coolaj86/telebit.js
1
2
Fork 1
Code Issues 46 Pull Requests 2 Releases Activity

Compare commits

base: coolaj86:e16e5a34e6f96177ca922dc37b97f659963f926c
Branches Tags
coolaj86:stable
coolaj86:serviceman
coolaj86:master
coolaj86:params-parsing
coolaj86:next
coolaj86:wip
coolaj86:v0.19
coolaj86:readable
coolaj86:v0.10
coolaj86:v0.20.7
coolaj86:v0.20.6
coolaj86:v0.20.5
coolaj86:v0.19.28
coolaj86:v0.19.26
coolaj86:v0.19.25
coolaj86:v0.19.24
coolaj86:v0.19.23
coolaj86:v0.19.22
coolaj86:v0.19.21
coolaj86:v0.19.20
coolaj86:v0.19.18
coolaj86:v0.19.17
coolaj86:v0.19.16
coolaj86:v0.19.15
coolaj86:v0.19.14
coolaj86:v0.19.13
coolaj86:v0.19.12
coolaj86:v0.19.11
coolaj86:v0.19.10
coolaj86:v0.19.9
coolaj86:v0.19.8
coolaj86:v0.19.7
coolaj86:v0.19.6
coolaj86:v0.19.5
coolaj86:v0.19.4
coolaj86:v0.19.3
coolaj86:v0.19.2
coolaj86:v0.19.1
coolaj86:v0.19.0
coolaj86:v0.18.9
coolaj86:v0.18.8
coolaj86:v0.18.7
coolaj86:v0.18.6
coolaj86:v0.18.5
coolaj86:v0.18.4
coolaj86:v0.18.3
coolaj86:v0.18.2
coolaj86:v0.18.1
coolaj86:v0.17.0
coolaj86:v0.16.1
coolaj86:v0.16.0
coolaj86:v0.15.4
coolaj86:v0.15.3
coolaj86:v0.15.2
coolaj86:v0.15.1
coolaj86:v0.15.0
coolaj86:v0.13.3
coolaj86:v0.13.2
coolaj86:v0.13.1
coolaj86:v0.13.0
coolaj86:v0.12.0
coolaj86:v0.11.1
coolaj86:v0.11.0
coolaj86:v0.10.4
coolaj86:v0.10.3
coolaj86:v0.10.2
coolaj86:v0.10.1
coolaj86:v0.10.0
coolaj86:v0.9.9
coolaj86:v0.9.8
coolaj86:v0.9.7
coolaj86:v0.9.6
coolaj86:v0.9.5
coolaj86:v0.9.4
coolaj86:v0.9.3
coolaj86:v0.9.2
coolaj86:v0.9.1
coolaj86:v0.9.0
coolaj86:v0.8.1
coolaj86:v0.8.2
..
compare: coolaj86:a714d7a7c5a5c487d6083166aa5f47da0d5bef4b
Branches Tags
coolaj86:serviceman
coolaj86:master
coolaj86:params-parsing
coolaj86:stable
coolaj86:next
coolaj86:wip
coolaj86:v0.19
coolaj86:readable
coolaj86:v0.10
coolaj86:v0.20.7
coolaj86:v0.20.6
coolaj86:v0.20.5
coolaj86:v0.19.28
coolaj86:v0.19.26
coolaj86:v0.19.25
coolaj86:v0.19.24
coolaj86:v0.19.23
coolaj86:v0.19.22
coolaj86:v0.19.21
coolaj86:v0.19.20
coolaj86:v0.19.18
coolaj86:v0.19.17
coolaj86:v0.19.16
coolaj86:v0.19.15
coolaj86:v0.19.14
coolaj86:v0.19.13
coolaj86:v0.19.12
coolaj86:v0.19.11
coolaj86:v0.19.10
coolaj86:v0.19.9
coolaj86:v0.19.8
coolaj86:v0.19.7
coolaj86:v0.19.6
coolaj86:v0.19.5
coolaj86:v0.19.4
coolaj86:v0.19.3
coolaj86:v0.19.2
coolaj86:v0.19.1
coolaj86:v0.19.0
coolaj86:v0.18.9
coolaj86:v0.18.8
coolaj86:v0.18.7
coolaj86:v0.18.6
coolaj86:v0.18.5
coolaj86:v0.18.4
coolaj86:v0.18.3
coolaj86:v0.18.2
coolaj86:v0.18.1
coolaj86:v0.17.0
coolaj86:v0.16.1
coolaj86:v0.16.0
coolaj86:v0.15.4
coolaj86:v0.15.3
coolaj86:v0.15.2
coolaj86:v0.15.1
coolaj86:v0.15.0
coolaj86:v0.13.3
coolaj86:v0.13.2
coolaj86:v0.13.1
coolaj86:v0.13.0
coolaj86:v0.12.0
coolaj86:v0.11.1
coolaj86:v0.11.0
coolaj86:v0.10.4
coolaj86:v0.10.3
coolaj86:v0.10.2
coolaj86:v0.10.1
coolaj86:v0.10.0
coolaj86:v0.9.9
coolaj86:v0.9.8
coolaj86:v0.9.7
coolaj86:v0.9.6
coolaj86:v0.9.5
coolaj86:v0.9.4
coolaj86:v0.9.3
coolaj86:v0.9.2
coolaj86:v0.9.1
coolaj86:v0.9.0
coolaj86:v0.8.1
coolaj86:v0.8.2

No commits in common. "e16e5a34e6f96177ca922dc37b97f659963f926c" and "a714d7a7c5a5c487d6083166aa5f47da0d5bef4b" have entirely different histories.
e16e5a34e6 ... a714d7a7c5

14 changed files with 130 additions and 663 deletions
Show Stats Expand all files Collapse all files

16
bin/telebit-remote.js
View File

@ -46,13 +46,7 @@ if (-1 !== argIndex) {
}
function help() {
var keys = Object.keys(TPLS.help).filter(function (key) {
return 'remote' !== key;
});
var key = keys.filter(function (key) {
return -1 !== process.argv.indexOf(key);
})[0] || 'remote';
console.info(TPLS.help[key].replace(/{version}/g, pkg.version));
console.info(TPLS.remote.help.main.replace(/{version}/g, pkg.version));
}
var verstr = [ pkg.name + ' remote v' + pkg.version ];
@ -61,9 +55,7 @@ if (!confpath) {
verstr.push('(--config \'' + confpath.replace(new RegExp('^' + os.homedir()), '~') + '\')');
}
if ([ '-h', '--help', 'help' ].some(function (arg) {
return -1 !== argv.indexOf(arg);
})) {
if (-1 !== argv.indexOf('-h') || -1 !== argv.indexOf('--help')) {
help();
process.exit(0);
}
@ -367,9 +359,7 @@ var utils = {
require('../usr/share/install-launcher.js').install({ env: process.env }, function (err) {
if (err) { fn(err); return; }
opts._taketwo = true;
setTimeout(function () {
utils.request(opts, fn);
}, 2500);
utils.request(opts, fn);
});
return;
}

127
bin/telebitd.js
View File

@ -480,31 +480,25 @@ function serveControlsHelper() {
}
function restart() {
console.info("[telebitd.js] server closing...");
state.keepAlive.state = false;
if (myRemote) {
myRemote.end();
myRemote.on('end', respondAndClose);
// failsafe
setTimeout(function () {
console.info("[telebitd.js] closing too slowly, force quit");
respondAndClose();
}, 5 * 1000);
} else {
respondAndClose();
}
function respondAndClose() {
// failsafe
setTimeout(function () {
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify({ success: true }));
controlServer.close(function () {
console.info("[telebitd.js] server closed");
setTimeout(function () {
// system daemon will restart the process
process.exit(22); // use non-success exit code
}, 100);
});
}
setTimeout(function () {
process.exit(33);
}, 500);
}, 5 * 1000);
if (myRemote) { myRemote.end(); }
controlServer.close(function () {
res.setHeader('Content-Type', 'application/json');
res.end(JSON.stringify({ success: true }));
setTimeout(function () {
// system daemon will restart the process
process.exit(22); // use non-success exit code
}, 500);
});
}
function invalidConfig() {
@ -695,10 +689,8 @@ function serveControls() {
}
console.info("[info] connecting with stored token");
return safeStartTelebitRemote().catch(function (err) {
return safeStartTelebitRemote().catch(function (/*err*/) {
// ignore, it'll keep looping anyway
console.warn("[debug] error that (supposedly) shouldn't matter:");
console.warn(err);
});
}
@ -814,19 +806,18 @@ function safeStartTelebitRemote(forceOn) {
// this won't restart either
trPromise = rawStartTelebitRemote(state.keepAlive);
trPromise.then(function () {
console.log("[debug] success on raw start, keepAlive = true");
//console.log("I'm RIGHT HERE!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
state.keepAlive.state = true;
trPromise = null;
}).catch(function () {
console.log("[debug] failure on raw start, { keepAlive = true }");
//console.log("I FAILED US ALL!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
// this will restart
state.keepAlive = { state: true };
trPromise = rawStartTelebitRemote(state.keepAlive);
trPromise.then(function () {
console.log("[debug] success on 2nd start keepAlive:", state.keepAlive.state);
trPromise = null;
}).catch(function () {
console.log("[debug] failure on 2nd start. keepAlive", state.keepAlive.state);
//console.log('DEBUG state.keepAlive turned off and remote quit');
trPromise = null;
});
});
@ -924,9 +915,7 @@ function rawStartTelebitRemote(keepAlive) {
function onConnect() {
console.info('[connect] relay established');
myRemote.removeListener('error', onConnectError);
myRemote.once('error', function (err) {
console.log("[debug] Error after connect.");
console.log(err);
myRemote.once('error', function () {
if (!keepAlive.state) {
reject(err);
return;
@ -939,16 +928,20 @@ function rawStartTelebitRemote(keepAlive) {
function onConnectError(err) {
myRemote = null;
if (handleError(err, 'onConnectError')) {
// Likely causes:
// * DNS lookup failed (no Internet)
// * Rejected (bad authn)
if ('ENOTFOUND' === err.code) {
// DNS issue, probably network is disconnected
if (!keepAlive.state) {
reject(err);
return;
}
console.warn('[Warn] onConnectError: network error, will retry', err);
safeReload(10 * 1000).then(resolve).catch(reject);
return;
}
console.error('[Error] onConnectError: no retry (possibly bad auth):');
console.error(err);
console.error('[Error] onConnectError: no retry (possibly bad auth)', err);
reject(err);
return;
}
@ -986,68 +979,32 @@ function rawStartTelebitRemote(keepAlive) {
return startHelper();
}
function handleError(err, prefix) {
// Likely causes:
// * DNS lookup failed (no Internet)
// * Rejected (bad authn)
if ('ENOTFOUND' === err.code) {
// DNS issue, probably network is disconnected
err.message = [
'[warn] (' + prefix + '): DNS address not found.'
, ' Either the remote does not exist or local network is down or blocked.'
, ' You might check wifi, eth, paywall, etc.'
].join('\n');
if (keepAlive.error !== err.code) {
console.warn(err.message);
keepAlive.error = err.code;
console.warn("(retrying silently)");
}
return true;
} else if ('ECONNREFUSED' === err.code) {
// Server issue. If it's the development server, it's probably down
err.message = [
'[warn] onConnectError: Connection Refused.'
, ' Either the remote does not exist or local network is blocking it.'
, ' Is the relay service provider\'s website up? Did you make a typo?'
, ' Is there a local firewall or paywall? Might the relay be otherwise blocked?'
].join('\n');
if (keepAlive.error !== err.code) {
console.warn(err.message);
keepAlive.error = err.code;
console.warn("(retrying silently)");
}
return true;
}
}
// get the wss url
function retryWssLoop(err) {
if (!keepAlive.state) {
console.log("[debug] error getting wss url:");
console.log(err);
return PromiseA.reject(err);
}
myRemote = null;
if (handleError(err, 'retryWssLoop')) {
// Always retry at this stage. It *is* a connectivity problem.
// Since the internet is disconnected, try again and again and again.
return safeReload(2 * 1000);
} else {
console.error("[error] retryWssLoop (will not retry):");
console.error(err.message);
return PromiseA.reject(err);
if (!err) {
return startHelper();
}
if ('ENOTFOUND' === err.code) {
// The internet is disconnected
// try again, and again, and again
return safeReload(2 * 1000);
}
return PromiseA.reject(err);
}
// It makes since for this to be in here because the server
// could be restarting to force a change of the metadata
return promiseWss(state).then(function (wss) {
state.wss = wss;
console.log("[debug] got wss url");
keepAlive.error = null;
return startHelper();
}).catch(retryWssLoop);
}).catch(function (err) {
return retryWssLoop(err);
});
});
}

432
lib/en-us.toml
View File

@ -1,367 +1,78 @@
[help]
[remote]
[remote.help]
remote = "telebit remote v{version}
main = "telebit remote v{version}
Telebit Remote is the T-Rex long-arm of the Internet. UNSTOPPABLE!
Using reliable HTTPS tunneling to establishing peer-to-peer connections,
Telebit is empowering the next generation of tinkerers. Access your devices.
Share your stuff. Be UNSTOPPABLE! (Join us at https://ppl.family)
Telebit is a tool for helping you access your devices and share your stuff.
Usage:
telebit [flags] <command> [arguments]
ex: telebit http ~/Public
The flags are:
--config <path> specify config file (default is ~/.config/telebit/telebit.yml)
--json output json instead of text, if available
-h,--help display this menu (or sub-command menus)
The commands are:
status show status and configuration info
http access files, folders, and local apps via https (secure)
ssh enable remote access to this device with ssh-over-https
ssh (client) access devices via ssh-over-https (telebit, stunnel, openssl, etc)
tcp forward tcp locally
enable turn on remote access and sharing
disable turn off remote access and sharing
activate start and register the telebit service
disable stop and unregister the telebit service
http access files, folders, and local apps via https (secure)
ssh (local) enable remote access to this device with ssh-over-https
ssh (remote) access devices via ssh-over-https (telebit, stunnel, openssl, etc)
tcp forward tcp locally
config (doc) config file format and settings
client (doc) vpn, ftp, rsync, scp, ssh-proxy, sclient
Use \"telebit help [command]\" for more information about a command, including flags.
Use \"telebit help [command]\" for more information about a command.
Additional help topics:
config config file format and settings
ssh (proxy) ssh over https and proxy commands
ftp secure ftp file transfer between devices
rsync rsync over https and proxy commands
vpn home network access and private web browsing via socks5
daemon telebit daemon secure background service
relay telebit secure relay, hosted, and self-hosting options
Copyright 2015-2018 AJ ONeal https://telebit.cloud MPL-2.0 Licensed (RAWR!)"
Copyright 2015-2018 https://telebit.cloud MPL-2.0 Licensed"
client = "telebit client v{version}
http = "usage: telebit http <path/port/none> [subdomain]
ftp secure ftp file transfer between devices
rsync rsync over https and proxy commands
scp scp over https and proxy commands
sclient use the sclient emebbed within telebit
ssh-proxy ssh over https and proxy commands
vpn (client) home network access and private web browsing via socks5
Use \"telebit help [command]\" for more information about a command, including flags.
Copyright 2015-2018 AJ ONeal https://telebit.cloud MPL-2.0 Licensed (RAWR!)"
status = "usage: telebit status <path/port/none> [subdomain]
'telebit status' shows details about the current connections (or lack thereof).
Example:
Status: RAWR! (uptime: 45 minutes)
Forwarding ssh+https://jon.telebit.io => localhost:22
Forwarding https://client.jon.telebit.io => localhost:3000
Serving https://public.jon.telebit.io from ~/Public
Syncing ~/shared => home.jon.telebit.io:shared
Relay: https://telebit.cloud
Launcher: user
Additional help topics: enable, disable"
enable = "Enable Telebit - Re-enable and accept incoming connections
usage: telebit enable
enable Re-enable incoming connections for https, ssh, etc"
disable = "Disable Telebit - Reject https, ssh, and tcp connections
usage: telebit disable
disable (Temporarily) reject incoming connections for https,
ssh, etc without deleting the current configuration.
Perists on restart, but can be re-enabled remotely
(with your authorization only)."
activate = "Activate Telebit - Start telebit (if not running) and register a launcher
Usage:
telebit activate [flags]
ex: telebit activate --launcher none
The flags may be exactly one of:
--no-launcher uregister any launchers (start manually)
--user-launcher (default) register an unprivileged launcher (start on login)
--system-launcher register with the system launcher (start on boot)
Note: telebit relies on the system launcher to recover from certain error conditions"
deactivate = "Deactivate Telebit - Unregister userspace (or system) launcher and stop
Usage:
telebit deactivate [flags]
ex: telebit deactivate --keep alive
The flags are:
--keep-launcher stop telebit without unregistering the launcher
--keep-alive unregister launcher without stopping"
http = "Telebit HTTP - The UNSTOPPABLE way to share files, folders, and local apps.
usage: telebit http <path/port/none> [subdomain]
'telebit http' is the fastest way to share files, folders, and local apps.
http <DIR> [subdomain] serve a file, folder, or node express app
ex: telebit http ~/Public pub ex: securely host ~/Public as pub.johndoe.telebit.io
ex: telebit http ~/Public pub securely host ~/Public as pub.johndoe.telebit.io
http <PORT> [subdomain] forward all https traffic to a local app
ex: telebit http 3000 app ex: publicize localhost:3000 as app.johndoe.telebit.io
ex: telebit http 3000 app publicize localhost:3000 as app.johndoe.telebit.io
http none [subdomain] remove secure http access for (any or all) subdomain(s)
ex: telebit http none ex: remove all https access
Use cases:
- Lazy man's AirDrop (works or lazy women too!)
- Testing dev sites on a phone
- Sharing indie music and movies with friends"
ssh = "Telebit SSH - The UNSTOPPABLE way to remote into your devices.
usage: telebit ssh <auto|port>
All https traffic will be inspected to see if it looks like ssh Once enabled all traffic that looks
ssh auto Make ssh Just Works (on port 22)
ssh <port> forward ssh traffic to non-standard port
ex: telebit ssh 22 ex: explicitly forward ssh-looking packets to localhost:22
Telebit SSH Client
usage: telebit ssh <remote> [ssh flags and options]
This is just a shortcut for \"ssh\", with all ssh-over-https options turned on.
ssh <remote> Make ssh Just Work (over https)
ex: telebit ssh jon.telebit.io ex:
\"telebit help ssh-proxy\" for more info
Use cases:
- Access your home computer from work.
- Access your work computer from home.
- Good ol' fashioned screen/tmux style pair programming"
ssh-proxy = "Proxying SSH over HTTPS
Wrapping SSH in HTTPS makes it accessible anywhere and also makes it routable.
Whether inside a harsh network environment or even if hindered by a poorly
configured firewall, once wrapped in tls, ssh becomes UNSTOPPABLE.
Usage:
telebit ssh <remote> [ssh flags and options]
Example:
telebit ssh jon.telebit.io
It is NOT at all neccessary to use \"telebit ssh\", it's just a convenience.
Wanna know why, and the alternatives? Keep reading!
## History
When TLS sends an encrypted packet over the network it begins with a handshake
which shows the things like the tls version and the host SERVERNAME unencrypted
so that the remote server can respond with the correct certificate.
SSH was created well before TLS and has a completely different header. The good
news is that, unlike some other early internet protocols, it does have a header
with its name and version, but it doesn't have anything to identify the server.
## Telebit + SSH
Here's why:
When you're running ssh through an https tunnel (as telebit does) you
can't just use \"ssh me.example.com\" to get in. You have to tell ssh that you
want to use an https tunnel. Using \"telebit ssh\" as a client will specify
all of the correct ssh options.
However, when you want to connect to ssh over https, you either have to pass
the correct arguments or modify your ~/.ssh/config to use \"openssl s_client\".
We explain the different configurations below:
## SSH + openssl
The configuration that's most likely to work with what's already installed on
your machine is this:
Host jon.telebit.io
ProxyCommand openssl s_client -quiet -connect %h:443 -servername %h
Or you would call ssh directly, like this:
ssh jon.telebit.io -o ProxyCommand=\"openssl s_client -quiet -connect %h:443 -servername %h\"
It's rather simple, but it looks quite daunting.
## SSH + sclient
Because that looks a little hairy, we created \"sclient\", so that the example
could look a bit more digestible:
Host jon.telebit.io
ProxyCommand sclient %h
Or
ssh jon.telebit.io -o ProxyCommand=\"sclient %h\"
## Inverse SSH Tunnel (same as stunnel)
The commands above instruct ssh to open a pipe into openssl or sclient. If we
instead want to connect ssh to a local tunnel, it looks like this:
Host jon.telebit.io
Hostname localhost
Port 3000
HostKeyAlias jon.telebit.io
CheckHostIP no
RequestTTY force
Or
ssh localhost -p 3000 -t -o CheckHostIP=no -o HostKeyAlias=jon.telebit.io
## See also
telebit ftp
telebit vpn"
tcp = "Telebit TCP - Seemless connectivity to LEGACY apps.
Use 'telebit http' instead, where possible (including for ssh).
ex: telebit http none remove all https access
"
tcp = "
usage: telebit tcp <path/port/none>
'telebit tcp' is provided for seemless connectivity to legacy apps
tcp <local> [remote] forward tcp to <local> from <remote>
ex: telebit tcp 5050 6565 ex: forward tcp port 6565 locally to port 5050
ex: telebit tcp 5050 6565 forward tcp port 6565 locally to port 5050
tcp <path> [remote] show ftp-style directory listing
ex: telebit tcp ~/Public ex: show listing of ~/Public
ex: telebit tcp ~/Public show listing of ~/Public
tcp none [remote] disable tcp access for [remote] port
ex: telebit tcp none 6565 ex: remove access to port 6565
Use cases:
- Debugging plain TCP when troubleshooting a legacy app
- You can't install a secure client (like telebit, sclient, openssl, or stunnel)
ex: telebit tcp none 6565 remove access to port 6565
See also sclient <https://telebit.cloud/sclient> for connecting to legacy apps
with telebit-upscaled secure https access."
with telebit-upscaled secure https access.
"
scp = "Telebit (Client) scp
See \"telebit rsync\"."
rsync = "Telebit (Client) rsync - Sync files to or from another computer
Sync files and directories from one computer to another.
Usage:
telebit rsync [flags] <src> <dst> [arguments]
ex: telebit rsync -av home.jon.telebit.cloud:shared/ ~/shared/ --exclude=tmp
This is not a full implementation of rsync, but rather a convenience wrapper
around rsync which passes the correct options to ssh for https tunneling.
Due to the way telebit wraps rsync, all flags which take an argumnt must
go after the source and destination paths / addresses.
See also: telebit help ssh-proxy"
vpn = "Telebit (Client) vpn - Use with Firefox for UNSTOPPABLE web browsing
This provides a very easy-to-use, lightweight VPN known as Socks5 that can be
used directly by Firefox and Chrome without requiring administrator privileges.
Usage:
telebit vpn --socks5 <port> <remote>
ex: telebit vpn --socks5 6789 home.jon.telebit.io
The flags are:
--socks5 <port> You MUST specify the socks5 port
Firefox Configuration:
Firefox -> Preferences
Advanced -> Network
Connection -> Settings
Manual proxy configuration:
SOCKS Host: localhost
Port: 6789
SOCKS v5
Just like a full vpn client, it routes your IP traffic places through the VPN
server (which in this case is another one of your telebit devices), but only
for traffic in the configured browser. You can still access school and office
resources in the other browser (and other applications) the need to switch a
full VPN on and off.
As will all other telebit functionality, this use https tunneling and will not
be disrupted by unfavorable network conditions.
Use cases:
- Watch your US Netflix using your home IP while traveling abroad.
- Log into your router as if from inside your home network.
- Disregard poorly configured web proxies at school or work.
See also: telebit help ssh-proxy"
ftp = "Telebit (Client) Secure FTP
Alias of \"telebit rsync\"
The original FTP was superseded by sftp and then rsync a few decades ago,
however, sometimes we refer to its successors, generically, as \"FTP\"
(just like you might say \"hang up\" the phone).
## History
FTP is a legacy of the 1970s. It served its purpose well on local networks, but
was extremely dangerous on the Internet due to its lack of security and various
vulnerabilities. On some legacy systems it remains an easy target to steal
passwords and load viruses onto computers.
Although very few systems have ftp installed today (thank goodness), almost every
computer comes with rsync already installed and ready to go.
Use \"telebit rsync\" instead."
daemon = "telebit daemon v{version}
[daemon]
[daemon.help]
main = "telebit daemon v{version}
Usage:
@ -374,82 +85,3 @@ Additional help topics:
remote telebit cli remote control
Copyright 2015-2018 https://telebit.cloud MPL-2.0 Licensed"
config = "Telebit Config (docs)
There are TWO config files:
remote ~/.config/telebit/telebit.yml
daemon ~/.config/telebit/telebitd.yml
### Remote Config
This only specifies the ipc - socket path (dir), address, or pipe name.
All other options are handled by the daemon.
ipc: /Users/aj/.local/share/telebit/var/run/
### Daemon Config
relay: telebit.cloud the relay to use
secret: null HMAC secret for self-hosted relay
email: jon@example.com the email to authenticate
agree_tos: true agree to Telebit, Greenlock, & Let's Encrypt, ToS
community_member: true get rare but relevant community updates
telemetry: true contribute to project telemetry
servernames:
example.com: don't reject https traffic for example.com
wildcard: true allow assignment to subdomains
handler: ~/Public whether to use a static server by path or app by port
home.example.com:
wildcard: true
handler: 3000
ssh_auto: 22 forward ssh-ish traffic to port 22
See also: telebit help relay"
sclient = "sclient
Usage:
sclient [flags] <remote> [local]
ex: sclient whatever.com:443 localhost:3000
ex: sclient whatever.com -
ex: printf \"GET / HTTP/1.1\\n\\n\" | sclient whatever.com
sclient is a standalane tls unwrapper. For convenience it's bundled with telebit
as the passthru subcommand \"telebit sclient\" and functions exactly the name.
telebit sclient [flags] <remote> [local]
ex: printf \"GET / HTTP/1.1\\n\\n\" | telebit sclient whatever.com
See https://telebit.cloud/sclient/"
relay = "Telebit Relay
We envision a future with better routers capable of providing reliable Internet
connectivity, and trusted peers bridging the gaps between unfavorable network
conditions.
We plan to always run telebit.cloud as a relay-as-a-service for convenience,
but it is our hope that, if your network conditions permit, you will also run
your own telebit relay for your friends, family, and yourself.
See https://git.coolaj86.com/coolaj86/telebit-relay.js"
in-n-out = "Telebit Secret Menu
The secret flags are:
--profile <name> Use config files, sockets, and pipes with this name.
For debugging and development. (default: telbit, telebitd)
--set-profile <name> Switch from the default profile
--address <path|host:port> Use explicit socket path (or address) or pipe name
Overrides \"--profile\""
[remote]
version = "telebit remote v{version}"
[daemon]
version = "telebit daemon v{version}"

31
lib/html/css/main.css
View File

@ -1,31 +0,0 @@
body {
font-family: Source Sans Pro, sans-serif;
font-size: 18px;
color: #1a1a1a;
letter-spacing: -0.022222222em;
line-height: 1.33;
margin: 0;
text-align: center;
padding: 2em 0 2em 0;
}
code {}
code, pre {
font-family: Source Code Pro, monospace;
}
.code-block {
text-align: left;
display: inline-block;
}
span.logo {
font-size: 1.666em;
font-weight: bold;
}
p {margin-bottom: 0.5em;margin-top: 1.5em;}

BIN
lib/html/fonts/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
View File

Binary file not shown.

BIN
lib/html/fonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
View File

Binary file not shown.

BIN
lib/html/fonts/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
View File

Binary file not shown.

76
lib/html/index.html
View File

@ -3,87 +3,39 @@
<head>
<title>Telebit</title>
<meta charset="utf-8">
<link href="./css/main.css" rel="stylesheet">
<style>
@font-face {
font-family: 'Source Sans Pro';
font-style: normal;
font-display: block;
font-weight: 400;
src: local('Source Sans Pro Regular'), local('SourceSansPro-Regular'), url(./fonts/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2) format('woff2');
unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
}
@font-face {
font-family: 'Source Sans Pro';
font-style: normal;
font-weight: 700;
font-display: block;
src: local('Source Sans Pro Bold'), local('SourceSansPro-Bold'), url(./fonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2) format('woff2');
unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
}
@font-face {
font-family: 'Source Code Pro';
font-style: normal;
font-weight: 400;
src: local('Source Code Pro'), local('SourceCodePro-Regular'), url(./fonts/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2) format('woff2');
unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
}
</style>
<link rel="preload" href="./fonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2" as="font" crossorigin="anonymous">
<link rel="preload" href="./fonts/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2" as="font" crossorigin="anonymous">
<link rel="preload" href="./fonts/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2" as="font" crossorigin="anonymous">
</head>
<body>
<script>document.body.hidden = true;</script>
<!-- let's define our SVG that we will use later -->
<svg width="0" height="0" viewBox="0 0 24 24">
<defs>
<g id="svg-lock">
<path d="M0 0h24v24H0z" fill="none"/>
<path d="M18 8h-1V6c0-2.76-2.24-5-5-5S7 3.24 7 6v2H6c-1.1 0-2 .9-2 2v10c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2zm-6 9c-1.1 0-2-.9-2-2s.9-2 2-2 2 .9 2 2-.9 2-2 2zm3.1-9H8.9V6c0-1.71 1.39-3.1 3.1-3.1 1.71 0 3.1 1.39 3.1 3.1v2z"/>
</g>
</defs>
</svg>
<span class="logo">Telebit</span>
<h1>Welcome Home <!-- as in 127.0.0.1, y'know ;) --></h1>
<div>Go ahead and bookmark this page. It's yours now.</div>
<p>Go ahead and bookmark this page. It's yours now.</p>
<div>
<h2>You've claimed <span class="js-servername">{{servername}}</span></h2>
<p>Here's some ways you can use it:</p>
<div class="code-block">
<pre><code>telebit http ~/Public # serve a public folder
<pre><code>
telebit http 3000 # forward all https traffic to localhost:3000
telebit http /path/to/module # handle incoming https traffic with a node module
telebit http none # remove all https handlers</code></pre>
</div>
</div>
<p>You can <em>always</em> tunnel <strong>SSH over HTTPS</strong>,
even while you're using it for something else:</p>
<div class="code-block"><pre><code>telebit ssh auto</code></pre>
<br>
<pre><code>telebit ssh <span class="js-servername">{{servername}}</span></code></pre>
- or -
<pre><code>ssh -o ProxyCommand='<a href="https://telebit.cloud/sclient">sclient</a> %h' <span class="js-servername">{{servername}}</span></code></pre>
- or -
<pre><code>proxy_cmd='openssl s_client -connect %h:443 -servername %h -quiet'
ssh -o ProxyCommand="$proxy_cmd" <span class="js-servername">{{servername}}</span></code></pre>
</div>
<pre><code>ssh -o ProxyCommand='openssl s_client -connect %h:443 -servername %h -quiet' <span class="js-servername">{{servername}}</span></code></pre>
<p>You can <em>always</em> use this port for <strong>SSH over HTTPS</strong>, even while you're using it for something else:</p>
<pre><code>
ssh -o ProxyCommand='openssl s_client -connect %h:443 -servername %h -quiet' <span class="js-servername">{{servername}}</span></code></pre>
<div class="js-port" hidden>
<h2>You've claimed port <span class="js-serviceport">{{serviceport}}</span></h2>
<p>Here's some ways you can use it:</p>
<div class="code-block"><pre><code>telebit tcp 3000 # forward all tcp traffic to localhost:3000
<pre><code>
telebit tcp 3000 # forward all tcp traffic to localhost:3000
telebit tcp /path/to/module # handle incoming tcp traffic with a node module
telebit tcp none # remove all tcp handlers</code></pre>
</div>
<p>You can <em>always</em> use this port for <strong>SSH</strong>, even while you're using it for something else:</p>
<div class="code-block"><pre><code>telebit ssh 22
ssh <span class="js-servername">{{servername}}</span> -p <span class="js-serviceport">{{serviceport}}</span></code></pre></div>
</div>
<p>You can <em>always</em> use this port for <strong>SSH</strong>, even while you're using it for something else:</p>
<pre><code>telebit ssh 22
ssh <span class="js-servername">{{servername}}</span> -p <span class="js-serviceport">{{serviceport}}</span></code></pre>
<script src="js/app.js"></script>
</body>

4
lib/remote.js
View File

@ -472,12 +472,12 @@ function TelebitRemote(state) {
priv.timeoutId = null;
var machine = Packer.create(packerHandlers);
console.info("[telebit:lib/remote.js] [connect] '" + (state.wss || state.relay) + "'");
console.info("[connect] '" + (state.wss || state.relay) + "'");
var tunnelUrl = (state.wss || state.relay).replace(/\/$/, '') + '/'; // + auth;
wstunneler = new WebSocket(tunnelUrl, { rejectUnauthorized: !state.insecure });
// XXXXXX
wstunneler.on('open', function () {
console.info("[telebit:lib/remote.js] [open] connected to '" + (state.wss || state.relay) + "'");
console.info("[open] connected to '" + (state.wss || state.relay) + "'");
me.emit('connect');
priv.refreshTimeout();
priv.timeoutId = setTimeout(priv.checkTimeout, activityTimeout);

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "telebit",
"version": "0.20.4",
"version": "0.20.0-wip",
"description": "Break out of localhost. Connect to any device from anywhere over any tcp port or securely in a browser. A secure tunnel. A poor man's reverse VPN.",
"main": "lib/remote.js",
"files": [

4
usr/share/dist/Library/LaunchDaemons/cloud.telebit.remote.plist.tpl vendored
View File

@ -54,8 +54,8 @@
<string>{TELEBIT_PATH}</string>
<key>StandardErrorPath</key>
<string>{TELEBIT_LOG_DIR}/telebit.log</string>
<string>{TELEBIT_LOG_DIR}/error.log</string>
<key>StandardOutPath</key>
<string>{TELEBIT_LOG_DIR}/telebit.log</string>
<string>{TELEBIT_LOG_DIR}/info.log</string>
</dict>
</plist>

4
usr/share/dist/etc/skel/Library/LaunchAgents/cloud.telebit.remote.plist.tpl vendored
View File

@ -63,8 +63,8 @@
<string>{TELEBIT_PATH}</string>
<key>StandardErrorPath</key>
<string>{TELEBIT_LOG_DIR}/telebit.log</string>
<string>{TELEBIT_LOG_DIR}/error.log</string>
<key>StandardOutPath</key>
<string>{TELEBIT_LOG_DIR}/telebit.log</string>
<string>{TELEBIT_LOG_DIR}/info.log</string>
</dict>
</plist>

34
usr/share/install-launcher.js
View File

@ -11,7 +11,7 @@ Launcher._killAll = function (fn) {
var psList = require('ps-list');
psList().then(function (procs) {
procs.forEach(function (proc) {
if ('node' === proc.name && /\btelebit(d| daemon)\b/i.test(proc.cmd)) {
if ('node' === proc.name && /\btelebitd\b/i.test(proc.cmd)) {
console.log(proc);
process.kill(proc.pid);
return true;
@ -45,7 +45,37 @@ Launcher._detect = function (things, fn) {
}
}
require('./which.js').launcher(things._execOpts, fn);
// could have used "command-exists" but I'm trying to stay low-dependency
// os.platform(), os.type()
if (!/^win/i.test(os.platform())) {
if (/^darwin/i.test(os.platform())) {
exec('command -v launchctl', things._execOpts, function (err, stdout, stderr) {
err = Launcher._getError(err, stderr);
fn(err, 'launchctl');
});
} else {
exec('command -v systemctl', things._execOpts, function (err, stdout, stderr) {
err = Launcher._getError(err, stderr);
fn(err, 'systemctl');
});
}
} else {
// https://stackoverflow.com/questions/17908789/how-to-add-an-item-to-registry-to-run-at-startup-without-uac
// wininit? regedit? SCM?
// REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "My App" /t REG_SZ /F /D "C:\MyAppPath\MyApp.exe"
// https://www.microsoft.com/developerblog/2015/11/09/reading-and-writing-to-the-windows-registry-in-process-from-node-js/
// https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/reg-add
// https://social.msdn.microsoft.com/Forums/en-US/5b318f44-281e-4098-8dee-3ba8435fa391/add-registry-key-for-autostart-of-app-in-ice?forum=quebectools
// utils.elevate
// https://github.com/CatalystCode/windows-registry-node
exec('where reg.exe', things._execOpts, function (err, stdout, stderr) {
//console.log((stdout||'').trim());
if (stderr) {
console.error(stderr);
}
fn(err, 'reg.exe');
});
}
};
Launcher.install = function (things, fn) {
if (!fn) { fn = function (err) { if (err) { console.error(err); } }; }

63
usr/share/which.js
View File

@ -1,63 +0,0 @@
'use strict';
var os = require('os');
var exec = require('child_process').exec;
var which = module.exports;
which._getError = function getError(err, stderr) {
if (err) { return err; }
if (stderr) {
err = new Error(stderr);
err.code = 'EWHICH';
return err;
}
};
module.exports.which = function (cmd, execOpts, fn) {
return module.exports._which({
mac: cmd
, linux: cmd
, win: cmd
}, execOpts, fn);
};
module.exports.launcher = function (execOpts, fn) {
return module.exports._which({
mac: 'launchctl'
, linux: 'systemctl'
, win: 'reg.exe'
}, execOpts, fn);
};
module.exports._which = function (progs, execOpts, fn) {
// could have used "command-exists" but I'm trying to stay low-dependency
// os.platform(), os.type()
if (!/^win/i.test(os.platform())) {
if (/^darwin/i.test(os.platform())) {
exec('command -v ' + progs.mac, execOpts, function (err, stdout, stderr) {
err = which._getError(err, stderr);
fn(err, progs.mac);
});
} else {
exec('command -v ' + progs.linux, execOpts, function (err, stdout, stderr) {
err = which._getError(err, stderr);
fn(err, progs.linux);
});
}
} else {
// https://stackoverflow.com/questions/17908789/how-to-add-an-item-to-registry-to-run-at-startup-without-uac
// wininit? regedit? SCM?
// REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "My App" /t REG_SZ /F /D "C:\MyAppPath\MyApp.exe"
// https://www.microsoft.com/developerblog/2015/11/09/reading-and-writing-to-the-windows-registry-in-process-from-node-js/
// https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/reg-add
// https://social.msdn.microsoft.com/Forums/en-US/5b318f44-281e-4098-8dee-3ba8435fa391/add-registry-key-for-autostart-of-app-in-ice?forum=quebectools
// utils.elevate
// https://github.com/CatalystCode/windows-registry-node
exec('where ' + progs.win, execOpts, function (err, stdout, stderr) {
//console.log((stdout||'').trim());
if (stderr) {
console.error(stderr);
}
fn(err, progs.win);
});
}
};