reverst

module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 8, 2024 License: Apache-2.0

README

reverst: HTTP reverse tunnels over QUIC

Ti esrever dna ti pilf nwod gnaht ym tup i

Reverst is a (load-balanced) reverse-tunnel server and Go server-client library built on QUIC and HTTP/3.

  • Go Powered: Written in Go using quic-go
  • Compatible: The Go client package is built on net/http standard-library abstractions
  • Load-balanced: Run multiple instances of your services behind the same tunnel
  • Performant: Built on top of QUIC and HTTP/3

Tunnel Lifecycle

Usage

reverst tunnel server

➜  reverst -h
COMMAND
  reverst

USAGE
  reverst [FLAGS]

FLAGS
  -l, --log LEVEL                    debug, info, warn or error (default: INFO)
  -a, --tunnel-address STRING        address for accepting tunnelling quic connections (default: 127.0.0.1:7171)
  -s, --http-address STRING          address for serving HTTP requests (default: 127.0.0.1:8181)
  -g, --tunnel-groups STRING         path to tunnel groups configuration file (default: groups.yml)
  -n, --server-name STRING           server name used to identify tunnel via TLS (required)
  -k, --private-key-path STRING      path to TLS private key PEM file (required)
  -c, --certificate-path STRING      path to TLS certificate PEM file (required)
      --max-idle-timeout DURATION    maximum time a connection can be idle (default: 1m0s)
      --keep-alive-period DURATION   period between keep-alive events (default: 30s)

Client

Building

go install ./client/...

Usage

See ./client directory for more details.

Server

Building

go install ./cmd/...

Testing

Reverst uses Dagger to setup and run an integration test suite.

dagger call test --source=.

The test suite sets up a tunnel, registers a server-client to the tunnel and then requests the service through the tunnels HTTP interface.

Running

The following walks through experimenting with the ./examples/simple server example. This directory contains a number of things needed to stand up reverst and a registering client server:

  • The example service in ./examples/simple/main.go.
  • Simple self-signed TLS private key and certificate.
  • A tunnel-groups file for routing decisions.
Running reverst

The following runs the tunnel server with:

  • The QUIC tunnel listener on 127.0.0.1:7171
  • The HTTP serving listener on 127.0.0.1:8181
  • Logging with debug level
  • A TLS server-name of flipt.dev.local
  • Some tunnel group definitions with a single tunnel group
    • The group has the name flipt.dev.local
    • The group is reachable under the same host name
    • The group requires basic username and password authentication
  • The dummy TLS certificates
go run ./cmd/reverst/... -l debug \
    -n flipt.dev.local \
    -g examples/simple/group.yml \
    -k examples/simple/server.key \
    -c examples/simple/server.crt
Running example server

Now you can run the example server. This is a simple HTTP server that responds to all requests with PONG. It is setup to use the server client to register as a listener on the tunnel.

go run ./examples/simple/main.go --username user --password pass
Making requests

You can now curl the tunnel and requests will be forward all the way through to the example server. Be sure to include the Host header, as this is used to route requests to the respective tunnel-group.

curl -H 'Host: flipt.dev.local' 127.0.0.1:8181/fo

Directories

Path Synopsis
package client
 package client
cmd
reverst
examples
simple
internal
auth
config
roundrobbin
synctyped
pkg
protocol

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.