remoteingress allows a cluster to be on some computer behind a NAT, and have a RemotePublicConnector runing on a small VPS running somewhere in the cloud.
Go to file
2024-04-14 03:38:00 +02:00
.gitea/workflows fix(core): update 2024-03-24 14:44:44 +01:00
.vscode fix(core): update 2024-03-24 14:44:44 +01:00
test fix(core): update 2024-03-24 14:44:44 +01:00
ts fix(core): update 2024-04-14 03:38:00 +02:00
.dockerignore fix(core): update 2024-04-14 03:38:00 +02:00
.gitignore fix(core): update 2024-03-24 14:44:44 +01:00
cli.child.ts fix(core): update 2024-04-14 03:38:00 +02:00
cli.js fix(core): update 2024-04-14 03:38:00 +02:00
cli.ts.js fix(core): update 2024-04-14 03:38:00 +02:00
Dockerfile fix(core): update 2024-04-14 03:38:00 +02:00
npmextra.json fix(core): update 2024-04-14 03:38:00 +02:00
package.json 1.0.3 2024-04-14 03:38:00 +02:00
pnpm-lock.yaml fix(core): update 2024-04-14 03:38:00 +02:00
readme.hints.md fix(core): update 2024-04-14 03:38:00 +02:00
readme.md fix(core): update 2024-04-14 03:38:00 +02:00
tsconfig.json fix(core): update 2024-03-24 14:44:44 +01:00

@serve.zone/remoteingress

a remoteingress service for serve.zone

Install

To install @serve.zone/remoteingress, use the following command in your terminal:

npm install @serve.zone/remoteingress

This will download and install the remote ingress service and its dependencies in your project.

Usage

The @serve.zone/remoteingress package is designed to aid in creating secure and private tunnels to private networks, allowing external access to services within a private cluster as part of the @serve.zone stack. To utilize this package, you should have a basic understanding of network protocols and Node.js.

Getting Started

First, ensure you have Node.js installed on your system and that your project is set up to support TypeScript.

You will need to import the main components of the package, which are ConnectorPublic and ConnectorPrivate, depending on the role your application is playing. Typically, ConnectorPublic would run on a public server accessible from the internet, while ConnectorPrivate runs inside a private network, creating a secure tunnel to the ConnectorPublic instance.

Example Setup

Using ConnectorPublic

The ConnectorPublic part of the module is responsible for listening for incoming tunnel connections and forwarding requests to and from the ConnectorPrivate instance.

Example ConnectorPublic Usage:

import { ConnectorPublic } from '@serve.zone/remoteingress';

// Initialize ConnectorPublic
const publicConnector = new ConnectorPublic();

The above code initializes the ConnectorPublic, making it listen for incoming tunnel connections. In practical use, you would need to provide configurations, such as SSL certificates, to secure the tunnel communication.

Using ConnectorPrivate

The ConnectorPrivate component establishes a connection to the ConnectorPublic and routes traffic between the public interface and the private network.

Example ConnectorPrivate Usage:

import { ConnectorPrivate } from '@serve.zone/remoteingress';

// Initialize ConnectorPrivate with the host and port of the ConnectorPublic
const privateConnector = new ConnectorPrivate('public.example.com', 4000);

This example assumes your ConnectorPublic is accessible at public.example.com on port 4000. The ConnectorPrivate will establish a secure tunnel to this public endpoint and begin routing traffic.

Securely Setting Up The Tunnel

Security is paramount when creating tunnels that expose private networks. Ensure you use TLS encryption for your tunnels and validate certificates properly.

For both ConnectorPublic and ConnectorPrivate, you'll need to provide paths to your SSL certificate files or use a secure context set up with a recognized Certificate Authority (CA).

Security best practices:

  • Always use TLS to encrypt tunnel traffic.
  • Ensure your certificates are valid and up-to-date.
  • Consider using client certificates for ConnectorPrivate to authenticate to ConnectorPublic.
  • Monitor and possibly rate-limit connections to avoid abuse.

Advanced Configuration

Both ConnectorPublic and ConnectorPrivate allow for advanced configurations and handling to adjust to specific requirements, such as custom routing, handling different types of traffic (e.g., HTTP, HTTPS), and integrating with existing systems.

Conclusion

This module simplifies the process of setting up secure, remote ingress into private networks. By leveraging TLS and careful configuration, you can safely expose services within a private cluster to the outside world. Always prioritize security in your setup to protect your infrastructure and data.

For more detailed configuration options and advanced use cases, refer to the source code and additional documentation provided in the package.

This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the license file within this repository.

Please note: The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.

Trademarks

This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.

Company Information

Task Venture Capital GmbH
Registered at District court Bremen HRB 35230 HB, Germany

For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.

By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.