mirror of
https://github.com/rustdesk/rustdesk-server.git
synced 2026-02-17 14:06:14 +08:00
Compare commits
37 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
bd7bc52c43 | ||
|
34cbd57e71 | ||
|
|
46e9ecd47d | ||
|
|
d0770e6c06 | ||
|
|
f87372ead0 | ||
|
|
04efb7033c | ||
|
|
9bae9f2f39 | ||
|
|
7c2057c360 | ||
|
|
f61b31f04e | ||
|
|
bb455a3eb7 | ||
|
|
631618a6be | ||
|
|
34946219c3 | ||
|
|
5d1b4ba78a | ||
|
7e921be539 | ||
|
716041bac1 | ||
|
6b72cefbc5 | ||
|
386c83874c | ||
|
|
5cc309dc9f | ||
|
|
4e8d6d08e2 | ||
|
c8a5d41906 | ||
|
|
2c57e51ec5 | ||
|
|
796a75af5c | ||
|
|
f09b79c6da | ||
|
|
1e84478837 | ||
|
|
2417c7ddd0 | ||
|
235a3c326c | ||
|
e4c85764f9 | ||
|
c650217919 | ||
|
|
262a1d49f8 | ||
|
f0a6c3de0b | ||
|
|
621da3c8fe | ||
|
|
801826f36d | ||
|
|
8557c4ab82 | ||
|
|
1fd1a2a3b6 | ||
|
bcdfda43af | ||
|
|
11a1f99169 | ||
|
|
464a687043 |
11
.github/dependabot.yml
vendored
Normal file
11
.github/dependabot.yml
vendored
Normal file
@@ -0,0 +1,11 @@
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "gitsubmodule"
|
||||
directory: "/"
|
||||
target-branch: "master"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
commit-message:
|
||||
prefix: "Git submodule"
|
||||
labels:
|
||||
- "dependencies"
|
||||
150
.github/workflows/build.yaml
vendored
150
.github/workflows/build.yaml
vendored
@@ -4,8 +4,12 @@ name: build
|
||||
# please setup some secrets before running this workflow:
|
||||
# DOCKER_IMAGE should be the target image name on docker hub (e.g. "rustdesk/rustdesk-server-s6" )
|
||||
# DOCKER_IMAGE_CLASSIC should be the target image name on docker hub for the old build (e.g. "rustdesk/rustdesk-server" )
|
||||
# DOCKER_USERNAME is the username you normally use to login at https://hub.docker.com/
|
||||
# DOCKER_PASSWORD is a token you should create under "account settings / security" with read/write access
|
||||
# DOCKER_HUB_USERNAME is the username you normally use to login at https://hub.docker.com/
|
||||
# DOCKER_HUB_PASSWORD is a token you should create under "account settings / security" with read/write access
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
@@ -19,6 +23,8 @@ on:
|
||||
env:
|
||||
CARGO_TERM_COLOR: always
|
||||
LATEST_TAG: latest
|
||||
GHCR_IMAGE: ghcr.io/rustdesk/rustdesk-server-s6
|
||||
GHCR_IMAGE_CLASSIC: ghcr.io/rustdesk/rustdesk-server
|
||||
|
||||
jobs:
|
||||
|
||||
@@ -26,7 +32,7 @@ jobs:
|
||||
build:
|
||||
|
||||
name: Build - ${{ matrix.job.name }}
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
@@ -47,7 +53,7 @@ jobs:
|
||||
- name: Install toolchain
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: "1.81"
|
||||
toolchain: "1.90"
|
||||
override: true
|
||||
default: true
|
||||
components: rustfmt
|
||||
@@ -65,7 +71,7 @@ jobs:
|
||||
run: chmod -v a+x target/${{ matrix.job.target }}/release/*
|
||||
|
||||
- name: Publish Artifacts
|
||||
uses: actions/upload-artifact@v3
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: binaries-linux-${{ matrix.job.name }}
|
||||
path: |
|
||||
@@ -76,7 +82,7 @@ jobs:
|
||||
|
||||
build-win:
|
||||
name: Build - windows
|
||||
runs-on: windows-2019
|
||||
runs-on: windows-2022
|
||||
|
||||
steps:
|
||||
|
||||
@@ -88,7 +94,7 @@ jobs:
|
||||
- name: Install toolchain
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: "1.81"
|
||||
toolchain: "1.90"
|
||||
override: true
|
||||
default: true
|
||||
components: rustfmt
|
||||
@@ -155,7 +161,7 @@ jobs:
|
||||
recursive: false
|
||||
|
||||
- name: Publish Artifacts
|
||||
uses: actions/upload-artifact@v3
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: binaries-windows-x86_64
|
||||
path: |
|
||||
@@ -172,7 +178,7 @@ jobs:
|
||||
needs:
|
||||
- build
|
||||
- build-win
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
@@ -187,7 +193,7 @@ jobs:
|
||||
steps:
|
||||
|
||||
- name: Download binaries (${{ matrix.job.os }} - ${{ matrix.job.name }})
|
||||
uses: actions/download-artifact@v3
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: binaries-${{ matrix.job.os }}-${{ matrix.job.name }}
|
||||
path: ${{ matrix.job.name }}
|
||||
@@ -230,7 +236,7 @@ jobs:
|
||||
submodules: recursive
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@v3
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: binaries-linux-${{ matrix.job.name }}
|
||||
path: docker/rootfs/usr/bin
|
||||
@@ -248,8 +254,16 @@ jobs:
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
|
||||
|
||||
- name: Log in to GHCR
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: rustdesk
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Extract metadata (tags, labels) for Docker
|
||||
id: meta
|
||||
@@ -278,6 +292,9 @@ jobs:
|
||||
${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
|
||||
${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
|
||||
${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
|
||||
${{ env.GHCR_IMAGE }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
|
||||
${{ env.GHCR_IMAGE }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
|
||||
${{ env.GHCR_IMAGE }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
||||
# docker build and push of multiarch images
|
||||
@@ -293,8 +310,8 @@ jobs:
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
|
||||
|
||||
- name: Get git tag
|
||||
id: vars
|
||||
@@ -304,10 +321,18 @@ jobs:
|
||||
echo "GIT_TAG=$T" >> $GITHUB_ENV
|
||||
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
|
||||
|
||||
- name: Log in to GHCR
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: rustdesk
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# manifest for :1.2.3 tag
|
||||
# this has to run only if invoked by a new tag
|
||||
- name: Create and push manifest (:ve.rs.ion)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
with:
|
||||
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}
|
||||
@@ -316,7 +341,7 @@ jobs:
|
||||
|
||||
# manifest for :1 tag (major release)
|
||||
- name: Create and push manifest (:major)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}
|
||||
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-i386
|
||||
@@ -324,12 +349,38 @@ jobs:
|
||||
|
||||
# manifest for :latest tag
|
||||
- name: Create and push manifest (:latest)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}
|
||||
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# GHCR manifests
|
||||
# manifest for :1.2.3 tag
|
||||
- name: Create and push GHCR manifest (:ve.rs.ion)
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
with:
|
||||
base-image: ${{ env.GHCR_IMAGE }}:${{ env.GIT_TAG }}
|
||||
extra-images: ${{ env.GHCR_IMAGE }}:${{ env.GIT_TAG }}-amd64,${{ env.GHCR_IMAGE }}:${{ env.GIT_TAG }}-arm64v8,${{ env.GHCR_IMAGE }}:${{ env.GIT_TAG }}-armv7,${{ env.GHCR_IMAGE }}:${{ env.GIT_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# manifest for :1 tag (major release)
|
||||
- name: Create and push GHCR manifest (:major)
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ env.GHCR_IMAGE }}:${{ env.MAJOR_TAG }}
|
||||
extra-images: ${{ env.GHCR_IMAGE }}:${{ env.MAJOR_TAG }}-amd64,${{ env.GHCR_IMAGE }}:${{ env.MAJOR_TAG }}-arm64v8,${{ env.GHCR_IMAGE }}:${{ env.MAJOR_TAG }}-armv7,${{ env.GHCR_IMAGE }}:${{ env.MAJOR_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# manifest for :latest tag
|
||||
- name: Create and push GHCR manifest (:latest)
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ env.GHCR_IMAGE }}:${{ env.LATEST_TAG }}
|
||||
extra-images: ${{ env.GHCR_IMAGE }}:${{ env.LATEST_TAG }}-amd64,${{ env.GHCR_IMAGE }}:${{ env.LATEST_TAG }}-arm64v8,${{ env.GHCR_IMAGE }}:${{ env.LATEST_TAG }}-armv7,${{ env.GHCR_IMAGE }}:${{ env.LATEST_TAG }}-i386
|
||||
push: true
|
||||
|
||||
|
||||
# docker build and push of single-arch images
|
||||
docker-classic:
|
||||
@@ -353,7 +404,7 @@ jobs:
|
||||
submodules: recursive
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@v3
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: binaries-linux-${{ matrix.job.name }}
|
||||
path: docker-classic/
|
||||
@@ -371,8 +422,16 @@ jobs:
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
|
||||
|
||||
- name: Log in to GHCR
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: rustdesk
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Extract metadata (tags, labels) for Docker
|
||||
id: meta
|
||||
@@ -399,6 +458,9 @@ jobs:
|
||||
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
|
||||
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
|
||||
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
|
||||
${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
|
||||
${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
|
||||
${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
||||
# docker build and push of multiarch images
|
||||
@@ -414,8 +476,8 @@ jobs:
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
|
||||
|
||||
- name: Get git tag
|
||||
id: vars
|
||||
@@ -425,10 +487,18 @@ jobs:
|
||||
echo "GIT_TAG=$T" >> $GITHUB_ENV
|
||||
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
|
||||
|
||||
- name: Log in to GHCR
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: rustdesk
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# manifest for :1.2.3 tag
|
||||
# this has to run only if invoked by a new tag
|
||||
- name: Create and push manifest (:ve.rs.ion)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
with:
|
||||
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}
|
||||
@@ -437,7 +507,7 @@ jobs:
|
||||
|
||||
# manifest for :1 tag (major release)
|
||||
- name: Create and push manifest (:major)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}
|
||||
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-armv7
|
||||
@@ -445,12 +515,38 @@ jobs:
|
||||
|
||||
# manifest for :latest tag
|
||||
- name: Create and push manifest (:latest)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}
|
||||
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-armv7
|
||||
push: true
|
||||
|
||||
# GHCR manifests
|
||||
# manifest for :1.2.3 tag
|
||||
- name: Create and push GHCR manifest (:ve.rs.ion)
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
with:
|
||||
base-image: ${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}
|
||||
extra-images: ${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-amd64,${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-arm64v8,${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-armv7
|
||||
push: true
|
||||
|
||||
# manifest for :1 tag (major release)
|
||||
- name: Create and push GHCR manifest (:major)
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}
|
||||
extra-images: ${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-amd64,${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-arm64v8,${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-armv7
|
||||
push: true
|
||||
|
||||
# manifest for :latest tag
|
||||
- name: Create and push GHCR manifest (:latest)
|
||||
uses: Noelware/docker-manifest-action@0.4.3
|
||||
with:
|
||||
base-image: ${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}
|
||||
extra-images: ${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-amd64,${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-arm64v8,${{ env.GHCR_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-armv7
|
||||
push: true
|
||||
|
||||
|
||||
deb-package:
|
||||
|
||||
@@ -483,7 +579,7 @@ jobs:
|
||||
mkdir -p debian-build/${{ matrix.job.name }}/bin
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@v3
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
name: binaries-linux-${{ matrix.job.name }}
|
||||
path: debian-build/${{ matrix.job.name }}/bin
|
||||
|
||||
335
.github/workflows/ghcr.yml
vendored
335
.github/workflows/ghcr.yml
vendored
@@ -1,335 +0,0 @@
|
||||
name: Build and publish to ghcr.io
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
tags:
|
||||
- 'v[0-9]+.[0-9]+.[0-9]+'
|
||||
- '[0-9]+.[0-9]+.[0-9]+'
|
||||
- 'v[0-9]+.[0-9]+.[0-9]+-[0-9]+'
|
||||
- '[0-9]+.[0-9]+.[0-9]+-[0-9]+'
|
||||
|
||||
env:
|
||||
CARGO_TERM_COLOR: always
|
||||
LATEST_TAG: latest
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write # So need to set "secrets.GITHUB_TOKEN"
|
||||
|
||||
jobs:
|
||||
|
||||
# Binary build
|
||||
build:
|
||||
name: Build - ${{ matrix.job.name }}
|
||||
runs-on: ubuntu-24.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
job:
|
||||
- { name: "amd64", target: "x86_64-unknown-linux-musl" }
|
||||
- { name: "arm64v8", target: "aarch64-unknown-linux-musl" }
|
||||
- { name: "armv7", target: "armv7-unknown-linux-musleabihf" }
|
||||
- { name: "i386", target: "i686-unknown-linux-musl" }
|
||||
#- { name: "amd64fb", target: "x86_64-unknown-freebsd" }
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
|
||||
- name: Install Rust toolchain
|
||||
uses: dtolnay/rust-toolchain@v1
|
||||
with:
|
||||
toolchain: "1.70.0"
|
||||
targets: ${{ matrix.job.target }}
|
||||
components: "rustfmt"
|
||||
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
prefix-key: ${{ matrix.job.os }}
|
||||
|
||||
- name: Build
|
||||
uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: build
|
||||
args: --release --all-features --target=${{ matrix.job.target }}
|
||||
use-cross: true
|
||||
|
||||
- name: Exec chmod
|
||||
run: chmod -v a+x target/${{ matrix.job.target }}/release/*
|
||||
|
||||
- name: Publish Artifacts
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: binaries-linux-${{ matrix.job.name }}
|
||||
path: |
|
||||
target/${{ matrix.job.target }}/release/hbbr
|
||||
target/${{ matrix.job.target }}/release/hbbs
|
||||
target/${{ matrix.job.target }}/release/rustdesk-utils
|
||||
if-no-files-found: error
|
||||
|
||||
# Build and push single-arch Docker images to ghcr.io
|
||||
create-s6-overlay-images:
|
||||
name: Docker push - ${{ matrix.job.name }}
|
||||
needs: build
|
||||
runs-on: ubuntu-24.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
job:
|
||||
- { name: "amd64", docker_platform: "linux/amd64", s6_platform: "x86_64" }
|
||||
- { name: "arm64v8", docker_platform: "linux/arm64", s6_platform: "aarch64" }
|
||||
- { name: "armv7", docker_platform: "linux/arm/v7", s6_platform: "armhf" }
|
||||
- { name: "i386", docker_platform: "linux/386", s6_platform: "i686" }
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
pattern: binaries-linux-${{ matrix.job.name }}
|
||||
path: docker/rootfs/usr/bin
|
||||
merge-multiple: true
|
||||
|
||||
- name: Make binaries executable
|
||||
run: chmod -v a+x docker/rootfs/usr/bin/*
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to GitHub Container Registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Extract metadata (tags, labels) for Docker
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: ghcr.io/${{ github.repository }}-s6
|
||||
|
||||
- name: Get git tag
|
||||
id: vars
|
||||
run: |
|
||||
T=${GITHUB_REF#refs/*/}
|
||||
M=${T%%.*}
|
||||
echo "GIT_TAG=$T" >> $GITHUB_ENV
|
||||
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
context: "./docker"
|
||||
platforms: ${{ matrix.job.docker_platform }}
|
||||
push: true
|
||||
provenance: false
|
||||
build-args: |
|
||||
S6_ARCH=${{ matrix.job.s6_platform }}
|
||||
tags: |
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-${{ matrix.job.name }}
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
||||
# Set up minifest and tag for pushed image
|
||||
create-s6-overlay-images-manifest:
|
||||
name: Manifest for s6-overlay images
|
||||
needs: create-s6-overlay-images
|
||||
runs-on: ubuntu-24.04
|
||||
|
||||
steps:
|
||||
- name: Log in to GitHub Container Registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Get git tag
|
||||
id: vars
|
||||
run: |
|
||||
T=${GITHUB_REF#refs/*/}
|
||||
M=${T%%.*}
|
||||
echo "GIT_TAG=$T" >> $GITHUB_ENV
|
||||
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
|
||||
|
||||
# Create and push manifest for :ve.rs.ion tag
|
||||
- name: Create and push manifest (:ve.rs.ion)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
with:
|
||||
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}
|
||||
extra-images: |
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-amd64,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-arm64v8,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-armv7,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# Create and push manifest for :major tag
|
||||
- name: Create and push manifest (:major)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}
|
||||
extra-images: |
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-amd64,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-arm64v8,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-armv7,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# Create and push manifest for :latest tag
|
||||
- name: Create and push manifest (:latest)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}
|
||||
extra-images: |
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-amd64,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-arm64v8,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-armv7,
|
||||
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# Build and push single-arch Docker images to ghcr.io
|
||||
create-classic-images:
|
||||
name: Docker push - ${{ matrix.job.name }}
|
||||
needs: build
|
||||
runs-on: ubuntu-24.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
job:
|
||||
- { name: "amd64", docker_platform: "linux/amd64" }
|
||||
- { name: "arm64v8", docker_platform: "linux/arm64" }
|
||||
- { name: "armv7", docker_platform: "linux/arm/v7" }
|
||||
- { name: "i386", docker_platform: "linux/386" }
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
|
||||
- name: Download binaries
|
||||
uses: actions/download-artifact@v4
|
||||
with:
|
||||
pattern: binaries-linux-${{ matrix.job.name }}
|
||||
path: docker-classic
|
||||
merge-multiple: true
|
||||
|
||||
- name: Make binaries executable
|
||||
run: chmod -v a+x docker-classic/*
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to GitHub Container Registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Extract metadata (tags, labels) for Docker
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
with:
|
||||
images: ghcr.io/${{ github.repository }}
|
||||
|
||||
- name: Get git tag
|
||||
id: vars
|
||||
run: |
|
||||
T=${GITHUB_REF#refs/*/}
|
||||
M=${T%%.*}
|
||||
echo "GIT_TAG=$T" >> $GITHUB_ENV
|
||||
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
|
||||
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
context: "./docker-classic"
|
||||
platforms: ${{ matrix.job.docker_platform }}
|
||||
push: true
|
||||
provenance: false
|
||||
tags: |
|
||||
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
|
||||
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
|
||||
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
||||
# Set up minifest and tag for pushed image
|
||||
create-classic-images-manifest:
|
||||
name: Manifest for classic images
|
||||
needs: create-classic-images
|
||||
runs-on: ubuntu-24.04
|
||||
|
||||
steps:
|
||||
- name: Log in to GitHub Container Registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Get git tag
|
||||
id: vars
|
||||
run: |
|
||||
T=${GITHUB_REF#refs/*/}
|
||||
M=${T%%.*}
|
||||
echo "GIT_TAG=$T" >> $GITHUB_ENV
|
||||
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
|
||||
|
||||
# Create and push manifest for :ve.rs.ion tag
|
||||
- name: Create and push manifest (:ve.rs.ion)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
if: github.event_name != 'workflow_dispatch'
|
||||
with:
|
||||
base-image: ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}
|
||||
extra-images: |
|
||||
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-amd64,
|
||||
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-arm64v8,
|
||||
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-armv7,
|
||||
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# Create and push manifest for :major tag
|
||||
- name: Create and push manifest (:major)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
base-image: ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}
|
||||
extra-images: |
|
||||
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-amd64,
|
||||
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-arm64v8,
|
||||
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-armv7,
|
||||
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-i386
|
||||
push: true
|
||||
|
||||
# Create and push manifest for :latest tag
|
||||
- name: Create and push manifest (:latest)
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
base-image: ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}
|
||||
extra-images: |
|
||||
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-amd64,
|
||||
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-arm64v8,
|
||||
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-armv7,
|
||||
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-i386
|
||||
push: true
|
||||
80
.github/workflows/test.yml
vendored
80
.github/workflows/test.yml
vendored
@@ -1,80 +0,0 @@
|
||||
name: test
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "master" ]
|
||||
paths-ignore:
|
||||
- '**/README.md'
|
||||
pull_request:
|
||||
branches: [ "master" ]
|
||||
paths-ignore:
|
||||
- '**/README.md'
|
||||
|
||||
jobs:
|
||||
check:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
profile: minimal
|
||||
toolchain: stable
|
||||
override: true
|
||||
submodules: recursive
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
- uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: check
|
||||
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
profile: minimal
|
||||
toolchain: stable
|
||||
override: true
|
||||
submodules: recursive
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
- uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: test
|
||||
args: --all
|
||||
|
||||
fmt:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
profile: minimal
|
||||
toolchain: stable
|
||||
override: true
|
||||
components: rustfmt
|
||||
submodules: recursive
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
- uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: build
|
||||
- uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: fmt
|
||||
args: --all -- --check
|
||||
|
||||
clippy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
profile: minimal
|
||||
toolchain: stable
|
||||
override: true
|
||||
components: clippy
|
||||
submodules: recursive
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
- uses: actions-rs/cargo@v1
|
||||
with:
|
||||
command: clippy
|
||||
args: --all -- -D warnings
|
||||
5
Cargo.lock
generated
5
Cargo.lock
generated
@@ -558,7 +558,7 @@ dependencies = [
|
||||
[[package]]
|
||||
name = "default_net"
|
||||
version = "0.1.0"
|
||||
source = "git+https://github.com/rustdesk-org/default_net#a831d47bcacb4615b394968287697924a8f62be1"
|
||||
source = "git+https://github.com/rustdesk-org/default_net#78f8f70cd85151a3a2c4a3230d80d5272703c02e"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"regex",
|
||||
@@ -1068,7 +1068,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "hbbs"
|
||||
version = "1.1.13"
|
||||
version = "1.1.15"
|
||||
dependencies = [
|
||||
"async-speed-limit",
|
||||
"async-trait",
|
||||
@@ -1079,6 +1079,7 @@ dependencies = [
|
||||
"clap",
|
||||
"deadpool",
|
||||
"dns-lookup",
|
||||
"flate2",
|
||||
"flexi_logger 0.22.3",
|
||||
"hbb_common",
|
||||
"headers",
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "hbbs"
|
||||
version = "1.1.13"
|
||||
version = "1.1.15"
|
||||
authors = ["rustdesk <info@rustdesk.com>"]
|
||||
edition = "2021"
|
||||
build = "build.rs"
|
||||
@@ -51,6 +51,7 @@ ipnetwork = "0.20"
|
||||
local-ip-address = "0.5.1"
|
||||
dns-lookup = "1.0.8"
|
||||
ping = "0.4.0"
|
||||
flate2 = "1.0"
|
||||
|
||||
[target.'cfg(any(target_os = "macos", target_os = "windows"))'.dependencies]
|
||||
# https://github.com/rustdesk/rustdesk-server-pro/issues/189, using native-tls for better tls support
|
||||
|
||||
345
README-DE.md
345
README-DE.md
@@ -1,345 +0,0 @@
|
||||
<p align="center">
|
||||
<a href="#manuelles-erstellen">Erstellen</a> •
|
||||
<a href="#docker-image">Docker</a> •
|
||||
<a href="#s6-overlay-basierte-images">S6-Overlay</a> •
|
||||
<a href="#ein-schlüsselpaar-erstellen">Schlüsselpaar</a> •
|
||||
<a href="#debian-pakete">Debian-Pakete</a> •
|
||||
<a href="#umgebungsvariablen">Umgebungsvariablen</a><br>
|
||||
[<a href="README.md">English</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
|
||||
</p>
|
||||
|
||||
# RustDesk Server-Programm
|
||||
|
||||
[](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
|
||||
|
||||
[**Herunterladen**](https://github.com/rustdesk/rustdesk-server/releases)
|
||||
|
||||
[**Handbuch**](https://rustdesk.com/docs/de/self-host/)
|
||||
|
||||
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
|
||||
|
||||
Hosten Sie Ihren eigenen RustDesk-Server selbst, er ist kostenlos und quelloffen.
|
||||
|
||||
## Manuelles Erstellen
|
||||
|
||||
```bash
|
||||
cargo build --release
|
||||
```
|
||||
|
||||
In target/release werden drei ausführbare Dateien erzeugt.
|
||||
|
||||
- hbbs - RustDesk ID/Rendezvous-Server
|
||||
- hbbr - RustDesk Relay-Server
|
||||
- rustdesk-utils - RustDesk CLI-Utilities
|
||||
|
||||
[Hier](https://github.com/rustdesk/rustdesk-server/releases) finden Sie aktualisierte Binärdateien.
|
||||
|
||||
Wenn Sie Ihren eigenen Server entwickeln wollen, könnte [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) ein besserer und einfacherer Start für Sie sein als dieses Repository.
|
||||
|
||||
## Docker-Image
|
||||
|
||||
Docker-Images werden automatisch generiert und bei jedem Github-Release veröffentlicht. Wir haben 2 Arten von Images.
|
||||
|
||||
### Klassisches Image
|
||||
|
||||
Diese Images sind mit `Ubuntu 20.04` gebaut, mit dem Zusatz der wichtigen Binärdateien (`hbbr` und `hbbs`). Sie sind auf [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) mit diesen Tags verfügbar:
|
||||
|
||||
| Architektur | Image:Tag |
|
||||
| --- | --- |
|
||||
| amd64 | `rustdesk/rustdesk-server:latest` |
|
||||
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
|
||||
|
||||
Sie können diese Images direkt mit `docker run` mit diesen Befehlen starten:
|
||||
|
||||
```bash
|
||||
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
Oder ohne `--net=host`, aber die P2P-Direktverbindung kann dann nicht funktionieren.
|
||||
|
||||
Bei Systemen, die SELinux verwenden, muss `/root` durch `/root:z` ersetzt werden, damit die Container korrekt laufen. Alternativ kann die SELinux-Containertrennung durch Hinzufügen der Option `--security-opt label=disable` vollständig deaktiviert werden.
|
||||
|
||||
```bash
|
||||
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
Der Parameter `relay-server-ip` ist die IP-Adresse (oder der DNS-Name) des Servers, auf dem diese Container laufen. Der **optionale** Parameter `port` muss verwendet werden, wenn Sie einen anderen Port als **21117** für `hbbr` verwenden.
|
||||
|
||||
Sie können auch Docker Compose verwenden, wobei diese Konfiguration als Vorlage dient:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
networks:
|
||||
rustdesk-net:
|
||||
external: false
|
||||
|
||||
services:
|
||||
hbbs:
|
||||
container_name: hbbs
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21118:21118
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbs -r rustdesk.example.com:21117
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
depends_on:
|
||||
- hbbr
|
||||
restart: unless-stopped
|
||||
|
||||
hbbr:
|
||||
container_name: hbbr
|
||||
ports:
|
||||
- 21117:21117
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbr
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
Bearbeiten Sie Zeile 16 so, dass sie auf Ihren Relay-Server verweist (den, der am Port 21117 lauscht). Sie können auch die Zeilen für die Volumes (Zeile 18 und 33) bearbeiten, wenn Sie dies wünschen.
|
||||
|
||||
(Die Anerkennung für Docker Compose geht an @lukebarone und @QuiGonLeong.)
|
||||
|
||||
## S6-Overlay-basierte Images
|
||||
|
||||
Diese Images sind mit `busybox:stable` gebaut, mit dem Zusatz Binärdateien (sowohl hbbr als auch hbbs) und [S6-overlay](https://github.com/just-containers/s6-overlay). Sie sind auf [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) mit diesen Tags verfügbar:
|
||||
|
||||
| Architektur | Version | Image:Tag |
|
||||
| --- | --- | --- |
|
||||
| multiarch | neueste | `rustdesk/rustdesk-server-s6:latest` |
|
||||
| amd64 | neueste | `rustdesk/rustdesk-server-s6:latest-amd64` |
|
||||
| i386 | neueste | `rustdesk/rustdesk-server-s6:latest-i386` |
|
||||
| arm64v8 | neueste | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
|
||||
| armv7 | neueste | `rustdesk/rustdesk-server-s6:latest-armv7` |
|
||||
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
|
||||
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
|
||||
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
|
||||
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
|
||||
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
|
||||
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
|
||||
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
|
||||
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
|
||||
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
|
||||
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
|
||||
|
||||
Es wird dringend empfohlen, das Image `multiarch` entweder mit dem Tag `major version` oder `latest` zu verwenden.
|
||||
|
||||
Das S6-Overlay fungiert als Supervisor und hält beide Prozesse am Laufen, sodass bei diesem Image keine zwei separaten Container benötigt werden.
|
||||
|
||||
Sie können diese Images direkt mit `docker run` mit diesem Befehl starten:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
oder ohne `--net=host`, aber die P2P-Direktverbindung kann dann nicht funktionieren.
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
|
||||
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
Oder Sie können eine Docker Compose-Datei verwenden:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
volumes:
|
||||
- ./data:/data
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
Für dieses Container-Image können Sie diese Umgebungsvariablen verwenden, **zusätzlich** zu den im Abschnitt **Umgebungsvariablen** angegebenen Variablen:
|
||||
|
||||
| Variable | optional | Beschreibung |
|
||||
| --- | --- | --- |
|
||||
| RELAY | nein | IP-Adresse/DNS-Name des Rechners, auf dem dieser Container läuft |
|
||||
| ENCRYPTED_ONLY | ja | Wenn auf **1** gesetzt, wird eine unverschlüsselte Verbindung nicht akzeptiert |
|
||||
| KEY_PUB | ja | Öffentlicher Teil des Schlüsselpaares |
|
||||
| KEY_PRIV | ja | Privater Teil des Schlüsselpaares |
|
||||
|
||||
### Verwaltung von Geheimnissen in S6-Overlay-basierten Images
|
||||
|
||||
Sie können das Schlüsselpaar natürlich in einem Docker-Volume aufbewahren, aber empfehlenswert ist, die Schlüssel nicht in das Dateisystem zu schreiben.
|
||||
|
||||
Beim Start des Containers wird das Vorhandensein des Schlüsselpaares geprüft (`/data/id_ed25519.pub` und `/data/id_ed25519`). Wenn einer dieser Schlüssel nicht existiert, wird er aus den Umgebungsvariablen oder den Docker-Geheimnissen neu erstellt.
|
||||
Dann wird die Gültigkeit des Schlüsselpaares überprüft: Wenn öffentlicher und privater Schlüssel nicht übereinstimmen, wird der Container angehalten.
|
||||
Wenn Sie keine Schlüssel angeben, erzeugt `hbbs` einen für Sie und legt ihn am Standardspeicherort ab.
|
||||
|
||||
#### Umgebungsvariablen zum Speichern des Schlüsselpaars verwenden
|
||||
|
||||
Sie können Docker-Umgebungsvariablen verwenden, um die Schlüssel zu speichern. Folgen Sie einfach diesen Beispielen:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
|
||||
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
|
||||
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
|
||||
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
#### Docker-Geheimnisse zum Speichern des Schlüsselpaars verwenden
|
||||
|
||||
Sie können alternativ auch Docker-Geheimnisse verwenden, um die Schlüssel zu speichern.
|
||||
Dies ist nützlich, wenn Sie **Docker Compose** oder **Docker Swarm** verwenden.
|
||||
Folgen Sie einfach diesem Beispiel:
|
||||
|
||||
```bash
|
||||
cat secrets/id_ed25519.pub | docker secret create key_pub -
|
||||
cat secrets/id_ed25519 | docker secret create key_priv -
|
||||
docker service create --name rustdesk-server \
|
||||
--secret key_priv --secret key_pub \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
--mount "type=bind,source=$PWD/db,destination=/db" \
|
||||
rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- key_pub
|
||||
- key_priv
|
||||
|
||||
secrets:
|
||||
key_pub:
|
||||
file: secrets/id_ed25519.pub
|
||||
key_priv:
|
||||
file: secrets/id_ed25519
|
||||
```
|
||||
|
||||
## Ein Schlüsselpaar erstellen
|
||||
|
||||
Für die Verschlüsselung wird ein Schlüsselpaar benötigt, das Sie bereitstellen können, aber Sie benötigen eine Möglichkeit, es zu erstellen.
|
||||
|
||||
Mit diesem Befehl können Sie ein Schlüsselpaar erzeugen:
|
||||
|
||||
```bash
|
||||
/usr/bin/rustdesk-utils genkeypair
|
||||
```
|
||||
|
||||
Wenn Sie das Paket `rustdesk-utils` nicht auf Ihrem System installiert haben (oder dies nicht wollen), können Sie den gleichen Befehl mit Docker aufrufen:
|
||||
|
||||
```bash
|
||||
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
|
||||
```
|
||||
|
||||
Die Ausgabe sieht dann etwa so aus:
|
||||
|
||||
```text
|
||||
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
|
||||
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
|
||||
```
|
||||
|
||||
## Debian-Pakete
|
||||
|
||||
Für jede Binärdatei stehen separate Debian-Pakete zur Verfügung, die Sie in [Releases](https://github.com/rustdesk/rustdesk-server/releases) finden können.
|
||||
Diese Pakete sind für die folgenden Distributionen gedacht:
|
||||
|
||||
- Ubuntu 22.04 LTS
|
||||
- Ubuntu 20.04 LTS
|
||||
- Ubuntu 18.04 LTS
|
||||
- Debian 11 Bullseye
|
||||
- Debian 10 Buster
|
||||
|
||||
## Umgebungsvariablen
|
||||
|
||||
hbbs und hbbr können mit diesen Umgebungsvariablen konfiguriert werden.
|
||||
Sie können die Variablen wie üblich angeben oder eine `.env`-Datei verwenden.
|
||||
|
||||
| Variable | Binärdatei | Beschreibung |
|
||||
| --- | --- | --- |
|
||||
| ALWAYS_USE_RELAY | hbbs | Wenn auf **Y** gesetzt, wird eine direkte Verbindung nicht zugelassen. |
|
||||
| DB_URL | hbbs | Pfad für die Datenbankdatei |
|
||||
| DOWNGRADE_START_CHECK | hbbr | Verzögerung (in Sekunden) vor der Downgrade-Prüfung |
|
||||
| DOWNGRADE_THRESHOLD | hbbr | Schwellenwert der Downgrade-Prüfung (Bit/ms)) |
|
||||
| KEY | hbbs/hbbr | Wenn gesetzt, wird die Verwendung eines bestimmten Schlüssels erzwungen. Wenn auf **_** gesetzt, wird die Verwendung eines beliebigen Schlüssels erzwungen. |
|
||||
| LIMIT_SPEED | hbbr | Höchstgeschwindigkeit (in Mb/s) |
|
||||
| PORT | hbbs/hbbr | Lauschender Port (21116 für hbbs - 21117 für hbbr) |
|
||||
| RELAY_SERVERS | hbbs | IP-Adresse/DNS-Name der Rechner, auf denen hbbr läuft (durch Komma getrennt) |
|
||||
| RUST_LOG | all | Debug-Level einstellen (error\|warn\|info\|debug\|trace) |
|
||||
| SINGLE_BANDWIDTH | hbbr | Maximale Bandbreite für eine einzelne Verbindung (in Mb/s) |
|
||||
| TOTAL_BANDWIDTH | hbbr | Maximale Gesamtbandbreite (in Mb/s) |
|
||||
345
README-NL.md
345
README-NL.md
@@ -1,345 +0,0 @@
|
||||
<p align="center">
|
||||
<a href="#hoe-handmatig-opbouwen">Opbouwen</a> •
|
||||
<a href="#docker-bestanden-images">Docker</a> •
|
||||
<a href="#s6-overlay-gebaseerde-bestanden">S6-Overlay</a> •
|
||||
<a href="#hoe-maak-je-een-key-paar">Key paar</a> •
|
||||
<a href="#deb-pakketten">Debian pakketten</a> •
|
||||
<a href="#env-variabelen">ENV variabelen</a><br>
|
||||
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
|
||||
</p>
|
||||
|
||||
# RustDesk Server Programa
|
||||
|
||||
[](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
|
||||
|
||||
[**Download**](https://github.com/rustdesk/rustdesk-server/releases)
|
||||
|
||||
[**Handleiding**](https://rustdesk.com/docs/nl/self-host/)
|
||||
|
||||
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
|
||||
|
||||
Zelf uw eigen RustDesk server hosten, het is gratis en open source.
|
||||
|
||||
## Hoe handmatig opbouwen
|
||||
|
||||
```bash
|
||||
cargo build --release
|
||||
```
|
||||
|
||||
In target/release worden drie uitvoerbare bestanden gegenereerd.
|
||||
|
||||
- hbbs - RustDesk ID/Rendezvous server
|
||||
- hbbr - RustDesk relay server
|
||||
- rustdesk-utils - RustDesk CLI hulpprogramma's
|
||||
|
||||
U kunt bijgewerkte binaries vinden op [releases](https://github.com/rustdesk/rustdesk-server/releases) pagina.
|
||||
|
||||
Als u uw eigen server wilt ontwikkelen, is [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) misschien een betere en eenvoudigere start voor u dan deze repo.
|
||||
|
||||
## Docker bestanden (images)
|
||||
|
||||
Docker bestanden (images) worden automatisch gegenereerd en gepubliceerd bij elke github release. We hebben 2 soorten bestanden (images).
|
||||
|
||||
### Klassiek bestand (image)
|
||||
|
||||
Deze bestanden (images) zijn gebouwd voor `ubuntu-20.04` met als enige toevoeging de belangrijkste binaries (`hbbr` en `hbbs`). Ze zijn beschikbaar op [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) met deze tags:
|
||||
|
||||
| architectuur | image:tag |
|
||||
| --- | --- |
|
||||
| amd64 | `rustdesk/rustdesk-server:latest` |
|
||||
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
|
||||
|
||||
U kunt deze bestanden (images) direct starten via `docker run` met deze commando's:
|
||||
|
||||
```bash
|
||||
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
of zonder `--net=host`, maar een directe P2P verbinding zal niet werken.
|
||||
|
||||
Voor systemen die SELinux gebruiken is het vervangen van `/root` door `/root:z` nodig om de containers correct te laten draaien. Als alternatief kan SELinux containerscheiding volledig worden uitgeschakeld door de optie `--security-opt label=disable` toe te voegen.
|
||||
|
||||
```bash
|
||||
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
De `relay-server-ip` parameter is het IP adres (of dns naam) van de server waarop deze containers draaien. De **optionele** `port` parameter moet gebruikt worden als je een andere poort dan **21117** gebruikt voor `hbbr`.
|
||||
|
||||
U kunt ook docker-compose gebruiken, met deze configuratie als sjabloon:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
networks:
|
||||
rustdesk-net:
|
||||
external: false
|
||||
|
||||
services:
|
||||
hbbs:
|
||||
container_name: hbbs
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21118:21118
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbs -r rustdesk.example.com:21117
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
depends_on:
|
||||
- hbbr
|
||||
restart: unless-stopped
|
||||
|
||||
hbbr:
|
||||
container_name: hbbr
|
||||
ports:
|
||||
- 21117:21117
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbr
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
Bewerk regel 16 om te verwijzen naar uw relais-server (degene die luistert op poort 21117). U kunt ook de inhoudsregels (L18 en L33) bewerken indien nodig.
|
||||
|
||||
(docker-compose erkenning gaat naar @lukebarone en @QuiGonLeong)
|
||||
|
||||
## S6-overlay gebaseerde bestanden
|
||||
|
||||
Deze bestanden (images) zijn gebouwd tegen `busybox:stable` met toevoeging van de binaries (zowel hbbr als hbbs) en [S6-overlay](https://github.com/just-containers/s6-overlay). Ze zijn beschikbaar op [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) met deze tags:
|
||||
|
||||
| architectuur | versie | image:tag |
|
||||
| --- | --- | --- |
|
||||
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
|
||||
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
|
||||
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
|
||||
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
|
||||
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
|
||||
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
|
||||
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
|
||||
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
|
||||
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
|
||||
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
|
||||
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
|
||||
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
|
||||
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
|
||||
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
|
||||
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
|
||||
|
||||
Je wordt sterk aangeraden om het `multiarch` bestand (image) te gebruiken met de `major version` of `latest` tag.
|
||||
|
||||
De S6-overlay fungeert als supervisor en houdt beide processen draaiende, dus met dit bestand (image) is het niet nodig om twee aparte draaiende containers te hebben.
|
||||
|
||||
U kunt deze bestanden (images) direct starten via `docker run` met dit commando:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
of zonder `--net=host`, maar een directe P2P verbinding zal niet werken.
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
|
||||
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
Of u kunt een docker-compose bestand gebruiken:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
volumes:
|
||||
- ./data:/data
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
Voor dit container bestand (image) kunt u deze omgevingsvariabelen gebruiken, **naast** de variabelen in de volgende **ENV-variabelen** sectie:
|
||||
|
||||
| variabele | optioneel | beschrijving |
|
||||
| --- | --- | --- |
|
||||
| RELAY | no | het IP-adres/DNS-naam van de machine waarop deze container draait |
|
||||
| ENCRYPTED_ONLY | yes | indien ingesteld op **"1"** wordt een niet-versleutelde verbinding niet geaccepteerd |
|
||||
| KEY_PUB | yes | het openbare deel van het key paar |
|
||||
| KEY_PRIV | yes | het private deel van het key paar |
|
||||
|
||||
### Geheim beheer in S6-overlay gebaseerde bestanden (images)
|
||||
|
||||
U kunt uiteraard het key paar bewaren in een docker volume, maar de optimale werkwijzen vertellen u om de keys niet op het bestandssysteem te schrijven; dus bieden we een paar opties.
|
||||
|
||||
Bij het opstarten van de container wordt de aanwezigheid van het key paar gecontroleerd (`/data/id_ed25519.pub` en `/data/id_ed25519`) en als een van deze keys niet bestaat, wordt deze opnieuw aangemaakt vanuit ENV variabelen of docker secrets.
|
||||
Vervolgens wordt de geldigheid van het key paar gecontroleerd: indien publieke en private keys niet overeenkomen, stopt de container.
|
||||
Als je geen keys opgeeft, zal `hbbs` er een voor je genereren en op de standaard locatie plaatsen.
|
||||
|
||||
#### Gebruik ENV om het key paar op te slaan
|
||||
|
||||
U kunt docker omgevingsvariabelen gebruiken om de keys op te slaan. Volg gewoon deze voorbeelden:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
|
||||
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
|
||||
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
|
||||
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
#### Gebruik Docker secrets om het key paar op te slaan
|
||||
|
||||
U kunt ook docker secrets gebruiken om de keys op te slaan.
|
||||
Dit is handig als je **docker-compose** of **docker swarm** gebruikt.
|
||||
Volg deze voorbeelden:
|
||||
|
||||
```bash
|
||||
cat secrets/id_ed25519.pub | docker secret create key_pub -
|
||||
cat secrets/id_ed25519 | docker secret create key_priv -
|
||||
docker service create --name rustdesk-server \
|
||||
--secret key_priv --secret key_pub \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
--mount "type=bind,source=$PWD/db,destination=/db" \
|
||||
rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- key_pub
|
||||
- key_priv
|
||||
|
||||
secrets:
|
||||
key_pub:
|
||||
file: secrets/id_ed25519.pub
|
||||
key_priv:
|
||||
file: secrets/id_ed25519
|
||||
```
|
||||
|
||||
## Hoe maak je een key paar
|
||||
|
||||
Een key paar is nodig voor encryptie; u kunt het verstrekken, zoals eerder uitgelegd, maar u heeft een manier nodig om er een te maken.
|
||||
|
||||
U kunt dit commando gebruiken om een key paar te genereren:
|
||||
|
||||
```bash
|
||||
/usr/bin/rustdesk-utils genkeypair
|
||||
```
|
||||
|
||||
Als u het pakket `rustdesk-utils` niet op uw systeem hebt staan (of wilt), kunt u hetzelfde commando met docker uitvoeren:
|
||||
|
||||
```bash
|
||||
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
|
||||
```
|
||||
|
||||
De uitvoer ziet er ongeveer zo uit:
|
||||
|
||||
```text
|
||||
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
|
||||
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
|
||||
```
|
||||
|
||||
## .deb pakketten
|
||||
|
||||
Voor elke binary zijn aparte .deb-pakketten beschikbaar, u kunt ze vinden in de [releases](https://github.com/rustdesk/rustdesk-server/releases).
|
||||
Deze pakketten zijn bedoeld voor de volgende distributies:
|
||||
|
||||
- Ubuntu 22.04 LTS
|
||||
- Ubuntu 20.04 LTS
|
||||
- Ubuntu 18.04 LTS
|
||||
- Debian 11 bullseye
|
||||
- Debian 10 buster
|
||||
|
||||
## ENV variabelen
|
||||
|
||||
hbbs en hbbr kunnen worden geconfigureerd met deze ENV-variabelen.
|
||||
U kunt de variabelen zoals gebruikelijk opgeven of een `.env` bestand gebruiken.
|
||||
|
||||
| variabele | binary | beschrijving |
|
||||
| --- | --- | --- |
|
||||
| ALWAYS_USE_RELAY | hbbs | indien ingesteld op **"Y"** wordt directe peer-verbinding niet toegestaan |
|
||||
| DB_URL | hbbs | path voor database bestand |
|
||||
| DOWNGRADE_START_CHECK | hbbr | vertraging (in seconden) voor downgrade-controle |
|
||||
| DOWNGRADE_THRESHOLD | hbbr | drempel van downgrade controle (bit/ms) |
|
||||
| KEY | hbbs/hbbr | indien ingesteld forceert dit het gebruik van een specifieke toets, indien ingesteld op **"_"** forceert dit het gebruik van een willekeurige toets |
|
||||
| LIMIT_SPEED | hbbr | snelheidslimiet (in Mb/s) |
|
||||
| PORT | hbbs/hbbr | luister-poort (21116 voor hbbs - 21117 voor hbbr) |
|
||||
| RELAY_SERVERS | hbbs | IP-adres/DNS-naam van de machines waarop hbbr draait (gescheiden door komma) |
|
||||
| RUST_LOG | all | debug-niveau instellen (error\|warn\|info\|debug\|trace) |
|
||||
| SINGLE_BANDWIDTH | hbbr | maximale bandbreedte voor een enkele verbinding (in Mb/s) |
|
||||
| TOTAL_BANDWIDTH | hbbr | maximale totale bandbreedte (in Mb/s) |
|
||||
347
README-TW.md
347
README-TW.md
@@ -1,347 +0,0 @@
|
||||
<p align="center">
|
||||
<a href="#如何自行建置">自行建置</a> •
|
||||
<a href="#Docker-映像檔">Docker</a> •
|
||||
<a href="#基於-S6-overlay-的映象檔">S6-overlay</a> •
|
||||
<a href="#如何建立金鑰對">金鑰對</a> •
|
||||
<a href="#deb-套件">Debian</a> •
|
||||
<a href="#ENV-環境參數">環境參數</a><br>
|
||||
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
|
||||
</p>
|
||||
|
||||
# RustDesk Server Program
|
||||
|
||||
[](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
|
||||
|
||||
[**下載**](https://github.com/rustdesk/rustdesk-server/releases)
|
||||
|
||||
[**說明文件**](https://rustdesk.com/docs/zh-tw/self-host/)
|
||||
|
||||
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
|
||||
|
||||
自行建置屬於您自己的 RustDesk 伺服器,它是免費的且開源。
|
||||
|
||||
## 如何自行建置
|
||||
|
||||
```bash
|
||||
cargo build --release
|
||||
```
|
||||
|
||||
在 target/release 中會產生三個可執行檔。
|
||||
|
||||
- hbbs - RustDesk ID/會合伺服器
|
||||
- hbbr - RustDesk 中繼伺服器
|
||||
- rustdesk-utils - RustDesk 命令行工具
|
||||
|
||||
您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 頁面上找到更新的執行檔。
|
||||
|
||||
如果您需要額外功能,[RustDesk 專業版伺服器](https://rustdesk.com/pricing.html) 或許更適合您。
|
||||
|
||||
如果您想開發自己的伺服器,[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 可能是一個比這個倉庫更好、更簡單的開始。
|
||||
|
||||
## Docker 映像檔
|
||||
|
||||
Docker 映像檔會在每次 GitHub 發布時自動生成並發布。我們有兩種映像檔。
|
||||
|
||||
### Classic 映像檔
|
||||
|
||||
這些映像檔是基於 `ubuntu-20.04` 建置的,僅添加了兩個主要的執行檔(`hbbr` 和 `hbbs`)。它們可在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上取得,帶有以下tags:
|
||||
|
||||
| 架構 | image:tag |
|
||||
| ------- | ----------------------------------------- |
|
||||
| amd64 | `rustdesk/rustdesk-server:latest` |
|
||||
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
|
||||
|
||||
您可以使用以下指令,直接透過 ``docker run`` 來啟動這些映像檔:
|
||||
|
||||
```bash
|
||||
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
或刪去 `--net=host`, 但 P2P 直接連線會無法運作。
|
||||
|
||||
對於使用 SELinux 的系統,需要將 ``/root`` 替換為 ``/root:z``,以便容器正確運行。或者,也可以通過添加選項 ``--security-opt label=disable`` 完全禁用 SELinux 容器隔離。
|
||||
|
||||
```bash
|
||||
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
`relay-server-ip` 參數是執行這些容器的伺服器的 IP 地址(或 DNS 名稱)。如果您為 `hbbr` 使用的端口不是 **21117**,則必須使用 **可選** 的 `port` 參數。
|
||||
|
||||
您也可以使用 docker-compose 使用這個設定做為範例:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
networks:
|
||||
rustdesk-net:
|
||||
external: false
|
||||
|
||||
services:
|
||||
hbbs:
|
||||
container_name: hbbs
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21118:21118
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbs -r rustdesk.example.com:21117
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
depends_on:
|
||||
- hbbr
|
||||
restart: unless-stopped
|
||||
|
||||
hbbr:
|
||||
container_name: hbbr
|
||||
ports:
|
||||
- 21117:21117
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbr
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
請編輯第 16 行,將其指向您的中繼伺服器 (監聽端口 21117 那一個)。 如果需要的話,您也可以編輯 volume (第 18 和 33 行)。
|
||||
|
||||
(感謝 @lukebarone 和 @QuiGonLeong 協助提供 docker-compose 的設定範例)
|
||||
|
||||
## 基於 S6-overlay 的映象檔
|
||||
|
||||
這些映象檔是針對 `busybox:stable` 建置的,並添加了執行檔(hbbr 和 hbbs)以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它們在以及這些 tags 在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 可用:
|
||||
|
||||
| 架構 | version | image:tag |
|
||||
| --------- | ------- | -------------------------------------------- |
|
||||
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
|
||||
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
|
||||
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
|
||||
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
|
||||
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
|
||||
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
|
||||
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
|
||||
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
|
||||
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
|
||||
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
|
||||
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
|
||||
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
|
||||
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
|
||||
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
|
||||
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
|
||||
|
||||
強烈建議您使用 `multiarch` 映象檔 可以選擇使用 `major version` 或 `latest` tags。
|
||||
|
||||
S6-overlay 在此充當監督程序,保持兩個進程運行,因此使用此映象檔,您無需運行兩個獨立的容器。
|
||||
|
||||
您可以直接使用以下命令使用 `docker run` 來啟動這個映象檔:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
或刪去 `--net=host`, 但 P2P 直接連線會無法運作。
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
|
||||
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
或是您可以使用 docker-compose 文件:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
volumes:
|
||||
- ./data:/data
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
對於此容器映象檔,您可以使用這些環境變數,**除了**以下**環境變數**部分指定的那些。
|
||||
|
||||
| 環境變數 | 是否可選 | 敘述 |
|
||||
| -------------- | -------- | ------------------------------------------ |
|
||||
| RELAY | 否 | 運行此容器的機器的 IP 地址/ DNS 名稱 |
|
||||
| ENCRYPTED_ONLY | 是 | 如果設置為 **"1"**,將不接受未加密的連接。 |
|
||||
| KEY_PUB | 是 | 金鑰對中的公鑰(Public Key) |
|
||||
| KEY_PRIV | 是 | 金鑰對中的私鑰(Private Key) |
|
||||
|
||||
### 在基於 S6-overlay 的 Secret 管理
|
||||
|
||||
您可以將金鑰對保存在 Docker volume 中,但最佳實踐建議不要將金鑰寫入文件系統;因此,我們提供了一些選項。
|
||||
|
||||
在容器啟動時,會檢查金鑰對的是否存在(`/data/id_ed25519.pub` 和 `/data/id_ed25519`),如果其中一個金鑰不存在,則會從環境變數或 Docker Secret 重新生成它。
|
||||
然後檢查金鑰對的有效性:如果公鑰和私鑰不匹配,容器將停止運行。
|
||||
如果您未提供金鑰,`hbbs` 將為您產生一個,並將其放置在默認位置。
|
||||
|
||||
#### 使用 ENV 存儲金鑰對
|
||||
|
||||
您可以使用 Docker 環境變數來儲存金鑰。只需按照以下範例操作:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
|
||||
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
|
||||
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
|
||||
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
#### 使用 Docker Secret 來儲存金鑰對
|
||||
|
||||
您還可以使用 Docker Secret來儲存金鑰。
|
||||
如果您使用 **docker-compose** 或 **docker swarm**,這很有用。
|
||||
只需按照以下示例操作:
|
||||
|
||||
```bash
|
||||
cat secrets/id_ed25519.pub | docker secret create key_pub -
|
||||
cat secrets/id_ed25519 | docker secret create key_priv -
|
||||
docker service create --name rustdesk-server \
|
||||
--secret key_priv --secret key_pub \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
--mount "type=bind,source=$PWD/db,destination=/db" \
|
||||
rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- key_pub
|
||||
- key_priv
|
||||
|
||||
secrets:
|
||||
key_pub:
|
||||
file: secrets/id_ed25519.pub
|
||||
key_priv:
|
||||
file: secrets/id_ed25519
|
||||
```
|
||||
|
||||
## 如何建立金鑰對
|
||||
|
||||
加密需要一對金鑰;您可以按照前面所述提供它,但需要一種生成金鑰對的方法。
|
||||
|
||||
您可以使用以下命令生成一對金鑰:
|
||||
|
||||
```bash
|
||||
/usr/bin/rustdesk-utils genkeypair
|
||||
```
|
||||
|
||||
如果您沒有(或不想)在系統上安裝 `rustdesk-utils` 套件,您可以使用 Docker執行相同的命令:
|
||||
|
||||
```bash
|
||||
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
|
||||
```
|
||||
|
||||
輸出將類似於以下內容:
|
||||
|
||||
```text
|
||||
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
|
||||
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
|
||||
```
|
||||
|
||||
## .deb 套件
|
||||
|
||||
每個執行檔都有單獨的 .deb 套件可供使用,您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 中找到它們。
|
||||
這些套件適用於以下發行版:
|
||||
|
||||
- Ubuntu 22.04 LTS
|
||||
- Ubuntu 20.04 LTS
|
||||
- Ubuntu 18.04 LTS
|
||||
- Debian 11 bullseye
|
||||
- Debian 10 buster
|
||||
|
||||
## ENV 環境參數
|
||||
|
||||
可以使用這些 ENV 參數來配置 hbbs 和 hbbr。
|
||||
您可以像往常一樣指定參數,或者使用 .env 文件。
|
||||
|
||||
| 參數 | 執行檔 | 敘述 |
|
||||
| --------------------- | --------- | -------------------------------------------------------------------- |
|
||||
| ALWAYS_USE_RELAY | hbbs | 如果設為 **"Y"**,禁止直接點對點連接 |
|
||||
| DB_URL | hbbs | 資料庫的路徑 |
|
||||
| DOWNGRADE_START_CHECK | hbbr | 降級檢查之前的延遲時間(以秒為單位) |
|
||||
| DOWNGRADE_THRESHOLD | hbbr | 降級檢查的閾值(bit/ms) |
|
||||
| KEY | hbbs/hbbr | 如果設置了,將強制使用特定金鑰,如果設為 **"_"**,則強制使用任何金鑰 |
|
||||
| LIMIT_SPEED | hbbr | 速度限制(以Mb/s為單位) |
|
||||
| PORT | hbbs/hbbr | 監聽端口(hbbs為21116,hbbr為21117) |
|
||||
| RELAY_SERVERS | hbbs | 運行hbbr的機器的IP地址/DNS名稱(用逗號分隔) |
|
||||
| RUST_LOG | all | 設定 debug level (error\|warn\|info\|debug\|trace) |
|
||||
| SINGLE_BANDWIDTH | hbbr | 單個連接的最大頻寬(以Mb/s為單位) |
|
||||
| TOTAL_BANDWIDTH | hbbr | 最大總頻寬(以Mb/s為單位) |
|
||||
348
README-ZH.md
348
README-ZH.md
@@ -1,348 +0,0 @@
|
||||
<p align="center">
|
||||
<a href="#如何自行构建">自行构建</a> •
|
||||
<a href="#Docker-镜像">Docker</a> •
|
||||
<a href="#基于-S6-overlay-的镜像">S6-overlay</a> •
|
||||
<a href="#如何创建密钥">密钥</a> •
|
||||
<a href="#deb-套件">Debian</a> •
|
||||
<a href="#ENV-环境参数">环境参数</a><br>
|
||||
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁体中文</a>]<br>
|
||||
</p>
|
||||
|
||||
# RustDesk Server Program
|
||||
|
||||
[](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
|
||||
|
||||
[**下载**](https://github.com/rustdesk/rustdesk-server/releases)
|
||||
|
||||
[**说明文件**](https://rustdesk.com/docs/zh-cn/self-host/)
|
||||
|
||||
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
|
||||
|
||||
自行搭建属于你的RustDesk服务器,所有的一切都是免费且开源的
|
||||
|
||||
## 如何自行构建
|
||||
|
||||
```bash
|
||||
cargo build --release
|
||||
```
|
||||
|
||||
执行后会在target/release目录下生成三个对应平台的可执行程序
|
||||
|
||||
- hbbs - RustDesk ID/会和服务器
|
||||
- hbbr - RustDesk 中继服务器
|
||||
- rustdesk-utils - RustDesk 命令行工具
|
||||
|
||||
您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到最新的服务端软件。
|
||||
|
||||
如果您需要额外的功能支持,[RustDesk 专业版服务器](https://rustdesk.com/pricing.html) 获取更适合您。
|
||||
|
||||
如果您想开发自己的服务器,[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 应该会比直接使用这个仓库更简单快捷。
|
||||
|
||||
## Docker 镜像
|
||||
|
||||
Docker镜像会在每次 GitHub 发布新的release版本时自动构建。我们提供两种类型的镜像。
|
||||
|
||||
### Classic 传统镜像
|
||||
|
||||
这个类型的镜像是基于 `ubuntu-20.04` 进行构建,镜像仅包含两个主要的可执行程序(`hbbr` 和 `hbbs`)。它们可以通过以下tag在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上获得:
|
||||
|
||||
| 架构 | image:tag |
|
||||
|---------| ----------------------------------------- |
|
||||
| amd64 | `rustdesk/rustdesk-server:latest` |
|
||||
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
|
||||
|
||||
您可以使用以下命令,直接通过 ``docker run`` 來启动这些镜像:
|
||||
|
||||
```bash
|
||||
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
或不使用 `--net=host` 参数启动, 但这样 P2P 直连功能将无法工作。
|
||||
|
||||
对于使用了 SELinux 的系统,您需要将 ``/root`` 替换为 ``/root:z``,以保证容器的正常运行。或者,也可以通过添加参数 ``--security-opt label=disable`` 来完全禁用 SELinux 容器隔离。
|
||||
|
||||
```bash
|
||||
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
`relay-server-ip` 参数是运行这些容器的服务器的 IP 地址(或 DNS 名称)。如果你不想使用 **21117** 作为 `hbbr` 的服务端口,可使用可选参数 `port` 进行指定。
|
||||
|
||||
您也可以使用 docker-compose 进行构建,以下为配置示例:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
networks:
|
||||
rustdesk-net:
|
||||
external: false
|
||||
|
||||
services:
|
||||
hbbs:
|
||||
container_name: hbbs
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21118:21118
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbs -r rustdesk.example.com:21117
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
depends_on:
|
||||
- hbbr
|
||||
restart: unless-stopped
|
||||
|
||||
hbbr:
|
||||
container_name: hbbr
|
||||
ports:
|
||||
- 21117:21117
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbr
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
编辑第16行来指定你的中继服务器 (默认端口监听在 21117 的那一个)。 如果需要的话,您也可以编辑 volume 信息 (第 18 和 33 行)。
|
||||
|
||||
(感谢 @lukebarone 和 @QuiGonLeong 协助提供的 docker-compose 配置示例)
|
||||
|
||||
## 基于 S6-overlay 的镜像
|
||||
|
||||
> 这些镜像是针对 `busybox:stable` 构建的,并添加了可执行程序(hbbr 和 hbbs)以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它们可以使用以下tag在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 上获取:
|
||||
|
||||
|
||||
| 架構 | version | image:tag |
|
||||
| --------- | ------- | -------------------------------------------- |
|
||||
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
|
||||
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
|
||||
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
|
||||
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
|
||||
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
|
||||
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
|
||||
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
|
||||
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
|
||||
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
|
||||
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
|
||||
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
|
||||
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
|
||||
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
|
||||
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
|
||||
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
|
||||
|
||||
强烈建议您使用`major version` 或 `latest` tag 的 `multiarch` 架构的镜像。
|
||||
|
||||
S6-overlay 在此处作为监控程序,用以保证两个进程的运行,因此使用此镜像,您无需运行两个容器。
|
||||
|
||||
您可以使用 `docker run` 命令直接启动镜像,如下:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
或刪去 `--net=host` 参数, 但 P2P 直连功能将无法工作。
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
|
||||
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
或着您也可以使用 docker-compose 文件:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
volumes:
|
||||
- ./data:/data
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
对于此容器镜像,除了在下面的环境变量部分指定的变量之外,您还可以使用以下`环境变量`
|
||||
|
||||
| 环境变量 | 是否可选 | 描述 |
|
||||
|----------------|------|--------------------------|
|
||||
| RELAY | 否 | 运行此容器的宿主机的 IP 地址/ DNS 名称 |
|
||||
| ENCRYPTED_ONLY | 是 | 如果设置为 **"1"**,将不接受未加密的连接。 |
|
||||
| KEY_PUB | 是 | 密钥对中的公钥(Public Key) |
|
||||
| KEY_PRIV | 是 | 密钥对中的私钥(Private Key) |
|
||||
|
||||
### 基于 S6-overlay 镜像的密钥管理
|
||||
|
||||
您可以将密钥对保存在 Docker volume 中,但我们建议不要将密钥写入文件系統中;因此,我们提供了一些方案。
|
||||
|
||||
在容器启动时,会检查密钥对是否存在(`/data/id_ed25519.pub` 和 `/data/id_ed25519`),如果其中一個密钥不存在,则会从环境变量或 Docker Secret 中重新生成它。
|
||||
然后检查密钥对的可用性:如果公钥和私钥不匹配,容器将停止运行。
|
||||
如果您未提供密钥,`hbbs` 将会在默认位置生成一个。
|
||||
|
||||
#### 使用 ENV 存储密钥对
|
||||
|
||||
您可以使用 Docker 环境变量來存储密钥。如下:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
|
||||
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
|
||||
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
|
||||
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
#### 使用 Docker Secret 來保存密钥对
|
||||
|
||||
您还可以使用 Docker Secret 來保存密钥。
|
||||
如果您使用 **docker-compose** 或 **docker swarm**,推荐您使用。
|
||||
只需按照以下示例操作:
|
||||
|
||||
```bash
|
||||
cat secrets/id_ed25519.pub | docker secret create key_pub -
|
||||
cat secrets/id_ed25519 | docker secret create key_priv -
|
||||
docker service create --name rustdesk-server \
|
||||
--secret key_priv --secret key_pub \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
--mount "type=bind,source=$PWD/db,destination=/db" \
|
||||
rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- key_pub
|
||||
- key_priv
|
||||
|
||||
secrets:
|
||||
key_pub:
|
||||
file: secrets/id_ed25519.pub
|
||||
key_priv:
|
||||
file: secrets/id_ed25519
|
||||
```
|
||||
|
||||
## 如何生成密钥对
|
||||
|
||||
加密需要一对密钥;您可以按照前面所述提供它,但需要一个工具去生成密钥对。
|
||||
|
||||
您可以使用以下命令生成一对密钥:
|
||||
|
||||
```bash
|
||||
/usr/bin/rustdesk-utils genkeypair
|
||||
```
|
||||
|
||||
如果您沒有(或不想)在系统上安装 `rustdesk-utils` 套件,您可以使用 Docker 执行相同的命令:
|
||||
|
||||
```bash
|
||||
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
|
||||
```
|
||||
|
||||
运行后的输出内容如下:
|
||||
|
||||
```text
|
||||
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
|
||||
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
|
||||
```
|
||||
|
||||
## .deb 套件
|
||||
|
||||
每个可执行文件都有单独的 .deb 套件可供使用,您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到它們。
|
||||
這些套件适用于以下发行版:
|
||||
|
||||
- Ubuntu 22.04 LTS
|
||||
- Ubuntu 20.04 LTS
|
||||
- Ubuntu 18.04 LTS
|
||||
- Debian 11 bullseye
|
||||
- Debian 10 buster
|
||||
|
||||
## ENV 环境变量
|
||||
|
||||
可以使用这些`环境变量`参数來配置 hbbs 和 hbbr。
|
||||
您可以像往常一样指定参数,或者使用 .env 文件。
|
||||
|
||||
| 参数 | 可执行文件 | 描述 |
|
||||
|-----------------------|---------------|--------------------------------------------------|
|
||||
| ALWAYS_USE_RELAY | hbbs | 如果设定为 **"Y"**,将关闭直接点对点连接功能 |
|
||||
| DB_URL | hbbs | 数据库配置 |
|
||||
| DOWNGRADE_START_CHECK | hbbr | 降级检查之前的延迟是啊尽(以秒为单位) |
|
||||
| DOWNGRADE_THRESHOLD | hbbr | 降级检查的阈值(bit/ms) |
|
||||
| KEY | hbbs/hbbr | 如果设置了此参数,将强制使用指定密钥对,如果设为 **"_"**,则强制使用任意密钥 |
|
||||
| LIMIT_SPEED | hbbr | 速度限制(以Mb/s为单位) |
|
||||
| PORT | hbbs/hbbr | 监听端口(hbbs为21116,hbbr为21117) |
|
||||
| RELAY_SERVERS | hbbs | 运行hbbr的机器的IP地址/DNS名称(用逗号分隔) |
|
||||
| RUST_LOG | all | 设置 debug level (error\|warn\|info\|debug\|trace) |
|
||||
| SINGLE_BANDWIDTH | hbbr | 单个连接的最大带宽(以Mb/s为单位) |
|
||||
| TOTAL_BANDWIDTH | hbbr | 最大总带宽(以Mb/s为单位) |
|
||||
327
README.md
327
README.md
@@ -1,13 +1,3 @@
|
||||
<p align="center">
|
||||
<a href="#how-to-build-manually">Manually</a> •
|
||||
<a href="#docker-images">Docker</a> •
|
||||
<a href="#s6-overlay-based-images">S6-overlay</a> •
|
||||
<a href="#how-to-create-a-keypair">Keypair</a> •
|
||||
<a href="#deb-packages">Debian</a> •
|
||||
<a href="#env-variables">Variables</a><br>
|
||||
[<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
|
||||
</p>
|
||||
|
||||
# RustDesk Server Program
|
||||
|
||||
[](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
|
||||
@@ -18,6 +8,8 @@
|
||||
|
||||
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
|
||||
|
||||
[**How to migrate OSS to Pro**](https://rustdesk.com/docs/en/self-host/rustdesk-server-pro/installscript/#convert-from-open-source)
|
||||
|
||||
Self-host your own RustDesk server, it is free and open source.
|
||||
|
||||
## How to build manually
|
||||
@@ -38,317 +30,6 @@ If you want extra features, [RustDesk Server Pro](https://rustdesk.com/pricing.h
|
||||
|
||||
If you want to develop your own server, [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) might be a better and simpler start for you than this repo.
|
||||
|
||||
## Docker images
|
||||
## Installation
|
||||
|
||||
Docker images are automatically generated and published to [Docker Hub](https://hub.docker.com/r/rustdesk) and [GitHub Container Registry](https://github.com/rustdesk?tab=packages&repo_name=rustdesk-server) on every GitHub release. We have 2 kind of images.
|
||||
|
||||
### Classic image
|
||||
|
||||
These images are built from scratch with two main binaries (`hbbs` and `hbbr`). They're available on [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) and [GitHub Container Registry](https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) with these architectures:
|
||||
|
||||
* amd64
|
||||
* arm64v8
|
||||
* armv7
|
||||
|
||||
You could use `latest` tag or major version tag `1` with supported architectures:
|
||||
|
||||
| Version | image:tag |
|
||||
| ------------- | --------------------------------- |
|
||||
| latest | `rustdesk/rustdesk-server:latest` |
|
||||
| Major version | `rustdesk/rustdesk-server:1` |
|
||||
|
||||
|
||||
You can start these images directly with `docker run` with these commands:
|
||||
|
||||
```bash
|
||||
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
or without `--net=host`, but P2P direct connection can not work.
|
||||
|
||||
For systems using SELinux, replacing `/root` by `/root:z` is required for the containers to run correctly. Alternatively, SELinux container separation can be disabled completely adding the option `--security-opt label=disable`.
|
||||
|
||||
```bash
|
||||
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
|
||||
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
|
||||
```
|
||||
|
||||
The `relay-server-ip` parameter is the IP address (or dns name) of the server running these containers. The **optional** `port` parameter has to be used if you use a port different than **21117** for `hbbr`.
|
||||
|
||||
You can also use docker-compose, using this configuration as a template:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
networks:
|
||||
rustdesk-net:
|
||||
external: false
|
||||
|
||||
services:
|
||||
hbbs:
|
||||
container_name: hbbs
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21118:21118
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbs -r rustdesk.example.com:21117
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
depends_on:
|
||||
- hbbr
|
||||
restart: unless-stopped
|
||||
|
||||
hbbr:
|
||||
container_name: hbbr
|
||||
ports:
|
||||
- 21117:21117
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: hbbr
|
||||
volumes:
|
||||
- ./data:/root
|
||||
networks:
|
||||
- rustdesk-net
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
Edit line 16 to point to your relay server (the one listening on port 21117). You can also edit the volume lines (line 18 and line 33) if you need.
|
||||
|
||||
(docker-compose credit goes to @lukebarone and @QuiGonLeong)
|
||||
|
||||
> [!NOTE]
|
||||
> The rustdesk/rustdesk-server:latest in China may be replaced with the latest version number on Docker Hub, such as `rustdesk-server:1.1.10-3`. Otherwise, the old version may be pulled due to image acceleration.
|
||||
|
||||
> [!NOTE]
|
||||
> If you are experiencing issues pulling from Docker Hub, try pulling from the [GitHub Container Registry](https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) instead.
|
||||
|
||||
## S6-overlay based images
|
||||
|
||||
These images are build against `busybox:stable` with the addition of the binaries (both `hbbs` and `hbbr`) and [S6-overlay](https://github.com/just-containers/s6-overlay). They're available on [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) and [GitHub Container Registry](https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) with these architectures:
|
||||
|
||||
* amd64
|
||||
* i386
|
||||
* arm64v8
|
||||
* armv7
|
||||
|
||||
You could use `latest` tag or major version tag `1` with supported architectures:
|
||||
|
||||
| Version | image:tag |
|
||||
| ------------- | ------------------------------------ |
|
||||
| latest | `rustdesk/rustdesk-server-s6:latest` |
|
||||
| Major version | `rustdesk/rustdesk-server-s6:1` |
|
||||
|
||||
The S6-overlay acts as a supervisor and keeps both process running, so with this image, there's no need to have two separate running containers.
|
||||
|
||||
You can start these images directly with `docker run` with this command:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
or without `--net=host`, but P2P direct connection cannot work.
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
|
||||
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
Or you can use a docker-compose file:
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
volumes:
|
||||
- ./data:/data
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
For this container image, you can use these environment variables, **in addition** to the ones specified in the following **ENV variables** section:
|
||||
|
||||
| variable | optional | description |
|
||||
| --- | --- | --- |
|
||||
| RELAY | no | the IP address/DNS name of the machine running this container |
|
||||
| ENCRYPTED_ONLY | yes | if set to **"1"** unencrypted connection will not be accepted |
|
||||
| KEY_PUB | yes | public part of the key pair |
|
||||
| KEY_PRIV | yes | private part of the key pair |
|
||||
|
||||
### Secret management in S6-overlay based images
|
||||
|
||||
You can obviously keep the key pair in a docker volume, but the best practices tells you to not write the keys on the filesystem; so we provide a couple of options.
|
||||
|
||||
On container startup, the presence of the keypair is checked (`/data/id_ed25519.pub` and `/data/id_ed25519`) and if one of these keys doesn't exist, it's recreated from ENV variables or docker secrets.
|
||||
Then the validity of the keypair is checked: if public and private keys doesn't match, the container will stop.
|
||||
If you provide no keys, `hbbs` will generate one for you, and it'll place it in the default location.
|
||||
|
||||
#### Use ENV to store the key pair
|
||||
|
||||
You can use docker environment variables to store the keys. Just follow this examples:
|
||||
|
||||
```bash
|
||||
docker run --name rustdesk-server \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
|
||||
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
|
||||
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
|
||||
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
#### Use Docker secrets to store the key pair
|
||||
|
||||
You can alternatively use docker secrets to store the keys.
|
||||
This is useful if you're using **docker-compose** or **Docker Swarm**.
|
||||
Just follow this examples:
|
||||
|
||||
```bash
|
||||
cat secrets/id_ed25519.pub | docker secret create key_pub -
|
||||
cat secrets/id_ed25519 | docker secret create key_priv -
|
||||
docker service create --name rustdesk-server \
|
||||
--secret key_priv --secret key_pub \
|
||||
--net=host \
|
||||
-e "RELAY=rustdeskrelay.example.com" \
|
||||
-e "ENCRYPTED_ONLY=1" \
|
||||
-e "DB_URL=/db/db_v2.sqlite3" \
|
||||
--mount "type=bind,source=$PWD/db,destination=/db" \
|
||||
rustdesk/rustdesk-server-s6:latest
|
||||
```
|
||||
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rustdesk-server:
|
||||
container_name: rustdesk-server
|
||||
ports:
|
||||
- 21115:21115
|
||||
- 21116:21116
|
||||
- 21116:21116/udp
|
||||
- 21117:21117
|
||||
- 21118:21118
|
||||
- 21119:21119
|
||||
image: rustdesk/rustdesk-server-s6:latest
|
||||
environment:
|
||||
- "RELAY=rustdesk.example.com:21117"
|
||||
- "ENCRYPTED_ONLY=1"
|
||||
- "DB_URL=/db/db_v2.sqlite3"
|
||||
volumes:
|
||||
- ./db:/db
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- key_pub
|
||||
- key_priv
|
||||
|
||||
secrets:
|
||||
key_pub:
|
||||
file: secrets/id_ed25519.pub
|
||||
key_priv:
|
||||
file: secrets/id_ed25519
|
||||
```
|
||||
|
||||
## How to create a keypair
|
||||
|
||||
A keypair is needed for encryption; you can provide it, as explained before, but you need a way to create one.
|
||||
|
||||
You can use this command to generate a keypair:
|
||||
|
||||
```bash
|
||||
/usr/bin/rustdesk-utils genkeypair
|
||||
```
|
||||
|
||||
If you don't have (or don't want) the `rustdesk-utils` package installed on your system, you can invoke the same command with docker:
|
||||
|
||||
```bash
|
||||
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
|
||||
```
|
||||
|
||||
The output will be something like this:
|
||||
|
||||
```text
|
||||
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
|
||||
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
|
||||
```
|
||||
|
||||
## .deb packages
|
||||
|
||||
Separate .deb packages are available for each binary, you can find them in the [Releases](https://github.com/rustdesk/rustdesk-server/releases).
|
||||
These packages are meant for the following distributions:
|
||||
|
||||
- Ubuntu 24.04 LTS
|
||||
- Ubuntu 22.04 LTS
|
||||
- Ubuntu 20.04 LTS
|
||||
- Ubuntu 18.04 LTS
|
||||
- Debian 12 bookworm
|
||||
- Debian 11 bullseye
|
||||
- Debian 10 buster
|
||||
|
||||
## ENV variables
|
||||
|
||||
`hbbs` and `hbbr` can be configured using these ENV variables.
|
||||
You can specify the variables as usual or use an `.env` file.
|
||||
|
||||
| variable | binary | description |
|
||||
| --- | --- | --- |
|
||||
| ALWAYS_USE_RELAY | hbbs | if set to **"Y"** disallows direct peer connection |
|
||||
| DB_URL | hbbs | path for database file |
|
||||
| DOWNGRADE_START_CHECK | hbbr | delay (in seconds) before downgrade check |
|
||||
| DOWNGRADE_THRESHOLD | hbbr | threshold of downgrade check (bit/ms) |
|
||||
| KEY | hbbs/hbbr | if set force the use of a specific key, if set to **"_"** force the use of any key |
|
||||
| LIMIT_SPEED | hbbr | speed limit (in Mb/s) |
|
||||
| PORT | hbbs/hbbr | listening port (21116 for hbbs - 21117 for hbbr) |
|
||||
| RELAY | hbbs | IP address/DNS name of the machines running hbbr (separated by comma) |
|
||||
| RUST_LOG | all | set debug level (error\|warn\|info\|debug\|trace) |
|
||||
| SINGLE_BANDWIDTH | hbbr | max bandwidth for a single connection (in Mb/s) |
|
||||
| TOTAL_BANDWIDTH | hbbr | max total bandwidth (in Mb/s) |
|
||||
Please follow this [doc](https://rustdesk.com/docs/en/self-host/rustdesk-server-oss/)
|
||||
|
||||
62
debian/README.source
vendored
Normal file
62
debian/README.source
vendored
Normal file
@@ -0,0 +1,62 @@
|
||||
#
|
||||
# Juli Augustus 2025 was building the downloadable Debian packages done
|
||||
# by github.com CI, meaning you being depended on github.com
|
||||
# for getting a .deb of the libre source code (four GNU freedoms) you have.
|
||||
#
|
||||
# And in those days there was no official Debian package.
|
||||
#
|
||||
# What follows are instructions that make it possible to do
|
||||
# a succesfull
|
||||
#
|
||||
# debuild -uc -us
|
||||
#
|
||||
# in the directory target/rustdesk-server
|
||||
#
|
||||
# The instructions are written in bash syntax,
|
||||
#
|
||||
# bash debian/README.source
|
||||
#
|
||||
# should help you immens
|
||||
#
|
||||
|
||||
# Make sure the submodules are present
|
||||
git submodule update --init --recursive
|
||||
|
||||
rm -rf target/rustdesk-server # avoid clutter from previous iteration
|
||||
mkdir -p target/rustdesk-server # FYI: target/ is ignored by git
|
||||
|
||||
tar cf - \
|
||||
--exclude .git \
|
||||
Cargo.toml Cargo.lock \
|
||||
LICENSE README.md \
|
||||
db_v2.sqlite3 \
|
||||
build.rs \
|
||||
debian \
|
||||
libs rcd src \
|
||||
systemd ui \
|
||||
| ( cd target/rustdesk-server && tar x )
|
||||
|
||||
mv target/rustdesk-server/debian/Makefile target/rustdesk-server/
|
||||
|
||||
tar cjf target/rustdesk-server-orig.tar.xz \
|
||||
--strip-components=1 \
|
||||
target/rustdesk-server
|
||||
|
||||
# an .orig.tar.xz tarball exists,
|
||||
# work on the debian directory
|
||||
|
||||
eval $( dpkg-architecture )
|
||||
sed -e "s/{{ ARCH }}/${DEB_TARGET_ARCH}/" \
|
||||
debian/control.tpl > target/rustdesk-server/debian/control
|
||||
|
||||
|
||||
cd target/rustdesk-server
|
||||
dpkg-checkbuilddeps || echo sudo apt install dpkg-dev
|
||||
debuild -uc -us
|
||||
|
||||
#
|
||||
# For what it is worth:
|
||||
# Early September 2025 there were
|
||||
# several WARNINGS and ERRORS from Lintian
|
||||
#
|
||||
# l l
|
||||
37
debian/changelog
vendored
37
debian/changelog
vendored
@@ -1,33 +1,70 @@
|
||||
rustdesk-server (1.1.15) UNRELEASED; urgency=medium
|
||||
|
||||
* Fix: 127.0.0.1 is not loopback (#515)
|
||||
* Higher default bandwidth
|
||||
* Define the HOME env to allow running rootless (#612)
|
||||
* Add option to log (failed) authentication attempts to enable the usage of tools like fail2ban and crowdsec (#435)
|
||||
* Connection log query
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Sat, 10 Jan 2026 16:04:19 +0800
|
||||
|
||||
rustdesk-server (1.1.14) UNRELEASED; urgency=medium
|
||||
|
||||
* Fix windows crash
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Sat, 25 Jan 2025 20:47:19 +0800
|
||||
|
||||
rustdesk-server (1.1.13) UNRELEASED; urgency=medium
|
||||
|
||||
* Version check and refactor hbb_common to share with rustdesk client
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Tue, 21 Jan 2025 01:33:42 +0800
|
||||
|
||||
rustdesk-server (1.1.12) UNRELEASED; urgency=medium
|
||||
|
||||
* WS real ip
|
||||
* Bump s6-overlay to v3.2.0.0 and fix env warnings
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Mon, 7 Oct 2024 16:21:36 +0800
|
||||
|
||||
rustdesk-server (1.1.11-1) UNRELEASED; urgency=medium
|
||||
|
||||
* set reuse port to make restart friendly
|
||||
* revert hbbr `-k` to not ruin back-compatibility
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Fri, 24 May 2024 18:37:11 +0800
|
||||
|
||||
rustdesk-server (1.1.11) UNRELEASED; urgency=medium
|
||||
|
||||
* change -k to default '-', so you need not to set -k any more
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Fri, 24 May 2024 18:09:12 +0800
|
||||
|
||||
rustdesk-server (1.1.10-3) UNRELEASED; urgency=medium
|
||||
|
||||
* fix on -2
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Wed, 31 Jan 2024 11:30:42 +0800
|
||||
|
||||
rustdesk-server (1.1.10-2) UNRELEASED; urgency=medium
|
||||
|
||||
* fix hangup signal exit when run with nohup
|
||||
* some minors
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Tue, 30 Jan 2024 19:23:36 +0800
|
||||
|
||||
rustdesk-server (1.1.9) UNRELEASED; urgency=medium
|
||||
|
||||
* remove unsafe
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Tue, 5 Dec 2023 17:22:40 +0800
|
||||
|
||||
rustdesk-server (1.1.8) UNRELEASED; urgency=medium
|
||||
|
||||
* fix test_hbbs and mask in lan
|
||||
|
||||
-- rustdesk <info@rustdesk.com> Thu, 6 Jul 2023 00:50:11 +0800
|
||||
|
||||
rustdesk-server (1.1.7) UNRELEASED; urgency=medium
|
||||
|
||||
* ipv6 support
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
FROM scratch
|
||||
COPY hbbs /usr/bin/hbbs
|
||||
COPY hbbr /usr/bin/hbbr
|
||||
WORKDIR /root
|
||||
FROM scratch
|
||||
COPY hbbs /usr/bin/hbbs
|
||||
COPY hbbr /usr/bin/hbbr
|
||||
WORKDIR /root
|
||||
ENV HOME=/root
|
||||
|
||||
87
kubernetes/example.yaml
Normal file
87
kubernetes/example.yaml
Normal file
@@ -0,0 +1,87 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: rustdesk-server
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app: rustdesk
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: rustdesk
|
||||
spec:
|
||||
containers:
|
||||
# id Server (HBBS)
|
||||
- name: hbbs
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
env:
|
||||
- name: RELAY_HOST
|
||||
value: "rustdesk.yourdomain.tld"
|
||||
command: ["hbbs", "-r", "$(RELAY_HOST):21117", "-k", "_"]
|
||||
volumeMounts:
|
||||
- mountPath: /root
|
||||
name: rustdesk-data
|
||||
ports:
|
||||
- containerPort: 21115
|
||||
- containerPort: 21116
|
||||
protocol: TCP
|
||||
- containerPort: 21116
|
||||
protocol: UDP
|
||||
- containerPort: 21118
|
||||
|
||||
# Relay Server (HBBR)
|
||||
- name: hbbr
|
||||
image: rustdesk/rustdesk-server:latest
|
||||
command: ["hbbr", "-k", "_"]
|
||||
volumeMounts:
|
||||
- mountPath: /root
|
||||
name: rustdesk-data
|
||||
ports:
|
||||
- containerPort: 21117
|
||||
- containerPort: 21119
|
||||
|
||||
volumes:
|
||||
- name: rustdesk-data
|
||||
persistentVolumeClaim:
|
||||
claimName: rustdesk-pvc
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: rustdesk-service
|
||||
spec:
|
||||
type: LoadBalancer # Or NodePort
|
||||
selector:
|
||||
app: rustdesk
|
||||
ports:
|
||||
- name: hbbs-tcp
|
||||
port: 21115
|
||||
targetPort: 21115
|
||||
protocol: TCP
|
||||
- name: hbbs-udp
|
||||
port: 21116
|
||||
targetPort: 21116
|
||||
protocol: UDP
|
||||
- name: hbbs-tcp-main
|
||||
port: 21116
|
||||
targetPort: 21116
|
||||
protocol: TCP
|
||||
- name: hbbr-tcp
|
||||
port: 21117
|
||||
targetPort: 21117
|
||||
protocol: TCP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: rustdesk-pvc
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce # RWM would be available only with pro version
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
Submodule libs/hbb_common updated: 49c6b24a7a...83419b6549
@@ -39,9 +39,9 @@ lazy_static::lazy_static! {
|
||||
|
||||
static DOWNGRADE_THRESHOLD_100: AtomicUsize = AtomicUsize::new(66); // 0.66
|
||||
static DOWNGRADE_START_CHECK: AtomicUsize = AtomicUsize::new(1_800_000); // in ms
|
||||
static LIMIT_SPEED: AtomicUsize = AtomicUsize::new(4 * 1024 * 1024); // in bit/s
|
||||
static LIMIT_SPEED: AtomicUsize = AtomicUsize::new(32 * 1024 * 1024); // in bit/s
|
||||
static TOTAL_BANDWIDTH: AtomicUsize = AtomicUsize::new(1024 * 1024 * 1024); // in bit/s
|
||||
static SINGLE_BANDWIDTH: AtomicUsize = AtomicUsize::new(16 * 1024 * 1024); // in bit/s
|
||||
static SINGLE_BANDWIDTH: AtomicUsize = AtomicUsize::new(128 * 1024 * 1024); // in bit/s
|
||||
const BLACKLIST_FILE: &str = "blacklist.txt";
|
||||
const BLOCKLIST_FILE: &str = "blocklist.txt";
|
||||
|
||||
@@ -428,6 +428,7 @@ async fn make_pair_(stream: impl StreamTrait, addr: SocketAddr, key: &str, limit
|
||||
if let Ok(msg_in) = RendezvousMessage::parse_from_bytes(&bytes) {
|
||||
if let Some(rendezvous_message::Union::RequestRelay(rf)) = msg_in.union {
|
||||
if !key.is_empty() && rf.licence_key != key {
|
||||
log::warn!("Relay authentication failed from {} - invalid key", addr);
|
||||
return;
|
||||
}
|
||||
if !rf.uuid.is_empty() {
|
||||
|
||||
@@ -61,6 +61,14 @@ type RelayServers = Vec<String>;
|
||||
const CHECK_RELAY_TIMEOUT: u64 = 3_000;
|
||||
static ALWAYS_USE_RELAY: AtomicBool = AtomicBool::new(false);
|
||||
|
||||
// Store punch hole requests
|
||||
use once_cell::sync::Lazy;
|
||||
use tokio::sync::Mutex as TokioMutex; // differentiate if needed
|
||||
#[derive(Clone)]
|
||||
struct PunchReqEntry { tm: Instant, from_ip: String, to_ip: String, to_id: String }
|
||||
static PUNCH_REQS: Lazy<TokioMutex<Vec<PunchReqEntry>>> = Lazy::new(|| TokioMutex::new(Vec::new()));
|
||||
const PUNCH_REQ_DEDUPE_SEC: u64 = 60;
|
||||
|
||||
#[derive(Clone)]
|
||||
struct Inner {
|
||||
serial: i32,
|
||||
@@ -680,6 +688,7 @@ impl RendezvousServer {
|
||||
) -> ResultType<(RendezvousMessage, Option<SocketAddr>)> {
|
||||
let mut ph = ph;
|
||||
if !key.is_empty() && ph.licence_key != key {
|
||||
log::warn!("Authentication failed from {} for peer {} - invalid key", addr, ph.id);
|
||||
let mut msg_out = RendezvousMessage::new();
|
||||
msg_out.set_punch_hole_response(PunchHoleResponse {
|
||||
failure: punch_hole_response::Failure::LICENSE_MISMATCH.into(),
|
||||
@@ -706,6 +715,23 @@ impl RendezvousServer {
|
||||
});
|
||||
return Ok((msg_out, None));
|
||||
}
|
||||
|
||||
// record punch hole request (from addr -> peer id/peer_addr)
|
||||
{
|
||||
let from_ip = try_into_v4(addr).ip().to_string();
|
||||
let to_ip = try_into_v4(peer_addr).ip().to_string();
|
||||
let to_id_clone = id.clone();
|
||||
let mut lock = PUNCH_REQS.lock().await;
|
||||
let mut dup = false;
|
||||
for e in lock.iter().rev().take(30) { // only check recent tail subset for speed
|
||||
if e.from_ip == from_ip && e.to_id == to_id_clone {
|
||||
if e.tm.elapsed().as_secs() < PUNCH_REQ_DEDUPE_SEC { dup = true; }
|
||||
break;
|
||||
}
|
||||
}
|
||||
if !dup { lock.push(PunchReqEntry { tm: Instant::now(), from_ip, to_ip, to_id: to_id_clone }); }
|
||||
}
|
||||
|
||||
let mut msg_out = RendezvousMessage::new();
|
||||
let peer_is_lan = self.is_lan(peer_addr);
|
||||
let is_lan = self.is_lan(addr);
|
||||
@@ -916,11 +942,12 @@ impl RendezvousServer {
|
||||
match fds.next() {
|
||||
Some("h") => {
|
||||
res = format!(
|
||||
"{}\n{}\n{}\n{}\n{}\n{}\n",
|
||||
"{}\n{}\n{}\n{}\n{}\n{}\n{}\n",
|
||||
"relay-servers(rs) <separated by ,>",
|
||||
"reload-geo(rg)",
|
||||
"ip-blocker(ib) [<ip>|<number>] [-]",
|
||||
"ip-changes(ic) [<id>|<number>] [-]",
|
||||
"punch-requests(pr) [<number>] [-]",
|
||||
"always-use-relay(aur)",
|
||||
"test-geo(tg) <ip1> <ip2>"
|
||||
)
|
||||
@@ -1020,6 +1047,24 @@ impl RendezvousServer {
|
||||
}
|
||||
}
|
||||
}
|
||||
Some("punch-requests" | "pr") => {
|
||||
use std::fmt::Write as _;
|
||||
let mut lock = PUNCH_REQS.lock().await;
|
||||
let arg = fds.next();
|
||||
if let Some("-") = arg { lock.clear(); }
|
||||
else {
|
||||
let mut start = arg.and_then(|x| x.parse::<usize>().ok()).unwrap_or(0);
|
||||
let mut page_size = fds.next().and_then(|x| x.parse::<usize>().ok()).unwrap_or(10);
|
||||
if page_size == 0 { page_size = 10; }
|
||||
for (_, e) in lock.iter().enumerate().skip(start).take(page_size) {
|
||||
let age = e.tm.elapsed();
|
||||
let event_system = std::time::SystemTime::now() - age;
|
||||
let event_iso = chrono::DateTime::<chrono::Utc>::from(event_system)
|
||||
.to_rfc3339_opts(chrono::SecondsFormat::Secs, true);
|
||||
let _ = writeln!(res, "{} {} -> {}@{}", event_iso, e.from_ip, e.to_id, e.to_ip);
|
||||
}
|
||||
}
|
||||
}
|
||||
Some("always-use-relay" | "aur") => {
|
||||
if let Some(rs) = fds.next() {
|
||||
if rs.to_uppercase() == "Y" {
|
||||
@@ -1056,7 +1101,8 @@ impl RendezvousServer {
|
||||
|
||||
async fn handle_listener2(&self, stream: TcpStream, addr: SocketAddr) {
|
||||
let mut rs = self.clone();
|
||||
if addr.ip().is_loopback() {
|
||||
let ip = try_into_v4(addr).ip();
|
||||
if ip.is_loopback() {
|
||||
tokio::spawn(async move {
|
||||
let mut stream = stream;
|
||||
let mut buffer = [0; 1024];
|
||||
|
||||
@@ -10,7 +10,7 @@ use std::{
|
||||
fn print_help() {
|
||||
println!(
|
||||
"Usage:
|
||||
rustdesk-util [command]\n
|
||||
rustdesk-utils [command]\n
|
||||
Available Commands:
|
||||
genkeypair Generate a new keypair
|
||||
validatekeypair [public key] [secret key] Validate an existing keypair
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
!define PRODUCT_NAME "rustdesk_server"
|
||||
!define PRODUCT_DESCRIPTION "Installer for ${PRODUCT_NAME}"
|
||||
!define COPYRIGHT "Copyright © 2021"
|
||||
!define VERSION "1.1.13"
|
||||
!define VERSION "1.1.15"
|
||||
|
||||
VIProductVersion "${VERSION}.0"
|
||||
VIAddVersionKey "ProductName" "${PRODUCT_NAME}"
|
||||
|
||||
Reference in New Issue
Block a user