Friends don't let friends localhost™
A server that works in combination with Telebit Remote to allow you to serve http and https from any computer, anywhere through a secure tunnel.
- Expose your bits even in the harshest of network environments
- NAT, Home Routers
- College Dorms, HOAs
- Corporate Firewalls, Public libraries, Airports
- and even Airplanes, yep
- Automated HTTPS (Free SSL)
Mac & Linux
Open Terminal and run this install script:
curl -fsSL https://get.telebit.cloud/relay | bash
Of course, feel free to inspect the install script before you run it.
This will install Telebit Relay to
put a symlink to
You can customize the installation:
export NODEJS_VER=v10.2export TELEBITD_PATH=/opt/telebitdcurl -fsSL https://get.telebit.cloud/relay
That will change the bundled version of node.js is bundled with Telebit Relay and the path to which Telebit Relay installs.
You can get rid of the tos + email and server domain name prompts by providing them right away:
curl -fsSL https://get.telebit.cloud/relay | bash -- email@example.com telebit.example.com
Windows & Node.js
- Install node.js
- Open Node.js
- Run the command
npm install -g telebitd
Note: Use node.js v8.x or v10.x
There is a bug in node v9.x that causes telebitd to crash.
telebitd --config /etc/telebit/telebitd.yml
email: 'firstname.lastname@example.org' # must be valid (for certificate recovery and security alerts) agree_tos: true # agree to the Telebit, Greenlock, and Let's Encrypt TOSes community_member: true # receive infrequent relevant but non-critical updates telemetry: true # contribute to project telemetric data secret: '' # JWT authorization secret. Generate like so: # node -e "console.log(crypto.randomBytes(16).toString('hex'))" servernames: # hostnames that direct to the Telebit Relay admin console - telebit.example.com - telebit.example.net vhost: /srv/www/:hostname # securely serve local sites from this path (or false) # (uses template string, i.e. /var/www/:hostname/public) greenlock: store: le-store-certbot # certificate storage plugin config_dir: /etc/acme # directory for ssl certificates
The bottom line: As with everything in life, there is no such thing as anonymity or absolute security. Only use Telebit Relays that you trust or self-host. :D
Even though the traffic is encrypted end-to-end, you can't just trust any Telebit Relay willy-nilly.
A man-in-the-middle attack is possible using Let's Encrypt since an evil Telebit Relay would be able to complete the http-01 and tls-sni-01 challenges without a problem (since that's where your DNS is pointed when you use the service).
Also, the traffic could still be copied and stored for decryption is some era when quantum computers exist (probably never).
We created this for anyone to use on their own server or VPS, but those generally cost $5 - $20 / month and so it's probably cheaper to purchase data transfer, which is only $1/month for most people.
In keeping with our no lock-in policy, we release a version of the server for anyone to use independently.
TODO show how to do on
* Node WS Tunnel (zero setup) * Heroku (zero cost) * Chunk Host (best deal per TB/month)
As a systemd service
./dist/etc/systemd/system/telebitd.service should be copied to
The user and group
telebit should be created.
Use privileged ports without sudo
# Linuxsudo setcap 'cap_net_bind_service=+ep' $(which node)