo](https://serveo.net) - Mentioned quite a bit the last couple years, but appears to be down currently. Simply uses SSH for tunneling.
2020-09-17 00:45:24 +02:00
* [Tailscale](https://www.tailscale.com/) - Built on WireGuard. Closed source. Easy to use. Doesn't include an HTTPS proxy on the public side, but could be combined with nginx/Caddy/etc.
2020-09-16 22:37:48 +02:00
2020-09-17 01:09:15 +02:00
# Blog posts
* [Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse tunnelling](https://jerrington.me/posts/2019-01-29-self-hosted-ngrok.html)
2020-09-20 22:04:46 +02:00
* [Poor man's ngrok with tcp proxy and ssh reverse tunnel](https://dev.to/k4ml/poor-man-ngrok-with-tcp-proxy-and-ssh-reverse-tunnel-1fm)
2020-09-17 01:09:15 +02:00
# Discussions
2020-09-16 22:37:48 +02:00
* [HN comment about needing Namecheap + CloudFlare + ngrok](https://news.ycombinator.com/item?id=24475946).