Task: set up a VM with a public IP, install inlets PRO and then connect a client to it, so that you have a secure HTTP tunnel for a HTTP service or server on your private network.
Reward: You'll get listed in this file and bragging rights. You can also get 10% off a personal license after you're done and Tweeted a screenshot.
Why? Understand how easy it can be to set up a self-hosted tunnel. Help the inlets community with feedback for the new RC and features.
Who's tried it so far?
- Create a VM with a public IP, install inlets PRO server and start it
- Create a DNS record for your subdomain
- Launch a local HTTP server or faasd on your computer, in a multipass VM or on your Raspberry Pi
- Install the inlets PRO client there and start it
Conceptual diagram with a Node.js microservice on port 3000
Access your private HTTP server or faasd instance via the domain using HTTPS.
You need a HTTP server - faasd makes a good candidate here, or the built-in HTTP server in inlets PRO for sharing files, similar to Python's SimpleHTTPServer.
The faasd instance could be on your Raspberry Pi, or running in multipass.
If you don't want to setup faasd, you can use the built-in filesharing server in inlest PRO instead:
mkdir /tmp/files/
uname -a > /tmp/files/uname
inlets-pro http fileserver \
--port 8080
--webroot /tmp/files/
-
Create a VM somewhere on GCP or DigitalOcean, make sure that you can SSH into it.
-
Configure the security group or firewall, if it's not already open - allow TCP/8123 (inlets control plane) and TCP/80 (Let's Encrypt ACME HTTP01 challenge) and TCP/443 (to serve traffic from the tunnel)
-
Install the inlets PRO RC on your new VM at
/usr/local/bin/
-
Then create a DNS A record for faasd.example.com with the IP
-
Get a token for logging in
export TOKEN=$(head -c 16 /dev/urandom | shasum | cut -d" " -f1)
- Then run
# Populate from previous step
export TOKEN=""
export PUBLIC_IP_OF_SERVER=""
inlets-pro http server \
--letsencrypt-domain faasd.example.com \
--letsencrypt-email you@example.com \
--letsencrypt-issuer prod \
--token $TOKEN \
--auto-tls \
--tls-san $PUBLIC_IP_OF_SERVER
This is the client part of the tunnel. Run it next to your local HTTP server, so on your faasd multipass instance or Raspberry Pi.
The binary for Raspberry Pi has a suffix of -armhf
on the downloads page.
-
Install the inlets PRO RC to
/usr/local/bin/
-
Run the client
# Save the 7-day trial license for the inlets PRO client
echo "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiaW5sZXRzIFJDIHRyaWFsIiwiZW1haWxfYWRkcmVzcyI6ImNvbnRhY3RAb3BlbmZhYXMuY29tIiwicHJvZHVjdHMiOlsiaW5sZXRzLXBybyJdLCJhdWQiOiJqd3QtbGljZW5zZSIsImV4cCI6MTYxMzIxNjI4MiwianRpIjoiODA4MSIsImlhdCI6MTYxMjYxMTQ4MiwiaXNzIjoiand0LWxpY2Vuc2UiLCJzdWIiOiJpbmxldHMgUkMgdHJpYWwifQ.dXYMO6guxldF5aQwJFNSW01EDhRxdP2kjoEnZi0hnwL53xAAiWqWtqsCNBz0cLfQtNUROKCbUBL5y8vj8AQJXA" > LICENSE.txt
# Populate from previous step
export TOKEN=""
export PUBLIC_IP_OF_SERVER=""
inlets-pro http client \
--url wss://$PUBLIC_IP_OF_SERVER:8123 \
--token $TOKEN \
--license-file ./LICENSE.txt \
--upstream http://127.0.0.1:8080
Now access your service at https://faasd.example.com
Send a tweet or screenshot to show it worked -> to @alexellisuk or @inletsdev
Did you like the experience? Could this tool be useful to you?
If you connected faasd, why not disconnect and try connecting the fileserver instead? Next time you need to download a big file or share something with a friend of colleague, you'll have a way to do that without third-parties.
Want to know what else it can do?
The first 10 people to try out the gist and to tweet will get 10% off the cost of an inlets PRO license. The personal license can be used at home and at work.
You can run the client and server component on Kubernetes
The Docker image is available at ghcr.io/inlets/inlets-pro:0.8.0-rc4-dirty