wgtunnel is a simple WireGuard tunnel server. Clients can register themselves to the server with a single API request (done periodically in the background in case the server restarts), and then connect to a WireGuard endpoint on the server over UDP to tunnel.
Generated URLs are unique and are based on the WireGuard public key. Wildcards for each tunnel are also semi-supported, using hyphens instead of periods to allow for TLS.
This is used by Coder to create tunnels for trial/demo deployments with globally accessible URLs.
Deploy tunneld onto your server and configure it with environment variables or
flags. Point the DNS entries ${base_url} and *.${base_url} to the server. If
you want to use HTTPS, setup a proxy such as Caddy
in front of the server.
tunneld is available on GitHub releases or can be installed with:
$ go install github.com/coder/wgtunnel/cmd/tunneldor by running make build/tunneld.
You can also use the Docker image ghcr.io/coder/wgtunnel/tunneld.
Either use tunnel for easy usage from a terminal, or use the tunnelsdk
package to initiate a tunnel against the given API server URL. Remember to
store the private key for future tunnel sessions in a safe place, otherwise you
will get a new hostname!
tunnel can be installed with:
$ go install github.com/coder/wgtunnel/cmd/tunnelor by running make build/tunnel.
Licensed under the MIT license.