fix ci

Signed-off-by: writegr <wellweek@outlook.com>

.github/ISSUE_TEMPLATE/ask-a-question.md

@@ -1,14 +0,0 @@
----
-name: Ask a question
-about: Ask the community for help
-title: ''
-labels: 'question'
-assignees: ''
-
----
-
-This is the place for generic questions. Please stay on topic and be polite.
-
-**Notes**
- - Please write in english only. If you provide some images in different languages, you're required to write a translation in english.
- - In any case, **NEVER** put here the content if your `id_ed25519` file

.github/workflows/build.yaml

@@ -26,7 +26,7 @@ jobs:
   build:
 
     name: Build - ${{ matrix.job.name }}
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     strategy:
       fail-fast: false
       matrix:
@@ -35,6 +35,7 @@ jobs:
           - { name: "arm64v8", target: "aarch64-unknown-linux-musl" }
           - { name: "armv7",   target: "armv7-unknown-linux-musleabihf" }
           - { name: "i386",    target: "i686-unknown-linux-musl" }
+          - { name: "amd64fb",    target: "x86_64-unknown-freebsd" }
 
     steps:
       
@@ -44,7 +45,7 @@ jobs:
       - name: Install toolchain
         uses: actions-rs/toolchain@v1
         with:
-          toolchain: "1.62"
+          toolchain: "1.70.0"
           override: true
           default: true
           components: rustfmt
@@ -83,7 +84,7 @@ jobs:
       - name: Install toolchain
         uses: actions-rs/toolchain@v1
         with:
-          toolchain: "1.62"
+          toolchain: "1.70.0"
           override: true
           default: true
           components: rustfmt
@@ -112,6 +113,7 @@ jobs:
 
       - name: Sign exe files
         uses: GermanBluefox/code-sign-action@v7
+        if: false
         with:
           certificate: '${{ secrets.WINDOWS_PFX_BASE64 }}'
           password: '${{ secrets.WINDOWS_PFX_PASSWORD }}'
@@ -140,6 +142,7 @@ jobs:
 
       - name: Sign UI setup file 
         uses: GermanBluefox/code-sign-action@v7
+        if: false
         with:
           certificate: '${{ secrets.WINDOWS_PFX_BASE64 }}'
           password: '${{ secrets.WINDOWS_PFX_PASSWORD }}'
@@ -165,17 +168,18 @@ jobs:
     needs: 
       - build
       - build-win
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     strategy:
       fail-fast: false
       matrix:
         job:
-          - { os: "linux", name: "amd64" }
-          - { os: "linux", name: "arm64v8" }
-          - { os: "linux", name: "armv7" }
-          - { os: "linux", name: "i386" }
-          - { os: "windows", name: "x86_64" }
-
+          - { os: "linux", name: "amd64", suffix: "" }
+          - { os: "linux", name: "arm64v8", suffix: "" }
+          - { os: "linux", name: "armv7", suffix: "" }
+          - { os: "linux", name: "i386", suffix: "" }
+          - { os: "linux", name: "amd64fb", suffix: "" }
+          - { os: "windows", name: "x86_64", suffix: "-unsigned" }
+          
     steps:
 
       - name: Download binaries (${{ matrix.job.os }} - ${{ matrix.job.name }})
@@ -191,20 +195,20 @@ jobs:
         run: |
           sudo apt update
           DEBIAN_FRONTEND=noninteractive sudo apt install -y zip
-          zip ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}.zip ${{ matrix.job.name }}/*
+          zip ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}${{ matrix.job.suffix }}.zip ${{ matrix.job.name }}/*
 
       - name: Create Release (${{ matrix.job.os }} - (${{ matrix.job.name }})
         uses: softprops/action-gh-release@v1
         with:
           draft: true
-          files: ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}.zip
+          files: ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}${{ matrix.job.suffix }}.zip
             
   # docker build and push of single-arch images
   docker:
 
     name: Docker push - ${{ matrix.job.name }}
     needs: build
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
@@ -256,11 +260,12 @@ jobs:
           echo "MAJOR_TAG=$M" >> $GITHUB_ENV
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: "./docker"
           platforms: ${{ matrix.job.docker_platform }}
           push: true
+          provenance: false
           build-args: |
             S6_ARCH=${{ matrix.job.s6_platform }}
           tags: |
@@ -274,7 +279,7 @@ jobs:
 
     name: Docker manifest
     needs: docker
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-22.04
 
     steps:
 
@@ -319,20 +324,20 @@ jobs:
           extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-i386
           push: true
 
-
             
-  # docker build and push of classic images
+  # docker build and push of single-arch images
   docker-classic:
 
-    name: Docker push classic - ${{ matrix.job.name }}
+    name: Docker push - ${{ matrix.job.name }}
     needs: build
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
         job:
-          - { name: "amd64",   docker_platform: "linux/amd64", tag: "latest" }
-          - { name: "arm64v8", docker_platform: "linux/arm64", tag: "latest-arm64v8" }
+          - { name: "amd64",   docker_platform: "linux/amd64" }
+          - { name: "arm64v8", docker_platform: "linux/arm64" }
+          - { name: "armv7",   docker_platform: "linux/arm/v7" }
 
     steps:
 
@@ -346,7 +351,7 @@ jobs:
           path: docker-classic/
 
       - name: Make binaries executable
-        run: chmod -v a+x docker-classic/hbb*
+        run: chmod -v a+x docker-classic/*
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
@@ -367,16 +372,77 @@ jobs:
         with:
           images: registry.hub.docker.com/${{ secrets.DOCKER_IMAGE_CLASSIC }}
 
+      - name: Get git tag
+        id: vars
+        run: |
+          T=${GITHUB_REF#refs/*/}
+          M=${T%%.*}
+          echo "GIT_TAG=$T" >> $GITHUB_ENV
+          echo "MAJOR_TAG=$M" >> $GITHUB_ENV
+
       - name: Build and push Docker image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: "./docker-classic"
           platforms: ${{ matrix.job.docker_platform }}
           push: true
+          provenance: false
           tags: |
-            ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ matrix.job.tag }}
+            ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
+            ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
+            ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
           labels: ${{ steps.meta.outputs.labels }}
 
+  # docker build and push of multiarch images
+  docker-manifest-classic:
+
+    name: Docker manifest
+    needs: docker
+    runs-on: ubuntu-22.04
+
+    steps:
+
+      - name: Log in to Docker Hub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Get git tag
+        id: vars
+        run: |
+          T=${GITHUB_REF#refs/*/}
+          M=${T%%.*}
+          echo "GIT_TAG=$T" >> $GITHUB_ENV
+          echo "MAJOR_TAG=$M" >> $GITHUB_ENV
+
+      # manifest for :1.2.3 tag
+      #  this has to run only if invoked by a new tag
+      - name: Create and push manifest (:ve.rs.ion)
+        uses: Noelware/docker-manifest-action@master
+        if: github.event_name != 'workflow_dispatch'
+        with:
+          base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}
+          extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-armv7
+          push: true
+
+      # manifest for :1 tag (major release)
+      - name: Create and push manifest (:major)
+        uses: Noelware/docker-manifest-action@master
+        with:
+          base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}
+          extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-armv7
+          push: true
+
+      # manifest for :latest tag
+      - name: Create and push manifest (:latest)
+        uses: Noelware/docker-manifest-action@master
+        with:
+          base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}
+          extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-armv7
+          push: true
+
 
   deb-package:
 

.gitignore

@@ -9,3 +9,4 @@ debian/debhelper-build-stamp
 src/version.rs
 db_v2.sqlite3
 test.*
+.idea

Cargo.lock

@@ -276,12 +276,6 @@ dependencies = [
  "toml",
 ]
 
-[[package]]
-name = "const-sha1"
-version = "0.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fb58b6451e8c2a812ad979ed1d83378caa5e927eef2622017a45f251457c2c9d"
-
 [[package]]
 name = "core-foundation"
 version = "0.9.3"
@@ -785,7 +779,7 @@ dependencies = [
 
 [[package]]
 name = "hbbs"
-version = "1.1.7-1"
+version = "1.1.11"
 dependencies = [
  "async-speed-limit",
  "async-trait",
@@ -1086,15 +1080,14 @@ dependencies = [
 
 [[package]]
 name = "local-ip-address"
-version = "0.4.4"
+version = "0.5.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8b143c6ef86e36328caa40a7578e95d1544aca8a1740235fd2b416a69441a5c7"
+checksum = "2815836665de176ba66deaa449ada98fdf208d84730d1a84a22cbeed6151a6fa"
 dependencies = [
  "libc",
- "memalloc",
  "neli",
  "thiserror",
- "windows",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1118,9 +1111,9 @@ dependencies = [
 
 [[package]]
 name = "mac_address"
-version = "1.1.3"
+version = "1.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "df1d1bc1084549d60725ccc53a2bfa07f67fe4689fda07b05a36531f2988104a"
+checksum = "4863ee94f19ed315bf3bc00299338d857d4b5bc856af375cc97d237382ad3856"
 dependencies = [
  "nix",
  "winapi",
@@ -1147,12 +1140,6 @@ version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "73cbba799671b762df5a175adf59ce145165747bb891505c43d09aefbbf38beb"
 
-[[package]]
-name = "memalloc"
-version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "df39d232f5c40b0891c10216992c2f250c054105cb1e56f0fc9032db6203ecc1"
-
 [[package]]
 name = "memchr"
 version = "2.5.0"
@@ -1222,7 +1209,7 @@ dependencies = [
  "libc",
  "log",
  "wasi 0.11.0+wasi-snapshot-preview1",
- "windows-sys",
+ "windows-sys 0.36.1",
 ]
 
 [[package]]
@@ -1236,12 +1223,27 @@ dependencies = [
 
 [[package]]
 name = "neli"
-version = "0.5.3"
+version = "0.6.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9053554eb5dcb7e10d9cdab1206965bde870eed5d0d341532ca035e3ba221508"
+checksum = "1100229e06604150b3becd61a4965d5c70f3be1759544ea7274166f4be41ef43"
 dependencies = [
  "byteorder",
  "libc",
+ "log",
+ "neli-proc-macros",
+]
+
+[[package]]
+name = "neli-proc-macros"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c168194d373b1e134786274020dae7fc5513d565ea2ebb9bc9ff17ffb69106d4"
+dependencies = [
+ "either",
+ "proc-macro2",
+ "quote",
+ "serde",
+ "syn",
 ]
 
 [[package]]
@@ -1403,7 +1405,7 @@ dependencies = [
  "libc",
  "redox_syscall",
  "smallvec",
- "windows-sys",
+ "windows-sys 0.36.1",
 ]
 
 [[package]]
@@ -2729,30 +2731,49 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
 
-[[package]]
-name = "windows"
-version = "0.18.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "68088239696c06152844eadc03d262f088932cce50c67e4ace86e19d95e976fe"
-dependencies = [
- "const-sha1",
- "windows_gen",
- "windows_macros",
-]
-
 [[package]]
 name = "windows-sys"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2"
 dependencies = [
- "windows_aarch64_msvc",
- "windows_i686_gnu",
- "windows_i686_msvc",
- "windows_x86_64_gnu",
- "windows_x86_64_msvc",
+ "windows_aarch64_msvc 0.36.1",
+ "windows_i686_gnu 0.36.1",
+ "windows_i686_msvc 0.36.1",
+ "windows_x86_64_gnu 0.36.1",
+ "windows_x86_64_msvc 0.36.1",
 ]
 
+[[package]]
+name = "windows-sys"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9"
+dependencies = [
+ "windows-targets",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7b1eb6f0cd7c80c79759c929114ef071b87354ce476d9d94271031c0497adfd5"
+dependencies = [
+ "windows_aarch64_gnullvm",
+ "windows_aarch64_msvc 0.48.0",
+ "windows_i686_gnu 0.48.0",
+ "windows_i686_msvc 0.48.0",
+ "windows_x86_64_gnu 0.48.0",
+ "windows_x86_64_gnullvm",
+ "windows_x86_64_msvc 0.48.0",
+]
+
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "91ae572e1b79dba883e0d315474df7305d12f569b400fcf90581b06062f7e1bc"
+
 [[package]]
 name = "windows_aarch64_msvc"
 version = "0.36.1"
@@ -2760,10 +2781,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47"
 
 [[package]]
-name = "windows_gen"
-version = "0.18.0"
+name = "windows_aarch64_msvc"
+version = "0.48.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cf583322dc423ee021035b358e535015f7fd163058a31e2d37b99a939141121d"
+checksum = "b2ef27e0d7bdfcfc7b868b317c1d32c641a6fe4629c171b8928c7b08d98d7cf3"
 
 [[package]]
 name = "windows_i686_gnu"
@@ -2771,6 +2792,12 @@ version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6"
 
+[[package]]
+name = "windows_i686_gnu"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "622a1962a7db830d6fd0a69683c80a18fda201879f0f447f065a3b7467daa241"
+
 [[package]]
 name = "windows_i686_msvc"
 version = "0.36.1"
@@ -2778,14 +2805,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024"
 
 [[package]]
-name = "windows_macros"
-version = "0.18.0"
+name = "windows_i686_msvc"
+version = "0.48.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58acfb8832e9f707f8997bd161e537a1c1f603e60a5bd9c3cf53484fdcc998f3"
-dependencies = [
- "syn",
- "windows_gen",
-]
+checksum = "4542c6e364ce21bf45d69fdd2a8e455fa38d316158cfd43b3ac1c5b1b19f8e00"
 
 [[package]]
 name = "windows_x86_64_gnu"
@@ -2793,12 +2816,30 @@ version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1"
 
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca2b8a661f7628cbd23440e50b05d705db3686f894fc9580820623656af974b1"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953"
+
 [[package]]
 name = "windows_x86_64_msvc"
 version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680"
 
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a"
+
 [[package]]
 name = "winreg"
 version = "0.6.2"

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "hbbs"
-version = "1.1.7-1"
+version = "1.1.11"
 authors = ["rustdesk <info@rustdesk.com>"]
 edition = "2021"
 build = "build.rs"
@@ -26,7 +26,7 @@ clap = "2"
 rust-ini = "0.18"
 minreq = { version = "2.4", features = ["punycode"] }
 machine-uid = "0.2"
-mac_address = "1.1"
+mac_address = "1.1.5"
 whoami = "1.2"
 base64 = "0.13"
 axum = { version = "0.5", features = ["headers"] }
@@ -46,9 +46,9 @@ tungstenite = "0.17"
 regex = "1.4"
 tower-http = { version = "0.3", features = ["fs", "trace", "cors"] }
 http = "0.2"
-flexi_logger = { version = "0.22", features = ["async", "use_chrono_for_offset"] }
+flexi_logger = { version = "0.22", features = ["async", "use_chrono_for_offset", "dont_minimize_extra_stacks"] }
 ipnetwork = "0.20"
-local-ip-address = "0.4"
+local-ip-address = "0.5.1"
 dns-lookup = "1.0.8"
 ping = "0.4.0"
 

README-DE.md

@@ -0,0 +1,345 @@
+<p align="center">
+  <a href="#manuelles-erstellen">Erstellen</a> •
+  <a href="#docker-image">Docker</a> •
+  <a href="#s6-overlay-basierte-images">S6-Overlay</a> •
+  <a href="#ein-schlüsselpaar-erstellen">Schlüsselpaar</a> •
+  <a href="#debian-pakete">Debian-Pakete</a> •
+  <a href="#umgebungsvariablen">Umgebungsvariablen</a><br>
+  [<a href="README.md">English</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
+</p>
+
+# RustDesk Server-Programm
+
+[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
+
+[**Herunterladen**](https://github.com/rustdesk/rustdesk-server/releases)
+
+[**Handbuch**](https://rustdesk.com/docs/de/self-host/)
+
+[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
+
+Hosten Sie Ihren eigenen RustDesk-Server selbst, er ist kostenlos und quelloffen.
+
+## Manuelles Erstellen
+
+```bash
+cargo build --release
+```
+
+In target/release werden drei ausführbare Dateien erzeugt.
+
+- hbbs - RustDesk ID/Rendezvous-Server
+- hbbr - RustDesk Relay-Server
+- rustdesk-utils - RustDesk CLI-Utilities
+
+[Hier](https://github.com/rustdesk/rustdesk-server/releases) finden Sie aktualisierte Binärdateien.
+
+Wenn Sie Ihren eigenen Server entwickeln wollen, könnte [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) ein besserer und einfacherer Start für Sie sein als dieses Repository.
+
+## Docker-Image
+
+Docker-Images werden automatisch generiert und bei jedem Github-Release veröffentlicht. Wir haben 2 Arten von Images.
+
+### Klassisches Image
+
+Diese Images sind mit `Ubuntu 20.04` gebaut, mit dem Zusatz der wichtigen Binärdateien (`hbbr` und `hbbs`). Sie sind auf [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) mit diesen Tags verfügbar:
+
+| Architektur | Image:Tag |
+| --- | --- |
+| amd64 | `rustdesk/rustdesk-server:latest` |
+| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
+
+Sie können diese Images direkt mit `docker run` mit diesen Befehlen starten:
+
+```bash
+docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+Oder ohne `--net=host`, aber die P2P-Direktverbindung kann dann nicht funktionieren.
+
+Bei Systemen, die SELinux verwenden, muss `/root` durch `/root:z` ersetzt werden, damit die Container korrekt laufen. Alternativ kann die SELinux-Containertrennung durch Hinzufügen der Option `--security-opt label=disable` vollständig deaktiviert werden.
+
+```bash
+docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+Der Parameter `relay-server-ip` ist die IP-Adresse (oder der DNS-Name) des Servers, auf dem diese Container laufen. Der **optionale** Parameter `port` muss verwendet werden, wenn Sie einen anderen Port als **21117** für `hbbr` verwenden.
+
+Sie können auch Docker Compose verwenden, wobei diese Konfiguration als Vorlage dient:
+
+```yaml
+version: '3'
+
+networks:
+  rustdesk-net:
+    external: false
+
+services:
+  hbbs:
+    container_name: hbbs
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21118:21118
+    image: rustdesk/rustdesk-server:latest
+    command: hbbs -r rustdesk.example.com:21117
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    depends_on:
+      - hbbr
+    restart: unless-stopped
+
+  hbbr:
+    container_name: hbbr
+    ports:
+      - 21117:21117
+      - 21119:21119
+    image: rustdesk/rustdesk-server:latest
+    command: hbbr
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    restart: unless-stopped
+```
+
+Bearbeiten Sie Zeile 16 so, dass sie auf Ihren Relay-Server verweist (den, der am Port 21117 lauscht). Sie können auch die Zeilen für die Volumes (Zeile 18 und 33) bearbeiten, wenn Sie dies wünschen.
+
+(Die Anerkennung für Docker Compose geht an @lukebarone und @QuiGonLeong.)
+
+## S6-Overlay-basierte Images
+
+Diese Images sind mit `busybox:stable` gebaut, mit dem Zusatz Binärdateien (sowohl hbbr als auch hbbs) und [S6-overlay](https://github.com/just-containers/s6-overlay). Sie sind auf [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) mit diesen Tags verfügbar:
+
+| Architektur | Version | Image:Tag |
+| --- | --- | --- |
+| multiarch | neueste | `rustdesk/rustdesk-server-s6:latest` |
+| amd64 | neueste | `rustdesk/rustdesk-server-s6:latest-amd64` |
+| i386 | neueste | `rustdesk/rustdesk-server-s6:latest-i386` |
+| arm64v8 | neueste | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
+| armv7 | neueste | `rustdesk/rustdesk-server-s6:latest-armv7` |
+| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
+| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
+| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
+| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
+| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
+| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
+| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
+| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
+| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
+| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
+
+Es wird dringend empfohlen, das Image `multiarch` entweder mit dem Tag `major version` oder `latest` zu verwenden.
+
+Das S6-Overlay fungiert als Supervisor und hält beide Prozesse am Laufen, sodass bei diesem Image keine zwei separaten Container benötigt werden.
+
+Sie können diese Images direkt mit `docker run` mit diesem Befehl starten:
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+oder ohne `--net=host`, aber die P2P-Direktverbindung kann dann nicht funktionieren.
+
+```bash
+docker run --name rustdesk-server \
+  -p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
+  -p 21117:21117 -p 21118:21118 -p 21119:21119 \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+Oder Sie können eine Docker Compose-Datei verwenden:
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+    volumes:
+      - ./data:/data
+    restart: unless-stopped
+```
+
+Für dieses Container-Image können Sie diese Umgebungsvariablen verwenden, **zusätzlich** zu den im Abschnitt **Umgebungsvariablen** angegebenen Variablen:
+
+| Variable | optional | Beschreibung |
+| --- | --- | --- |
+| RELAY | nein | IP-Adresse/DNS-Name des Rechners, auf dem dieser Container läuft |
+| ENCRYPTED_ONLY | ja | Wenn auf **1** gesetzt, wird eine unverschlüsselte Verbindung nicht akzeptiert |
+| KEY_PUB | ja | Öffentlicher Teil des Schlüsselpaares |
+| KEY_PRIV | ja | Privater Teil des Schlüsselpaares |
+
+### Verwaltung von Geheimnissen in S6-Overlay-basierten Images
+
+Sie können das Schlüsselpaar natürlich in einem Docker-Volume aufbewahren, aber empfehlenswert ist, die Schlüssel nicht in das Dateisystem zu schreiben.
+
+Beim Start des Containers wird das Vorhandensein des Schlüsselpaares geprüft (`/data/id_ed25519.pub` und `/data/id_ed25519`). Wenn einer dieser Schlüssel nicht existiert, wird er aus den Umgebungsvariablen oder den Docker-Geheimnissen neu erstellt.
+Dann wird die Gültigkeit des Schlüsselpaares überprüft: Wenn öffentlicher und privater Schlüssel nicht übereinstimmen, wird der Container angehalten.
+Wenn Sie keine Schlüssel angeben, erzeugt `hbbs` einen für Sie und legt ihn am Standardspeicherort ab.
+
+#### Umgebungsvariablen zum Speichern des Schlüsselpaars verwenden
+
+Sie können Docker-Umgebungsvariablen verwenden, um die Schlüssel zu speichern. Folgen Sie einfach diesen Beispielen:
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  -e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
+  -e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
+  -v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+      - "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
+      - "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+```
+
+#### Docker-Geheimnisse zum Speichern des Schlüsselpaars verwenden
+
+Sie können alternativ auch Docker-Geheimnisse verwenden, um die Schlüssel zu speichern.
+Dies ist nützlich, wenn Sie **Docker Compose** oder **Docker Swarm** verwenden.
+Folgen Sie einfach diesem Beispiel:
+
+```bash
+cat secrets/id_ed25519.pub | docker secret create key_pub -
+cat secrets/id_ed25519 | docker secret create key_priv -
+docker service create --name rustdesk-server \
+  --secret key_priv --secret key_pub \
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  --mount "type=bind,source=$PWD/db,destination=/db" \
+  rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+    secrets:
+      - key_pub
+      - key_priv
+
+secrets:
+  key_pub:
+    file: secrets/id_ed25519.pub
+  key_priv:
+    file: secrets/id_ed25519      
+```
+
+## Ein Schlüsselpaar erstellen
+
+Für die Verschlüsselung wird ein Schlüsselpaar benötigt, das Sie bereitstellen können, aber Sie benötigen eine Möglichkeit, es zu erstellen.
+
+Mit diesem Befehl können Sie ein Schlüsselpaar erzeugen:
+
+```bash
+/usr/bin/rustdesk-utils genkeypair
+```
+
+Wenn Sie das Paket `rustdesk-utils` nicht auf Ihrem System installiert haben (oder dies nicht wollen), können Sie den gleichen Befehl mit Docker aufrufen:
+
+```bash
+docker run --rm --entrypoint /usr/bin/rustdesk-utils  rustdesk/rustdesk-server-s6:latest genkeypair
+```
+
+Die Ausgabe sieht dann etwa so aus:
+
+```text
+Public Key:  8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
+Secret Key:  egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
+```
+
+## Debian-Pakete
+
+Für jede Binärdatei stehen separate Debian-Pakete zur Verfügung, die Sie in [Releases](https://github.com/rustdesk/rustdesk-server/releases) finden können.
+Diese Pakete sind für die folgenden Distributionen gedacht:
+
+- Ubuntu 22.04 LTS
+- Ubuntu 20.04 LTS
+- Ubuntu 18.04 LTS
+- Debian 11 Bullseye
+- Debian 10 Buster
+
+## Umgebungsvariablen
+
+hbbs und hbbr können mit diesen Umgebungsvariablen konfiguriert werden.
+Sie können die Variablen wie üblich angeben oder eine `.env`-Datei verwenden.
+
+| Variable | Binärdatei | Beschreibung |
+| --- | --- | --- |
+| ALWAYS_USE_RELAY | hbbs | Wenn auf **Y** gesetzt, wird eine direkte Verbindung nicht zugelassen. |
+| DB_URL | hbbs | Pfad für die Datenbankdatei |
+| DOWNGRADE_START_CHECK | hbbr | Verzögerung (in Sekunden) vor der Downgrade-Prüfung |
+| DOWNGRADE_THRESHOLD | hbbr | Schwellenwert der Downgrade-Prüfung (Bit/ms)) |
+| KEY | hbbs/hbbr | Wenn gesetzt, wird die Verwendung eines bestimmten Schlüssels erzwungen. Wenn auf **_** gesetzt, wird die Verwendung eines beliebigen Schlüssels erzwungen. |
+| LIMIT_SPEED | hbbr | Höchstgeschwindigkeit (in Mb/s) |
+| PORT | hbbs/hbbr | Lauschender Port (21116 für hbbs - 21117 für hbbr) |
+| RELAY_SERVERS | hbbs | IP-Adresse/DNS-Name der Rechner, auf denen hbbr läuft (durch Komma getrennt) |
+| RUST_LOG | all | Debug-Level einstellen (error\|warn\|info\|debug\|trace) |
+| SINGLE_BANDWIDTH | hbbr | Maximale Bandbreite für eine einzelne Verbindung (in Mb/s) |
+| TOTAL_BANDWIDTH | hbbr | Maximale Gesamtbandbreite (in Mb/s) |

README-NL.md

@@ -0,0 +1,345 @@
+<p align="center">
+  <a href="#hoe-handmatig-opbouwen">Opbouwen</a> •
+  <a href="#docker-bestanden-images">Docker</a> •
+  <a href="#s6-overlay-gebaseerde-bestanden">S6-Overlay</a> •
+  <a href="#hoe-maak-je-een-key-paar">Key paar</a> •
+  <a href="#deb-pakketten">Debian pakketten</a> •
+  <a href="#env-variabelen">ENV variabelen</a><br>
+  [<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
+</p>
+
+# RustDesk Server Programa
+
+[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
+
+[**Download**](https://github.com/rustdesk/rustdesk-server/releases)
+
+[**Handleiding**](https://rustdesk.com/docs/nl/self-host/)
+
+[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
+
+Zelf uw eigen RustDesk server hosten, het is gratis en open source.
+
+## Hoe handmatig opbouwen
+
+```bash
+cargo build --release
+```
+
+In target/release worden drie uitvoerbare bestanden gegenereerd.
+
+- hbbs - RustDesk ID/Rendezvous server
+- hbbr - RustDesk relay server
+- rustdesk-utils - RustDesk CLI hulpprogramma's
+
+U kunt bijgewerkte binaries vinden op [releases](https://github.com/rustdesk/rustdesk-server/releases) pagina.
+
+Als u uw eigen server wilt ontwikkelen, is [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) misschien een betere en eenvoudigere start voor u dan deze repo.
+
+## Docker bestanden (images)
+
+Docker bestanden (images) worden automatisch gegenereerd en gepubliceerd bij elke github release. We hebben 2 soorten bestanden (images).
+
+### Klassiek bestand (image)
+
+Deze bestanden (images) zijn gebouwd voor `ubuntu-20.04` met als enige toevoeging de belangrijkste binaries (`hbbr` en `hbbs`). Ze zijn beschikbaar op [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) met deze tags:
+
+| architectuur | image:tag |
+| --- | --- |
+| amd64 | `rustdesk/rustdesk-server:latest` |
+| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
+
+U kunt deze bestanden (images) direct starten via `docker run` met deze commando's:
+
+```bash
+docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+of zonder `--net=host`, maar een directe P2P verbinding zal niet werken.
+
+Voor systemen die SELinux gebruiken is het vervangen van `/root` door `/root:z` nodig om de containers correct te laten draaien. Als alternatief kan SELinux containerscheiding volledig worden uitgeschakeld door de optie `--security-opt label=disable` toe te voegen.
+
+```bash
+docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+De `relay-server-ip` parameter is het IP adres (of dns naam) van de server waarop deze containers draaien. De **optionele** `port` parameter moet gebruikt worden als je een andere poort dan **21117** gebruikt voor `hbbr`.
+
+U kunt ook docker-compose gebruiken, met deze configuratie als sjabloon:
+
+```yaml
+version: '3'
+
+networks:
+  rustdesk-net:
+    external: false
+
+services:
+  hbbs:
+    container_name: hbbs
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21118:21118
+    image: rustdesk/rustdesk-server:latest
+    command: hbbs -r rustdesk.example.com:21117
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    depends_on:
+      - hbbr
+    restart: unless-stopped
+
+  hbbr:
+    container_name: hbbr
+    ports:
+      - 21117:21117
+      - 21119:21119
+    image: rustdesk/rustdesk-server:latest
+    command: hbbr
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    restart: unless-stopped
+```
+
+Bewerk regel 16 om te verwijzen naar uw relais-server (degene die luistert op poort 21117). U kunt ook de inhoudsregels (L18 en L33) bewerken indien nodig.
+
+(docker-compose erkenning gaat naar @lukebarone en @QuiGonLeong)
+
+## S6-overlay gebaseerde bestanden
+
+Deze bestanden (images) zijn gebouwd tegen `busybox:stable` met toevoeging van de binaries (zowel hbbr als hbbs) en [S6-overlay](https://github.com/just-containers/s6-overlay). Ze zijn beschikbaar op [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) met deze tags:
+
+| architectuur | versie | image:tag |
+| --- | --- | --- |
+| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
+| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
+| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
+| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
+| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
+| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
+| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
+| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
+| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
+| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
+| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
+| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
+| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
+| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
+| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
+
+Je wordt sterk aangeraden om het `multiarch` bestand (image) te gebruiken met de `major version` of `latest` tag.
+
+De S6-overlay fungeert als supervisor en houdt beide processen draaiende, dus met dit bestand (image) is het niet nodig om twee aparte draaiende containers te hebben.
+
+U kunt deze bestanden (images) direct starten via `docker run` met dit commando:
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+of zonder `--net=host`, maar een directe P2P verbinding zal niet werken.
+
+```bash
+docker run --name rustdesk-server \
+  -p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
+  -p 21117:21117 -p 21118:21118 -p 21119:21119 \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+Of u kunt een docker-compose bestand gebruiken:
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+    volumes:
+      - ./data:/data
+    restart: unless-stopped
+```
+
+Voor dit container bestand (image) kunt u deze omgevingsvariabelen gebruiken, **naast** de variabelen in de volgende **ENV-variabelen** sectie:
+
+| variabele | optioneel | beschrijving |
+| --- | --- | --- |
+| RELAY | no | het IP-adres/DNS-naam van de machine waarop deze container draait |
+| ENCRYPTED_ONLY | yes | indien ingesteld op **"1"** wordt een niet-versleutelde verbinding niet geaccepteerd |
+| KEY_PUB | yes | het openbare deel van het key paar |
+| KEY_PRIV | yes | het private deel van het key paar |
+
+### Geheim beheer in S6-overlay gebaseerde bestanden (images)
+
+U kunt uiteraard het key paar bewaren in een docker volume, maar de optimale werkwijzen vertellen u om de keys niet op het bestandssysteem te schrijven; dus bieden we een paar opties.
+
+Bij het opstarten van de container wordt de aanwezigheid van het key paar gecontroleerd (`/data/id_ed25519.pub` en `/data/id_ed25519`) en als een van deze keys niet bestaat, wordt deze opnieuw aangemaakt vanuit ENV variabelen of docker secrets.
+Vervolgens wordt de geldigheid van het key paar gecontroleerd: indien publieke en private keys niet overeenkomen, stopt de container.
+Als je geen keys opgeeft, zal `hbbs` er een voor je genereren en op de standaard locatie plaatsen.
+
+#### Gebruik ENV om het key paar op te slaan
+
+U kunt docker omgevingsvariabelen gebruiken om de keys op te slaan. Volg gewoon deze voorbeelden:
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  -e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
+  -e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
+  -v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+      - "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
+      - "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+```
+
+#### Gebruik Docker secrets om het key paar op te slaan
+
+U kunt ook docker secrets gebruiken om de keys op te slaan.
+Dit is handig als je **docker-compose** of **docker swarm** gebruikt.
+Volg deze voorbeelden:
+
+```bash
+cat secrets/id_ed25519.pub | docker secret create key_pub -
+cat secrets/id_ed25519 | docker secret create key_priv -
+docker service create --name rustdesk-server \
+  --secret key_priv --secret key_pub \
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  --mount "type=bind,source=$PWD/db,destination=/db" \
+  rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+    secrets:
+      - key_pub
+      - key_priv
+
+secrets:
+  key_pub:
+    file: secrets/id_ed25519.pub
+  key_priv:
+    file: secrets/id_ed25519      
+```
+
+## Hoe maak je een key paar
+
+Een key paar is nodig voor encryptie; u kunt het verstrekken, zoals eerder uitgelegd, maar u heeft een manier nodig om er een te maken.
+
+U kunt dit commando gebruiken om een key paar te genereren:
+
+```bash
+/usr/bin/rustdesk-utils genkeypair
+```
+
+Als u het pakket `rustdesk-utils` niet op uw systeem hebt staan (of wilt), kunt u hetzelfde commando met docker uitvoeren:
+
+```bash
+docker run --rm --entrypoint /usr/bin/rustdesk-utils  rustdesk/rustdesk-server-s6:latest genkeypair
+```
+
+De uitvoer ziet er ongeveer zo uit:
+
+```text
+Public Key:  8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
+Secret Key:  egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
+```
+
+## .deb pakketten
+
+Voor elke binary zijn aparte .deb-pakketten beschikbaar, u kunt ze vinden in de [releases](https://github.com/rustdesk/rustdesk-server/releases).
+Deze pakketten zijn bedoeld voor de volgende distributies:
+
+- Ubuntu 22.04 LTS
+- Ubuntu 20.04 LTS
+- Ubuntu 18.04 LTS
+- Debian 11 bullseye
+- Debian 10 buster
+
+## ENV variabelen
+
+hbbs en hbbr kunnen worden geconfigureerd met deze ENV-variabelen.
+U kunt de variabelen zoals gebruikelijk opgeven of een `.env` bestand gebruiken.
+
+| variabele | binary | beschrijving |
+| --- | --- | --- |
+| ALWAYS_USE_RELAY | hbbs | indien ingesteld op **"Y"** wordt directe peer-verbinding niet toegestaan |
+| DB_URL | hbbs | path voor database bestand |
+| DOWNGRADE_START_CHECK | hbbr | vertraging (in seconden) voor downgrade-controle |
+| DOWNGRADE_THRESHOLD | hbbr | drempel van downgrade controle (bit/ms) |
+| KEY | hbbs/hbbr | indien ingesteld forceert dit het gebruik van een specifieke toets, indien ingesteld op **"_"** forceert dit het gebruik van een willekeurige toets |
+| LIMIT_SPEED | hbbr | snelheidslimiet (in Mb/s) |
+| PORT | hbbs/hbbr | luister-poort (21116 voor hbbs - 21117 voor hbbr) |
+| RELAY_SERVERS | hbbs | IP-adres/DNS-naam van de machines waarop hbbr draait (gescheiden door komma) |
+| RUST_LOG | all | debug-niveau instellen (error\|warn\|info\|debug\|trace) |
+| SINGLE_BANDWIDTH | hbbr | maximale bandbreedte voor een enkele verbinding (in Mb/s) |
+| TOTAL_BANDWIDTH | hbbr | maximale totale bandbreedte (in Mb/s) |

README-TW.md

@@ -0,0 +1,347 @@
+<p align="center">
+  <a href="#如何自行建置">自行建置</a> •
+  <a href="#Docker-映像檔">Docker</a> •
+  <a href="#基於-S6-overlay-的映象檔">S6-overlay</a> •
+  <a href="#如何建立金鑰對">金鑰對</a> •
+  <a href="#deb-套件">Debian</a> •
+  <a href="#ENV-環境參數">環境參數</a><br>
+  [<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
+</p>
+
+# RustDesk Server Program
+
+[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
+
+[**下載**](https://github.com/rustdesk/rustdesk-server/releases)
+
+[**說明文件**](https://rustdesk.com/docs/zh-tw/self-host/)
+
+[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
+
+自行建置屬於您自己的 RustDesk 伺服器，它是免費的且開源。
+
+## 如何自行建置
+
+```bash
+cargo build --release
+```
+
+在 target/release 中會產生三個可執行檔。
+
+- hbbs - RustDesk ID/會合伺服器
+- hbbr - RustDesk 中繼伺服器
+- rustdesk-utils - RustDesk 命令行工具
+
+您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 頁面上找到更新的執行檔。
+
+如果您需要額外功能，[RustDesk 專業版伺服器](https://rustdesk.com/pricing.html) 或許更適合您。
+
+如果您想開發自己的伺服器，[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 可能是一個比這個倉庫更好、更簡單的開始。
+
+## Docker 映像檔
+
+Docker 映像檔會在每次 GitHub 發布時自動生成並發布。我們有兩種映像檔。
+
+### Classic 映像檔
+
+這些映像檔是基於 `ubuntu-20.04` 建置的，僅添加了兩個主要的執行檔（`hbbr` 和 `hbbs`）。它們可在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上取得，帶有以下tags：
+
+| 架構    | image:tag                                 |
+| ------- | ----------------------------------------- |
+| amd64   | `rustdesk/rustdesk-server:latest`         |
+| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
+
+您可以使用以下指令，直接透過 ``docker run`` 來啟動這些映像檔：
+
+```bash
+docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+或刪去 `--net=host`， 但 P2P 直接連線會無法運作。
+
+對於使用 SELinux 的系統，需要將 ``/root`` 替換為 ``/root:z``，以便容器正確運行。或者，也可以通過添加選項 ``--security-opt label=disable`` 完全禁用 SELinux 容器隔離。
+
+```bash
+docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+`relay-server-ip` 參數是執行這些容器的伺服器的 IP 地址（或 DNS 名稱）。如果您為 `hbbr` 使用的端口不是 **21117**，則必須使用 **可選** 的 `port` 參數。
+
+您也可以使用 docker-compose 使用這個設定做為範例：
+
+```yaml
+version: '3'
+
+networks:
+  rustdesk-net:
+    external: false
+
+services:
+  hbbs:
+    container_name: hbbs
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21118:21118
+    image: rustdesk/rustdesk-server:latest
+    command: hbbs -r rustdesk.example.com:21117
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    depends_on:
+      - hbbr
+    restart: unless-stopped
+
+  hbbr:
+    container_name: hbbr
+    ports:
+      - 21117:21117
+      - 21119:21119
+    image: rustdesk/rustdesk-server:latest
+    command: hbbr
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    restart: unless-stopped
+```
+
+請編輯第 16 行，將其指向您的中繼伺服器 （監聽端口 21117 那一個）。 如果需要的話，您也可以編輯 volume  (第 18 和 33 行)。
+
+（感謝 @lukebarone 和 @QuiGonLeong 協助提供 docker-compose 的設定範例）
+
+## 基於 S6-overlay 的映象檔
+
+這些映象檔是針對 `busybox:stable` 建置的，並添加了執行檔（hbbr 和 hbbs）以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它們在以及這些 tags 在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 可用：
+
+| 架構      | version | image:tag                                    |
+| --------- | ------- | -------------------------------------------- |
+| multiarch | latest  | `rustdesk/rustdesk-server-s6:latest`         |
+| amd64     | latest  | `rustdesk/rustdesk-server-s6:latest-amd64`   |
+| i386      | latest  | `rustdesk/rustdesk-server-s6:latest-i386`    |
+| arm64v8   | latest  | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
+| armv7     | latest  | `rustdesk/rustdesk-server-s6:latest-armv7`   |
+| multiarch | 2       | `rustdesk/rustdesk-server-s6:2`              |
+| amd64     | 2       | `rustdesk/rustdesk-server-s6:2-amd64`        |
+| i386      | 2       | `rustdesk/rustdesk-server-s6:2-i386`         |
+| arm64v8   | 2       | `rustdesk/rustdesk-server-s6:2-arm64v8`      |
+| armv7     | 2       | `rustdesk/rustdesk-server-s6:2-armv7`        |
+| multiarch | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0`          |
+| amd64     | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-amd64`    |
+| i386      | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-i386`     |
+| arm64v8   | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8`  |
+| armv7     | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-armv7`    |
+
+強烈建議您使用 `multiarch` 映象檔 可以選擇使用 `major version` 或 `latest` tags。
+
+S6-overlay 在此充當監督程序，保持兩個進程運行，因此使用此映象檔，您無需運行兩個獨立的容器。
+
+您可以直接使用以下命令使用 `docker run` 來啟動這個映象檔：
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+或刪去 `--net=host`， 但 P2P 直接連線會無法運作。
+
+```bash
+docker run --name rustdesk-server \
+  -p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
+  -p 21117:21117 -p 21118:21118 -p 21119:21119 \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+或是您可以使用 docker-compose 文件:
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+    volumes:
+      - ./data:/data
+    restart: unless-stopped
+```
+
+對於此容器映象檔，您可以使用這些環境變數，**除了**以下**環境變數**部分指定的那些。
+
+| 環境變數       | 是否可選 | 敘述                                       |
+| -------------- | -------- | ------------------------------------------ |
+| RELAY          | 否       | 運行此容器的機器的 IP 地址/ DNS 名稱       |
+| ENCRYPTED_ONLY | 是       | 如果設置為 **"1"**，將不接受未加密的連接。 |
+| KEY_PUB        | 是       | 金鑰對中的公鑰（Public Key）               |
+| KEY_PRIV       | 是       | 金鑰對中的私鑰（Private Key）               |
+
+###  在基於 S6-overlay 的 Secret 管理
+
+您可以將金鑰對保存在 Docker volume 中，但最佳實踐建議不要將金鑰寫入文件系統；因此，我們提供了一些選項。
+
+在容器啟動時，會檢查金鑰對的是否存在（`/data/id_ed25519.pub` 和 `/data/id_ed25519`），如果其中一個金鑰不存在，則會從環境變數或 Docker Secret 重新生成它。
+然後檢查金鑰對的有效性：如果公鑰和私鑰不匹配，容器將停止運行。
+如果您未提供金鑰，`hbbs` 將為您產生一個，並將其放置在默認位置。
+
+#### 使用 ENV 存儲金鑰對
+
+您可以使用 Docker 環境變數來儲存金鑰。只需按照以下範例操作：
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  -e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
+  -e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
+  -v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+      - "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
+      - "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+```
+
+#### 使用 Docker Secret 來儲存金鑰對
+
+您還可以使用 Docker Secret來儲存金鑰。
+如果您使用 **docker-compose** 或 **docker swarm**，這很有用。
+只需按照以下示例操作：
+
+```bash
+cat secrets/id_ed25519.pub | docker secret create key_pub -
+cat secrets/id_ed25519 | docker secret create key_priv -
+docker service create --name rustdesk-server \
+  --secret key_priv --secret key_pub \
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  --mount "type=bind,source=$PWD/db,destination=/db" \
+  rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+    secrets:
+      - key_pub
+      - key_priv
+
+secrets:
+  key_pub:
+    file: secrets/id_ed25519.pub
+  key_priv:
+    file: secrets/id_ed25519      
+```
+
+## 如何建立金鑰對
+
+加密需要一對金鑰；您可以按照前面所述提供它，但需要一種生成金鑰對的方法。
+
+您可以使用以下命令生成一對金鑰：
+
+```bash
+/usr/bin/rustdesk-utils genkeypair
+```
+
+如果您沒有（或不想）在系統上安裝 `rustdesk-utils` 套件，您可以使用 Docker執行相同的命令：
+
+```bash
+docker run --rm --entrypoint /usr/bin/rustdesk-utils  rustdesk/rustdesk-server-s6:latest genkeypair
+```
+
+輸出將類似於以下內容：
+
+```text
+Public Key:  8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
+Secret Key:  egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
+```
+
+## .deb 套件
+
+每個執行檔都有單獨的 .deb 套件可供使用，您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 中找到它們。
+這些套件適用於以下發行版：
+
+- Ubuntu 22.04 LTS
+- Ubuntu 20.04 LTS
+- Ubuntu 18.04 LTS
+- Debian 11 bullseye
+- Debian 10 buster
+
+## ENV 環境參數
+
+可以使用這些 ENV 參數來配置 hbbs 和 hbbr。
+您可以像往常一樣指定參數，或者使用 .env 文件。
+
+| 參數                  | 執行檔    | 敘述                                                                 |
+| --------------------- | --------- | -------------------------------------------------------------------- |
+| ALWAYS_USE_RELAY      | hbbs      | 如果設為 **"Y"**，禁止直接點對點連接                                 |
+| DB_URL                | hbbs      | 資料庫的路徑                                                         |
+| DOWNGRADE_START_CHECK | hbbr      | 降級檢查之前的延遲時間（以秒為單位）                                 |
+| DOWNGRADE_THRESHOLD   | hbbr      | 降級檢查的閾值（bit/ms）                                             |
+| KEY                   | hbbs/hbbr | 如果設置了，將強制使用特定金鑰，如果設為 **"_"**，則強制使用任何金鑰 |
+| LIMIT_SPEED           | hbbr      | 速度限制（以Mb/s為單位）                                             |
+| PORT                  | hbbs/hbbr | 監聽端口（hbbs為21116，hbbr為21117）                                 |
+| RELAY_SERVERS         | hbbs      | 運行hbbr的機器的IP地址/DNS名稱（用逗號分隔）                         |
+| RUST_LOG              | all       | 設定 debug level (error\|warn\|info\|debug\|trace)                   |
+| SINGLE_BANDWIDTH      | hbbr      | 單個連接的最大頻寬（以Mb/s為單位）                                   |
+| TOTAL_BANDWIDTH       | hbbr      | 最大總頻寬（以Mb/s為單位）                                           |

README-ZH.md

@@ -0,0 +1,348 @@
+<p align="center">
+  <a href="#如何自行构建">自行构建</a> •
+  <a href="#Docker-镜像">Docker</a> •
+  <a href="#基于-S6-overlay-的镜像">S6-overlay</a> •
+  <a href="#如何创建密钥">密钥</a> •
+  <a href="#deb-套件">Debian</a> •
+  <a href="#ENV-环境参数">环境参数</a><br>
+  [<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁体中文</a>]<br>
+</p>
+
+# RustDesk Server Program
+
+[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
+
+[**下载**](https://github.com/rustdesk/rustdesk-server/releases)
+
+[**说明文件**](https://rustdesk.com/docs/zh-cn/self-host/)
+
+[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
+
+自行搭建属于你的RustDesk服务器,所有的一切都是免费且开源的
+
+## 如何自行构建
+
+```bash
+cargo build --release
+```
+
+执行后会在target/release目录下生成三个对应平台的可执行程序
+
+- hbbs - RustDesk ID/会和服务器
+- hbbr - RustDesk 中继服务器
+- rustdesk-utils - RustDesk 命令行工具
+
+您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到最新的服务端软件。
+
+如果您需要额外的功能支持，[RustDesk 专业版服务器](https://rustdesk.com/pricing.html) 获取更适合您。
+
+如果您想开发自己的服务器，[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 应该会比直接使用这个仓库更简单快捷。
+
+## Docker 镜像
+
+Docker镜像会在每次 GitHub 发布新的release版本时自动构建。我们提供两种类型的镜像。
+
+### Classic 传统镜像
+
+这个类型的镜像是基于 `ubuntu-20.04` 进行构建，镜像仅包含两个主要的可执行程序（`hbbr` 和 `hbbs`）。它们可以通过以下tag在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上获得：
+
+| 架构      | image:tag                                 |
+|---------| ----------------------------------------- |
+| amd64   | `rustdesk/rustdesk-server:latest`         |
+| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
+
+您可以使用以下命令，直接通过 ``docker run`` 來启动这些镜像：
+
+```bash
+docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+或不使用 `--net=host` 参数启动， 但这样 P2P 直连功能将无法工作。
+
+对于使用了 SELinux 的系统，您需要将 ``/root`` 替换为 ``/root:z``，以保证容器的正常运行。或者，也可以通过添加参数 ``--security-opt label=disable`` 来完全禁用 SELinux 容器隔离。
+
+```bash
+docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]> 
+docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
+```
+
+`relay-server-ip` 参数是运行这些容器的服务器的 IP 地址（或 DNS 名称）。如果你不想使用 **21117** 作为 `hbbr` 的服务端口,可使用可选参数 `port` 进行指定。
+
+您也可以使用 docker-compose 进行构建,以下为配置示例：
+
+```yaml
+version: '3'
+
+networks:
+  rustdesk-net:
+    external: false
+
+services:
+  hbbs:
+    container_name: hbbs
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21118:21118
+    image: rustdesk/rustdesk-server:latest
+    command: hbbs -r rustdesk.example.com:21117
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    depends_on:
+      - hbbr
+    restart: unless-stopped
+
+  hbbr:
+    container_name: hbbr
+    ports:
+      - 21117:21117
+      - 21119:21119
+    image: rustdesk/rustdesk-server:latest
+    command: hbbr
+    volumes:
+      - ./data:/root
+    networks:
+      - rustdesk-net
+    restart: unless-stopped
+```
+
+编辑第16行来指定你的中继服务器 （默认端口监听在 21117 的那一个）。 如果需要的话，您也可以编辑 volume 信息  (第 18 和 33 行)。
+
+（感谢 @lukebarone 和 @QuiGonLeong 协助提供的 docker-compose 配置示例）
+
+## 基于 S6-overlay 的镜像
+
+> 这些镜像是针对 `busybox:stable` 构建的，并添加了可执行程序（hbbr 和 hbbs）以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它们可以使用以下tag在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 上获取：
+
+
+| 架構      | version | image:tag                                    |
+| --------- | ------- | -------------------------------------------- |
+| multiarch | latest  | `rustdesk/rustdesk-server-s6:latest`         |
+| amd64     | latest  | `rustdesk/rustdesk-server-s6:latest-amd64`   |
+| i386      | latest  | `rustdesk/rustdesk-server-s6:latest-i386`    |
+| arm64v8   | latest  | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
+| armv7     | latest  | `rustdesk/rustdesk-server-s6:latest-armv7`   |
+| multiarch | 2       | `rustdesk/rustdesk-server-s6:2`              |
+| amd64     | 2       | `rustdesk/rustdesk-server-s6:2-amd64`        |
+| i386      | 2       | `rustdesk/rustdesk-server-s6:2-i386`         |
+| arm64v8   | 2       | `rustdesk/rustdesk-server-s6:2-arm64v8`      |
+| armv7     | 2       | `rustdesk/rustdesk-server-s6:2-armv7`        |
+| multiarch | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0`          |
+| amd64     | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-amd64`    |
+| i386      | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-i386`     |
+| arm64v8   | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8`  |
+| armv7     | 2.0.0   | `rustdesk/rustdesk-server-s6:2.0.0-armv7`    |
+
+强烈建议您使用`major version` 或 `latest` tag 的 `multiarch` 架构的镜像。
+
+S6-overlay 在此处作为监控程序，用以保证两个进程的运行，因此使用此镜像，您无需运行两个容器。
+
+您可以使用 `docker run` 命令直接启动镜像，如下：
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+或刪去 `--net=host` 参数， 但 P2P 直连功能将无法工作。
+
+```bash
+docker run --name rustdesk-server \
+  -p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
+  -p 21117:21117 -p 21118:21118 -p 21119:21119 \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
+```
+
+或着您也可以使用 docker-compose 文件:
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+    volumes:
+      - ./data:/data
+    restart: unless-stopped
+```
+
+对于此容器镜像，除了在下面的环境变量部分指定的变量之外，您还可以使用以下`环境变量`
+
+| 环境变量           | 是否可选 | 描述                       |
+|----------------|------|--------------------------|
+| RELAY          | 否    | 运行此容器的宿主机的 IP 地址/ DNS 名称 |
+| ENCRYPTED_ONLY | 是    | 如果设置为 **"1"**，将不接受未加密的连接。 |
+| KEY_PUB        | 是    | 密钥对中的公钥（Public Key）      |
+| KEY_PRIV       | 是    | 密钥对中的私钥（Private Key）     |
+
+###  基于 S6-overlay 镜像的密钥管理
+
+您可以将密钥对保存在 Docker volume 中，但我们建议不要将密钥写入文件系統中；因此，我们提供了一些方案。
+
+在容器启动时，会检查密钥对是否存在（`/data/id_ed25519.pub` 和 `/data/id_ed25519`），如果其中一個密钥不存在，则会从环境变量或 Docker Secret 中重新生成它。
+然后检查密钥对的可用性：如果公钥和私钥不匹配，容器将停止运行。
+如果您未提供密钥，`hbbs` 将会在默认位置生成一个。
+
+#### 使用 ENV 存储密钥对
+
+您可以使用 Docker 环境变量來存储密钥。如下：
+
+```bash
+docker run --name rustdesk-server \ 
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  -e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
+  -e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
+  -v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+      - "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
+      - "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+```
+
+#### 使用 Docker Secret 來保存密钥对
+
+您还可以使用 Docker Secret 來保存密钥。
+如果您使用 **docker-compose** 或 **docker swarm**，推荐您使用。
+只需按照以下示例操作：
+
+```bash
+cat secrets/id_ed25519.pub | docker secret create key_pub -
+cat secrets/id_ed25519 | docker secret create key_priv -
+docker service create --name rustdesk-server \
+  --secret key_priv --secret key_pub \
+  --net=host \
+  -e "RELAY=rustdeskrelay.example.com" \
+  -e "ENCRYPTED_ONLY=1" \
+  -e "DB_URL=/db/db_v2.sqlite3" \
+  --mount "type=bind,source=$PWD/db,destination=/db" \
+  rustdesk/rustdesk-server-s6:latest
+```
+
+```yaml
+version: '3'
+
+services:
+  rustdesk-server:
+    container_name: rustdesk-server
+    ports:
+      - 21115:21115
+      - 21116:21116
+      - 21116:21116/udp
+      - 21117:21117
+      - 21118:21118
+      - 21119:21119
+    image: rustdesk/rustdesk-server-s6:latest
+    environment:
+      - "RELAY=rustdesk.example.com:21117"
+      - "ENCRYPTED_ONLY=1"
+      - "DB_URL=/db/db_v2.sqlite3"
+    volumes:
+      - ./db:/db
+    restart: unless-stopped
+    secrets:
+      - key_pub
+      - key_priv
+
+secrets:
+  key_pub:
+    file: secrets/id_ed25519.pub
+  key_priv:
+    file: secrets/id_ed25519      
+```
+
+## 如何生成密钥对
+
+加密需要一对密钥；您可以按照前面所述提供它，但需要一个工具去生成密钥对。
+
+您可以使用以下命令生成一对密钥：
+
+```bash
+/usr/bin/rustdesk-utils genkeypair
+```
+
+如果您沒有（或不想）在系统上安装 `rustdesk-utils` 套件，您可以使用 Docker 执行相同的命令：
+
+```bash
+docker run --rm --entrypoint /usr/bin/rustdesk-utils  rustdesk/rustdesk-server-s6:latest genkeypair
+```
+
+运行后的输出内容如下：
+
+```text
+Public Key:  8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
+Secret Key:  egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
+```
+
+## .deb 套件
+
+每个可执行文件都有单独的 .deb 套件可供使用，您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到它們。
+這些套件适用于以下发行版：
+
+- Ubuntu 22.04 LTS
+- Ubuntu 20.04 LTS
+- Ubuntu 18.04 LTS
+- Debian 11 bullseye
+- Debian 10 buster
+
+## ENV 环境变量
+
+可以使用这些`环境变量`参数來配置 hbbs 和 hbbr。
+您可以像往常一样指定参数，或者使用 .env 文件。
+
+| 参数                    | 可执行文件         | 描述                                               |
+|-----------------------|---------------|--------------------------------------------------|
+| ALWAYS_USE_RELAY      | hbbs          | 如果设定为 **"Y"**，将关闭直接点对点连接功能                       |
+| DB_URL                | hbbs          | 数据库配置                                            |
+| DOWNGRADE_START_CHECK | hbbr          | 降级检查之前的延迟是啊尽（以秒为单位）                              |
+| DOWNGRADE_THRESHOLD   | hbbr          | 降级检查的阈值（bit/ms）                                  |
+| KEY                   | hbbs/hbbr     | 如果设置了此参数，将强制使用指定密钥对，如果设为 **"_"**，则强制使用任意密钥       |
+| LIMIT_SPEED           | hbbr          | 速度限制（以Mb/s为单位）                                   |
+| PORT                  | hbbs/hbbr     | 监听端口（hbbs为21116，hbbr为21117）                      |
+| RELAY_SERVERS         | hbbs          | 运行hbbr的机器的IP地址/DNS名称（用逗号分隔）                      |
+| RUST_LOG              | all           | 设置 debug level (error\|warn\|info\|debug\|trace) |
+| SINGLE_BANDWIDTH      | hbbr          | 单个连接的最大带宽（以Mb/s为单位）                              |
+| TOTAL_BANDWIDTH       | hbbr          | 最大总带宽（以Mb/s为单位）                                  |

README.md

@@ -1,3 +1,13 @@
+<p align="center">
+  <a href="#how-to-build-manually">Manually</a> •
+  <a href="#docker-images">Docker</a> •
+  <a href="#s6-overlay-based-images">S6-overlay</a> •
+  <a href="#how-to-create-a-keypair">Keypair</a> •
+  <a href="#deb-packages">Debian</a> •
+  <a href="#env-variables">Variables</a><br>
+  [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
+</p>
+
 # RustDesk Server Program
 
 [![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
@@ -24,7 +34,9 @@ Three executables will be generated in target/release.
 
 You can find updated binaries on the [releases](https://github.com/rustdesk/rustdesk-server/releases) page.
 
-If you wanna develop your own server, [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) might be a better and simpler start for you than this repo.
+If you want extra features [RustDesk Server Pro](https://rustdesk.com/pricing.html) might suit you better.
+
+If you want to develop your own server, [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) might be a better and simpler start for you than this repo.
 
 ## Docker images
 
@@ -46,7 +58,7 @@ docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-serv
 docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr 
 ```
 
-or without --net=host, but P2P direct connection can not work.
+or without `--net=host`, but P2P direct connection can not work.
 
 For systems using SELinux, replacing `/root` by `/root:z` is required for the containers to run correctly. Alternatively, SELinux container separation can be disabled completely adding the option `--security-opt label=disable`.
 
@@ -98,10 +110,13 @@ services:
     restart: unless-stopped
 ```
 
-Edit line 16 to point to your relay server (the one listening on port 21117). You can also edit the volume lines (L18 and L33) if you need.
+Edit line 16 to point to your relay server (the one listening on port 21117). You can also edit the volume lines (line 18 and line 33) if you need.
 
 (docker-compose credit goes to @lukebarone and @QuiGonLeong)
 
+
+> Note that here, the rustdesk/rustdesk-server:latest in China may be replaced with the latest version number on dockerhub, such as rustdesk-server:1.1.10-3. Otherwise, the old version may be pulled due to image acceleration.
+
 ## S6-overlay based images
 
 These images are build against `busybox:stable` with the addition of the binaries (both hbbr and hbbs) and [S6-overlay](https://github.com/just-containers/s6-overlay). They're available on [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) with these tags:
@@ -124,7 +139,7 @@ These images are build against `busybox:stable` with the addition of the binarie
 | arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
 | armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
 
-You're strongly encuraged to use the `multiarch` image either with the `major version` or `latest` tag.
+You're strongly encouraged to use the `multiarch` image either with the `major version` or `latest` tag.
 
 The S6-overlay acts as a supervisor and keeps both process running, so with this image there's no need to have two separate running containers.
 
@@ -138,7 +153,7 @@ docker run --name rustdesk-server \
   -v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
 ```
 
-or without --net=host, but P2P direct connection can not work.
+or without `--net=host`, but P2P direct connection cannot work.
 
 ```bash
 docker run --name rustdesk-server \
@@ -329,7 +344,7 @@ You can specify the variables as usual or use an `.env` file.
 | KEY | hbbs/hbbr | if set force the use of a specific key, if set to **"_"** force the use of any key |
 | LIMIT_SPEED | hbbr | speed limit (in Mb/s) |
 | PORT | hbbs/hbbr | listening port (21116 for hbbs - 21117 for hbbr) |
-| RELAY_SERVERS | hbbs | IP address/DNS name of the machines running hbbr (separated by comma) |
+| RELAY | hbbs | IP address/DNS name of the machines running hbbr (separated by comma) |
 | RUST_LOG | all | set debug level (error\|warn\|info\|debug\|trace) |
 | SINGLE_BANDWIDTH | hbbr | max bandwidth for a single connection (in Mb/s) |
 | TOTAL_BANDWIDTH | hbbr | max total bandwidth (in Mb/s) |

debian/changelog

@@ -1,3 +1,22 @@
+rustdesk-server (1.1.11) UNRELEASED; urgency=medium
+  * change -k to default '-', so you need not to set -k any more
+
+rustdesk-server (1.1.10-3) UNRELEASED; urgency=medium
+  * fix on -2
+
+rustdesk-server (1.1.10-2) UNRELEASED; urgency=medium
+
+  * fix hangup signal exit when run with nohup
+  * some minors
+
+rustdesk-server (1.1.9) UNRELEASED; urgency=medium
+
+  * remove unsafe
+
+rustdesk-server (1.1.8) UNRELEASED; urgency=medium
+
+  * fix test_hbbs and mask in lan
+
 rustdesk-server (1.1.7) UNRELEASED; urgency=medium
 
   * ipv6 support

debian/rustdesk-server-hbbr.postinst

@@ -4,7 +4,7 @@ set -e
 SERVICE=rustdesk-hbbr.service
 
 if [ "$1" = "configure" ]; then
-    mkdir -p /var/log/rustdesk
+    mkdir -p /var/log/rustdesk-server
 fi
 
 case "$1" in

debian/rustdesk-server-hbbr.postrm

@@ -6,7 +6,7 @@ SERVICE=rustdesk-hbbr.service
 systemctl --system daemon-reload >/dev/null || true
 
 if [ "$1" = "purge" ]; then
-	rm -rf /var/lib/rustdesk-server/ /var/log/rustdesk/rustdesk-hbbr.* /var/log/rustdesk/rustdesk-hbbs.*
+	rm -rf /var/log/rustdesk-server/rustdesk-hbbr.*
 	deb-systemd-helper purge "${SERVICE}" >/dev/null || true
 	deb-systemd-helper unmask "${SERVICE}" >/dev/null || true
 fi

debian/rustdesk-server-hbbs.postinst

@@ -4,7 +4,7 @@ set -e
 SERVICE=rustdesk-hbbs.service
 
 if [ "$1" = "configure" ]; then
-    mkdir -p /var/log/rustdesk
+    mkdir -p /var/log/rustdesk-server
 fi
 
 case "$1" in

debian/rustdesk-server-hbbs.postrm

@@ -6,7 +6,7 @@ SERVICE=rustdesk-hbbs.service
 systemctl --system daemon-reload >/dev/null || true
 
 if [ "$1" = "purge" ]; then
-	rm -rf /var/lib/rustdesk-server/
+	rm -rf /var/lib/rustdesk-server/ /var/log/rustdesk-server/rustdesk-hbbs.*
 	deb-systemd-helper purge "${SERVICE}" >/dev/null || true
 	deb-systemd-helper unmask "${SERVICE}" >/dev/null || true
 fi

docker-classic/Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:20.04    
+FROM scratch    
 COPY hbbs /usr/bin/hbbs    
 COPY hbbr /usr/bin/hbbr    
 WORKDIR /root 

libs/hbb_common/src/config.rs

@@ -337,14 +337,13 @@ impl Config2 {
 pub fn load_path<T: serde::Serialize + serde::de::DeserializeOwned + Default + std::fmt::Debug>(
     file: PathBuf,
 ) -> T {
-    let cfg = match confy::load_path(file) {
+    match confy::load_path(file) {
         Ok(config) => config,
         Err(err) => {
             log::error!("Failed to load config: {}", err);
             T::default()
         }
-    };
-    cfg
+    }
 }
 
 #[inline]

libs/hbb_common/src/lib.rs

@@ -1,5 +1,4 @@
 pub mod compress;
-pub mod platform;
 pub mod protos;
 pub use bytes;
 use config::Config;

libs/hbb_common/src/platform/linux.rs

@@ -1,157 +0,0 @@
-use crate::ResultType;
-
-lazy_static::lazy_static! {
-    pub static ref DISTRO: Distro = Distro::new();
-}
-
-pub struct Distro {
-    pub name: String,
-    pub version_id: String,
-}
-
-impl Distro {
-    fn new() -> Self {
-        let name = run_cmds("awk -F'=' '/^NAME=/ {print $2}' /etc/os-release".to_owned())
-            .unwrap_or_default()
-            .trim()
-            .trim_matches('"')
-            .to_string();
-        let version_id =
-            run_cmds("awk -F'=' '/^VERSION_ID=/ {print $2}' /etc/os-release".to_owned())
-                .unwrap_or_default()
-                .trim()
-                .trim_matches('"')
-                .to_string();
-        Self { name, version_id }
-    }
-}
-
-pub fn get_display_server() -> String {
-    let mut session = get_values_of_seat0([0].to_vec())[0].clone();
-    if session.is_empty() {
-        // loginctl has not given the expected output.  try something else.
-        if let Ok(sid) = std::env::var("XDG_SESSION_ID") {
-            // could also execute "cat /proc/self/sessionid"
-            session = sid;
-        }
-        if session.is_empty() {
-            session = run_cmds("cat /proc/self/sessionid".to_owned()).unwrap_or_default();
-        }
-    }
-
-    get_display_server_of_session(&session)
-}
-
-fn get_display_server_of_session(session: &str) -> String {
-    let mut display_server = if let Ok(output) =
-        run_loginctl(Some(vec!["show-session", "-p", "Type", session]))
-    // Check session type of the session
-    {
-        let display_server = String::from_utf8_lossy(&output.stdout)
-            .replace("Type=", "")
-            .trim_end()
-            .into();
-        if display_server == "tty" {
-            // If the type is tty...
-            if let Ok(output) = run_loginctl(Some(vec!["show-session", "-p", "TTY", session]))
-            // Get the tty number
-            {
-                let tty: String = String::from_utf8_lossy(&output.stdout)
-                    .replace("TTY=", "")
-                    .trim_end()
-                    .into();
-                if let Ok(xorg_results) = run_cmds(format!("ps -e | grep \"{tty}.\\\\+Xorg\""))
-                // And check if Xorg is running on that tty
-                {
-                    if xorg_results.trim_end() != "" {
-                        // If it is, manually return "x11", otherwise return tty
-                        return "x11".to_owned();
-                    }
-                }
-            }
-        }
-        display_server
-    } else {
-        "".to_owned()
-    };
-    if display_server.is_empty() || display_server == "tty" {
-        // loginctl has not given the expected output.  try something else.
-        if let Ok(sestype) = std::env::var("XDG_SESSION_TYPE") {
-            display_server = sestype;
-        }
-    }
-    // If the session is not a tty, then just return the type as usual
-    display_server
-}
-
-pub fn get_values_of_seat0(indices: Vec<usize>) -> Vec<String> {
-    if let Ok(output) = run_loginctl(None) {
-        for line in String::from_utf8_lossy(&output.stdout).lines() {
-            if line.contains("seat0") {
-                if let Some(sid) = line.split_whitespace().next() {
-                    if is_active(sid) {
-                        return indices
-                            .into_iter()
-                            .map(|idx| line.split_whitespace().nth(idx).unwrap_or("").to_owned())
-                            .collect::<Vec<String>>();
-                    }
-                }
-            }
-        }
-    }
-
-    // some case, there is no seat0 https://github.com/rustdesk/rustdesk/issues/73
-    if let Ok(output) = run_loginctl(None) {
-        for line in String::from_utf8_lossy(&output.stdout).lines() {
-            if let Some(sid) = line.split_whitespace().next() {
-                let d = get_display_server_of_session(sid);
-                if is_active(sid) && d != "tty" {
-                    return indices
-                        .into_iter()
-                        .map(|idx| line.split_whitespace().nth(idx).unwrap_or("").to_owned())
-                        .collect::<Vec<String>>();
-                }
-            }
-        }
-    }
-
-    return indices
-        .iter()
-        .map(|_x| "".to_owned())
-        .collect::<Vec<String>>();
-}
-
-fn is_active(sid: &str) -> bool {
-    if let Ok(output) = run_loginctl(Some(vec!["show-session", "-p", "State", sid])) {
-        String::from_utf8_lossy(&output.stdout).contains("active")
-    } else {
-        false
-    }
-}
-
-pub fn run_cmds(cmds: String) -> ResultType<String> {
-    let output = std::process::Command::new("sh")
-        .args(vec!["-c", &cmds])
-        .output()?;
-    Ok(String::from_utf8_lossy(&output.stdout).to_string())
-}
-
-#[cfg(not(feature = "flatpak"))]
-fn run_loginctl(args: Option<Vec<&str>>) -> std::io::Result<std::process::Output> {
-    let mut cmd = std::process::Command::new("loginctl");
-    if let Some(a) = args {
-        return cmd.args(a).output();
-    }
-    cmd.output()
-}
-
-#[cfg(feature = "flatpak")]
-fn run_loginctl(args: Option<Vec<&str>>) -> std::io::Result<std::process::Output> {
-    let mut l_args = String::from("loginctl");
-    if let Some(a) = args {
-        l_args = format!("{} {}", l_args, a.join(" "));
-    }
-    std::process::Command::new("flatpak-spawn")
-        .args(vec![String::from("--host"), l_args])
-        .output()
-}

libs/hbb_common/src/platform/mod.rs

@@ -1,2 +0,0 @@
-#[cfg(target_os = "linux")]
-pub mod linux;

rcd/rustdesk-hbbr

@@ -0,0 +1,65 @@
+#!/bin/sh
+
+# PROVIDE: rustdesk_hbbr
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# rustdesk_hbbr_enable (bool):            Set to NO by default.
+#               Set it to YES to enable rustdesk_hbbr.
+# rustdesk_hbbr_args (string):            Set extra arguments to pass to rustdesk_hbbr
+#               Default is "-k _".
+# rustdesk_hbbr_user (string):            Set user that rustdesk_hbbr will run under
+#               Default is "root".
+# rustdesk_hbbr_group (string):           Set group that rustdesk_hbbr will run under
+#               Default is "wheel".
+
+. /etc/rc.subr
+
+name=rustdesk_hbbr
+desc="Rustdesk Relay Server"
+rcvar=rustdesk_hbbr_enable
+
+load_rc_config $name
+
+: ${rustdesk_hbbr_enable:=NO}
+: ${rustdesk_hbbr_args="-k _"}
+: ${rustdesk_hbbr_user:=rustdesk}
+: ${rustdesk_hbbr_group:=rustdesk}
+
+pidfile=/var/run/rustdesk_hbbr.pid
+command=/usr/sbin/daemon
+procname=/usr/local/sbin/hbbr
+rustdesk_hbbr_chdir=/var/db/rustdesk-server
+command_args="-p ${pidfile} -o /var/log/rustdesk-hbbr.log ${procname} ${rustdesk_hbbr_args}"
+## If you want the daemon do its log over syslog comment out the above line and remove the comment from the below replacement
+#command_args="-p ${pidfile} -T ${name} ${procname} ${rustdesk_hbbr_args}"
+
+start_precmd=rustdesk_hbbr_startprecmd
+
+rustdesk_hbbr_startprecmd()
+{
+    if [ -e ${pidfile} ]; then
+        chown ${rustdesk_hbbr_user}:${rustdesk_hbbr_group} ${pidfile};
+    else
+        install -o ${rustdesk_hbbr_user} -g ${rustdesk_hbbr_group} /dev/null ${pidfile};
+    fi
+    if [ -e ${rustdesk_hbbr_chdir} ]; then
+        chown -R ${rustdesk_hbbr_user}:${rustdesk_hbbr_group} ${rustdesk_hbbr_chdir};
+        chmod -R 770 ${rustdesk_hbbr_chdir};
+    else
+        mkdir -m 770 ${rustdesk_hbbr_chdir};
+        chown ${rustdesk_hbbr_user}:${rustdesk_hbbr_group} ${rustdesk_hbbr_chdir};
+    fi
+    if [ -e /var/log/rustdesk-hbbr.log ]; then
+        chown -R ${rustdesk_hbbr_user}:${rustdesk_hbbr_group} /var/log/rustdesk-hbbr.log;
+        chmod 660 /var/log/rustdesk-hbbr.log;
+    else
+        install -o ${rustdesk_hbbr_user} -g ${rustdesk_hbbr_group} /dev/null /var/log/rustdesk-hbbr.log;
+        chmod 660 /var/log/rustdesk-hbbr.log;
+    fi
+}
+
+run_rc_command "$1"

rcd/rustdesk-hbbs

@@ -0,0 +1,68 @@
+#!/bin/sh
+
+# PROVIDE: rustdesk_hbbs
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# rustdesk_hbbs_enable (bool):            Set to NO by default.
+#               Set it to YES to enable rustdesk_hbbs.
+# rustdesk_hbbs_ip (string):              Set IP address/hostname of relay server to use
+#               Defaults to "127.0.0.1", please replace with your server hostname/IP.
+# rustdesk_hbbs_args (string):            Set extra arguments to pass to rustdesk_hbbs
+#               Default is "-r ${rustdesk_hbbs_ip} -k _".
+# rustdesk_hbbs_user (string):            Set user that rustdesk_hbbs will run under
+#               Default is "root".
+# rustdesk_hbbs_group (string):           Set group that rustdesk_hbbs will run under
+#               Default is "wheel".
+
+. /etc/rc.subr
+
+name=rustdesk_hbbs
+desc="Rustdesk ID/Rendezvous Server"
+rcvar=rustdesk_hbbs_enable
+
+load_rc_config $name
+
+: ${rustdesk_hbbs_enable:=NO}
+: ${rustdesk_hbbs_ip:=127.0.0.1}
+: ${rustdesk_hbbs_args="-r ${rustdesk_hbbs_ip} -k _"}
+: ${rustdesk_hbbs_user:=rustdesk}
+: ${rustdesk_hbbs_group:=rustdesk}
+
+pidfile=/var/run/rustdesk_hbbs.pid
+command=/usr/sbin/daemon
+procname=/usr/local/sbin/hbbs
+rustdesk_hbbs_chdir=/var/db/rustdesk-server
+command_args="-p ${pidfile} -o /var/log/rustdesk-hbbs.log ${procname} ${rustdesk_hbbs_args}"
+## If you want the daemon to do its log over syslog, comment out the above line and remove the comment from the below replacement
+#command_args="-p ${pidfile} -T ${name} ${procname} ${rustdesk_hbbs_args}"
+
+start_precmd=rustdesk_hbbs_startprecmd
+
+rustdesk_hbbs_startprecmd()
+{
+    if [ -e ${pidfile} ]; then
+        chown ${rustdesk_hbbs_user}:${rustdesk_hbbs_group} ${pidfile};
+    else
+        install -o ${rustdesk_hbbs_user} -g ${rustdesk_hbbs_group} /dev/null ${pidfile};
+    fi
+    if [ -e ${rustdesk_hbbs_chdir} ]; then
+        chown -R ${rustdesk_hbbs_user}:${rustdesk_hbbs_group} ${rustdesk_hbbs_chdir};
+        chmod -R 770 ${rustdesk_hbbs_chdir};
+    else
+        mkdir -m 770 ${rustdesk_hbbs_chdir};
+        chown ${rustdesk_hbbs_user}:${rustdesk_hbbs_group} ${rustdesk_hbbs_chdir};
+    fi
+    if [ -e /var/log/rustdesk-hbbs.log ]; then
+        chown -R ${rustdesk_hbbs_user}:${rustdesk_hbbs_group} /var/log/rustdesk-hbbs.log;
+        chmod 660 /var/log/rustdesk-hbbs.log;
+    else
+        install -o ${rustdesk_hbbs_user} -g ${rustdesk_hbbs_group} /dev/null /var/log/rustdesk-hbbs.log;
+        chmod 660 /var/log/rustdesk-hbbs.log;
+    fi
+}
+
+run_rc_command "$1"

src/common.rs

@@ -78,7 +78,7 @@ pub fn init_args(args: &str, name: &str, about: &str) {
         }
     }
     for (k, v) in matches.args {
-        if let Some(v) = v.vals.get(0) {
+        if let Some(v) = v.vals.first() {
             std::env::set_var(arg_name(k), v.to_string_lossy().to_string());
         }
     }
@@ -113,13 +113,18 @@ pub fn gen_sk(wait: u64) -> (String, Option<sign::SecretKey>) {
     if let Ok(mut file) = std::fs::File::open(sk_file) {
         let mut contents = String::new();
         if file.read_to_string(&mut contents).is_ok() {
-            let sk = base64::decode(&contents).unwrap_or_default();
+            let contents = contents.trim();
+            let sk = base64::decode(contents).unwrap_or_default();
             if sk.len() == sign::SECRETKEYBYTES {
                 let mut tmp = [0u8; sign::SECRETKEYBYTES];
                 tmp[..].copy_from_slice(&sk);
                 let pk = base64::encode(&tmp[sign::SECRETKEYBYTES / 2..]);
                 log::info!("Private key comes from {}", sk_file);
                 return (pk, Some(sign::SecretKey(tmp)));
+            } else {
+                // don't use log here, since it is async
+                println!("Fatal error: malformed private key in {sk_file}.");
+                std::process::exit(1);
             }
         }
     } else {
@@ -156,8 +161,6 @@ pub async fn listen_signal() -> Result<()> {
     use hbb_common::tokio::signal::unix::{signal, SignalKind};
 
     tokio::spawn(async {
-        let mut s = signal(SignalKind::hangup())?;
-        let hangup = s.recv();
         let mut s = signal(SignalKind::terminate())?;
         let terminate = s.recv();
         let mut s = signal(SignalKind::interrupt())?;
@@ -166,9 +169,6 @@ pub async fn listen_signal() -> Result<()> {
         let quit = s.recv();
 
         tokio::select! {
-            _ = hangup => {
-                log::info!("signal hangup");
-            }
             _ = terminate => {
                 log::info!("signal terminate");
             }

src/hbbr.rs

@@ -39,7 +39,7 @@ fn main() -> ResultType<()> {
         matches.value_of("port").unwrap_or(&port.to_string()),
         matches
             .value_of("key")
-            .unwrap_or(&std::env::var("KEY").unwrap_or_default()),
+            .unwrap_or(&std::env::var("KEY").unwrap_or("-".to_owned())),
     )?;
     Ok(())
 }

src/main.rs

@@ -17,9 +17,9 @@ fn main() -> ResultType<()> {
         "-c --config=[FILE] +takes_value 'Sets a custom config file'
         -p, --port=[NUMBER(default={RENDEZVOUS_PORT})] 'Sets the listening port'
         -s, --serial=[NUMBER(default=0)] 'Sets configure update serial number'
-        -R, --rendezvous-servers=[HOSTS] 'Sets rendezvous servers, seperated by colon'
+        -R, --rendezvous-servers=[HOSTS] 'Sets rendezvous servers, separated by colon'
         -u, --software-url=[URL] 'Sets download url of RustDesk software of newest version'
-        -r, --relay-servers=[HOST] 'Sets the default relay servers, seperated by colon'
+        -r, --relay-servers=[HOST] 'Sets the default relay servers, separated by colon'
         -M, --rmem=[NUMBER(default={RMEM})] 'Sets UDP recv buffer size, set system rmem_max first, e.g., sudo sysctl -w net.core.rmem_max=52428800. vi /etc/sysctl.conf, net.core.rmem_max=52428800, sudo sysctl –p'
         , --mask=[MASK] 'Determine if the connection comes from LAN, e.g. 192.168.0.0/16'
         -k, --key=[KEY] 'Only allow the client with the same key'",
@@ -31,6 +31,6 @@ fn main() -> ResultType<()> {
     }
     let rmem = get_arg("rmem").parse::<usize>().unwrap_or(RMEM);
     let serial: i32 = get_arg("serial").parse().unwrap_or(0);
-    RendezvousServer::start(port, serial, &get_arg("key"), rmem)?;
+    RendezvousServer::start(port, serial, &get_arg_or("key", "-".to_owned()), rmem)?;
     Ok(())
 }

src/relay_server.rs

@@ -25,6 +25,7 @@ use std::{
     io::prelude::*,
     io::Error,
     net::SocketAddr,
+    sync::atomic::{AtomicUsize, Ordering},
 };
 
 type Usage = (usize, usize, usize, usize);
@@ -36,11 +37,11 @@ lazy_static::lazy_static! {
     static ref BLOCKLIST: RwLock<HashSet<String>> = Default::default();
 }
 
-static mut DOWNGRADE_THRESHOLD: f64 = 0.66;
-static mut DOWNGRADE_START_CHECK: usize = 1_800_000; // in ms
-static mut LIMIT_SPEED: usize = 4 * 1024 * 1024; // in bit/s
-static mut TOTAL_BANDWIDTH: usize = 1024 * 1024 * 1024; // in bit/s
-static mut SINGLE_BANDWIDTH: usize = 16 * 1024 * 1024; // in bit/s
+static DOWNGRADE_THRESHOLD_100: AtomicUsize = AtomicUsize::new(66); // 0.66
+static DOWNGRADE_START_CHECK: AtomicUsize = AtomicUsize::new(1_800_000); // in ms
+static LIMIT_SPEED: AtomicUsize = AtomicUsize::new(4 * 1024 * 1024); // in bit/s
+static TOTAL_BANDWIDTH: AtomicUsize = AtomicUsize::new(1024 * 1024 * 1024); // in bit/s
+static SINGLE_BANDWIDTH: AtomicUsize = AtomicUsize::new(16 * 1024 * 1024); // in bit/s
 const BLACKLIST_FILE: &str = "blacklist.txt";
 const BLOCKLIST_FILE: &str = "blocklist.txt";
 
@@ -99,57 +100,53 @@ fn check_params() {
         .map(|x| x.parse::<f64>().unwrap_or(0.))
         .unwrap_or(0.);
     if tmp > 0. {
-        unsafe {
-            DOWNGRADE_THRESHOLD = tmp;
-        }
+        DOWNGRADE_THRESHOLD_100.store((tmp * 100.) as _, Ordering::SeqCst);
     }
-    unsafe { log::info!("DOWNGRADE_THRESHOLD: {}", DOWNGRADE_THRESHOLD) };
+    log::info!(
+        "DOWNGRADE_THRESHOLD: {}",
+        DOWNGRADE_THRESHOLD_100.load(Ordering::SeqCst) as f64 / 100.
+    );
     let tmp = std::env::var("DOWNGRADE_START_CHECK")
         .map(|x| x.parse::<usize>().unwrap_or(0))
         .unwrap_or(0);
     if tmp > 0 {
-        unsafe {
-            DOWNGRADE_START_CHECK = tmp * 1000;
-        }
+        DOWNGRADE_START_CHECK.store(tmp * 1000, Ordering::SeqCst);
     }
-    unsafe { log::info!("DOWNGRADE_START_CHECK: {}s", DOWNGRADE_START_CHECK / 1000) };
+    log::info!(
+        "DOWNGRADE_START_CHECK: {}s",
+        DOWNGRADE_START_CHECK.load(Ordering::SeqCst) / 1000
+    );
     let tmp = std::env::var("LIMIT_SPEED")
         .map(|x| x.parse::<f64>().unwrap_or(0.))
         .unwrap_or(0.);
     if tmp > 0. {
-        unsafe {
-            LIMIT_SPEED = (tmp * 1024. * 1024.) as usize;
-        }
+        LIMIT_SPEED.store((tmp * 1024. * 1024.) as usize, Ordering::SeqCst);
     }
-    unsafe { log::info!("LIMIT_SPEED: {}Mb/s", LIMIT_SPEED as f64 / 1024. / 1024.) };
+    log::info!(
+        "LIMIT_SPEED: {}Mb/s",
+        LIMIT_SPEED.load(Ordering::SeqCst) as f64 / 1024. / 1024.
+    );
     let tmp = std::env::var("TOTAL_BANDWIDTH")
         .map(|x| x.parse::<f64>().unwrap_or(0.))
         .unwrap_or(0.);
     if tmp > 0. {
-        unsafe {
-            TOTAL_BANDWIDTH = (tmp * 1024. * 1024.) as usize;
-        }
+        TOTAL_BANDWIDTH.store((tmp * 1024. * 1024.) as usize, Ordering::SeqCst);
     }
-    unsafe {
-        log::info!(
-            "TOTAL_BANDWIDTH: {}Mb/s",
-            TOTAL_BANDWIDTH as f64 / 1024. / 1024.
-        )
-    };
+
+    log::info!(
+        "TOTAL_BANDWIDTH: {}Mb/s",
+        TOTAL_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
+    );
     let tmp = std::env::var("SINGLE_BANDWIDTH")
         .map(|x| x.parse::<f64>().unwrap_or(0.))
         .unwrap_or(0.);
     if tmp > 0. {
-        unsafe {
-            SINGLE_BANDWIDTH = (tmp * 1024. * 1024.) as usize;
-        }
+        SINGLE_BANDWIDTH.store((tmp * 1024. * 1024.) as usize, Ordering::SeqCst);
     }
-    unsafe {
-        log::info!(
-            "SINGLE_BANDWIDTH: {}Mb/s",
-            SINGLE_BANDWIDTH as f64 / 1024. / 1024.
-        )
-    };
+    log::info!(
+        "SINGLE_BANDWIDTH: {}Mb/s",
+        SINGLE_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
+    )
 }
 
 async fn check_cmd(cmd: &str, limiter: Limiter) -> String {
@@ -233,76 +230,68 @@ async fn check_cmd(cmd: &str, limiter: Limiter) -> String {
             if let Some(v) = fds.next() {
                 if let Ok(v) = v.parse::<f64>() {
                     if v > 0. {
-                        unsafe {
-                            DOWNGRADE_THRESHOLD = v;
-                        }
+                        DOWNGRADE_THRESHOLD_100.store((v * 100.) as _, Ordering::SeqCst);
                     }
                 }
             } else {
-                unsafe {
-                    res = format!("{DOWNGRADE_THRESHOLD}\n");
-                }
+                res = format!(
+                    "{}\n",
+                    DOWNGRADE_THRESHOLD_100.load(Ordering::SeqCst) as f64 / 100.
+                );
             }
         }
         Some("downgrade-start-check" | "t") => {
             if let Some(v) = fds.next() {
                 if let Ok(v) = v.parse::<usize>() {
                     if v > 0 {
-                        unsafe {
-                            DOWNGRADE_START_CHECK = v * 1000;
-                        }
+                        DOWNGRADE_START_CHECK.store(v * 1000, Ordering::SeqCst);
                     }
                 }
             } else {
-                unsafe {
-                    res = format!("{}s\n", DOWNGRADE_START_CHECK / 1000);
-                }
+                res = format!("{}s\n", DOWNGRADE_START_CHECK.load(Ordering::SeqCst) / 1000);
             }
         }
         Some("limit-speed" | "ls") => {
             if let Some(v) = fds.next() {
                 if let Ok(v) = v.parse::<f64>() {
                     if v > 0. {
-                        unsafe {
-                            LIMIT_SPEED = (v * 1024. * 1024.) as _;
-                        }
+                        LIMIT_SPEED.store((v * 1024. * 1024.) as _, Ordering::SeqCst);
                     }
                 }
             } else {
-                unsafe {
-                    res = format!("{}Mb/s\n", LIMIT_SPEED as f64 / 1024. / 1024.);
-                }
+                res = format!(
+                    "{}Mb/s\n",
+                    LIMIT_SPEED.load(Ordering::SeqCst) as f64 / 1024. / 1024.
+                );
             }
         }
         Some("total-bandwidth" | "tb") => {
             if let Some(v) = fds.next() {
                 if let Ok(v) = v.parse::<f64>() {
                     if v > 0. {
-                        unsafe {
-                            TOTAL_BANDWIDTH = (v * 1024. * 1024.) as _;
-                            limiter.set_speed_limit(TOTAL_BANDWIDTH as _);
-                        }
+                        TOTAL_BANDWIDTH.store((v * 1024. * 1024.) as _, Ordering::SeqCst);
+                        limiter.set_speed_limit(TOTAL_BANDWIDTH.load(Ordering::SeqCst) as _);
                     }
                 }
             } else {
-                unsafe {
-                    res = format!("{}Mb/s\n", TOTAL_BANDWIDTH as f64 / 1024. / 1024.);
-                }
+                res = format!(
+                    "{}Mb/s\n",
+                    TOTAL_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
+                );
             }
         }
         Some("single-bandwidth" | "sb") => {
             if let Some(v) = fds.next() {
                 if let Ok(v) = v.parse::<f64>() {
                     if v > 0. {
-                        unsafe {
-                            SINGLE_BANDWIDTH = (v * 1024. * 1024.) as _;
-                        }
+                        SINGLE_BANDWIDTH.store((v * 1024. * 1024.) as _, Ordering::SeqCst);
                     }
                 }
             } else {
-                unsafe {
-                    res = format!("{}Mb/s\n", SINGLE_BANDWIDTH as f64 / 1024. / 1024.);
-                }
+                res = format!(
+                    "{}Mb/s\n",
+                    SINGLE_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
+                );
             }
         }
         Some("usage" | "u") => {
@@ -336,7 +325,7 @@ async fn check_cmd(cmd: &str, limiter: Limiter) -> String {
 
 async fn io_loop(listener: TcpListener, listener2: TcpListener, key: &str) {
     check_params();
-    let limiter = <Limiter>::new(unsafe { TOTAL_BANDWIDTH as _ });
+    let limiter = <Limiter>::new(TOTAL_BANDWIDTH.load(Ordering::SeqCst) as _);
     loop {
         tokio::select! {
             res = listener.accept() => {
@@ -374,12 +363,12 @@ async fn handle_connection(
     key: &str,
     ws: bool,
 ) {
-    let ip = addr.ip().to_string();
-    if !ws && ip == "127.0.0.1" {
+    let ip = hbb_common::try_into_v4(addr).ip();
+    if !ws && ip.is_loopback() {
         let limiter = limiter.clone();
         tokio::spawn(async move {
             let mut stream = stream;
-            let mut buffer = [0; 64];
+            let mut buffer = [0; 1024];
             if let Ok(Ok(n)) = timeout(1000, stream.read(&mut buffer[..])).await {
                 if let Ok(data) = std::str::from_utf8(&buffer[..n]) {
                     let res = check_cmd(data, limiter).await;
@@ -389,6 +378,7 @@ async fn handle_connection(
         });
         return;
     }
+    let ip = ip.to_string();
     if BLOCKLIST.read().await.get(&ip).is_some() {
         log::info!("{} blocked", ip);
         return;
@@ -474,10 +464,11 @@ async fn relay(
     let mut highest_s = 0;
     let mut downgrade: bool = false;
     let mut blacked: bool = false;
-    let limiter = <Limiter>::new(unsafe { SINGLE_BANDWIDTH as _ });
-    let blacklist_limiter = <Limiter>::new(unsafe { LIMIT_SPEED as _ });
+    let sb = SINGLE_BANDWIDTH.load(Ordering::SeqCst) as f64;
+    let limiter = <Limiter>::new(sb);
+    let blacklist_limiter = <Limiter>::new(LIMIT_SPEED.load(Ordering::SeqCst) as _);
     let downgrade_threshold =
-        (unsafe { SINGLE_BANDWIDTH as f64 * DOWNGRADE_THRESHOLD } / 1000.) as usize; // in bit/ms
+        (sb * DOWNGRADE_THRESHOLD_100.load(Ordering::SeqCst) as f64 / 100. / 1000.) as usize; // in bit/ms
     let mut timer = interval(Duration::from_secs(3));
     let mut last_recv_time = std::time::Instant::now();
     loop {
@@ -545,7 +536,7 @@ async fn relay(
                 (elapsed as _, total as _, highest_s as _, speed as _),
             );
             total_s = 0;
-            if elapsed > unsafe { DOWNGRADE_START_CHECK }
+            if elapsed > DOWNGRADE_START_CHECK.load(Ordering::SeqCst)
                 && !downgrade
                 && total > elapsed * downgrade_threshold
             {

src/rendezvous_server.rs

@@ -1,7 +1,7 @@
 use crate::common::*;
 use crate::peer::*;
 use hbb_common::{
-    allow_err,
+    allow_err, bail,
     bytes::{Bytes, BytesMut},
     bytes_codec::BytesCodec,
     config,
@@ -35,10 +35,10 @@ use sodiumoxide::crypto::sign;
 use std::{
     collections::HashMap,
     net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr},
+    sync::atomic::{AtomicBool, AtomicUsize, Ordering},
     sync::Arc,
     time::Instant,
 };
-const ADDR_127: IpAddr = IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1));
 
 #[derive(Clone, Debug)]
 enum Data {
@@ -56,10 +56,10 @@ enum Sink {
 }
 type Sender = mpsc::UnboundedSender<Data>;
 type Receiver = mpsc::UnboundedReceiver<Data>;
-static mut ROTATION_RELAY_SERVER: usize = 0;
+static ROTATION_RELAY_SERVER: AtomicUsize = AtomicUsize::new(0);
 type RelayServers = Vec<String>;
 static CHECK_RELAY_TIMEOUT: u64 = 3_000;
-static mut ALWAYS_USE_RELAY: bool = false;
+static ALWAYS_USE_RELAY: AtomicBool = AtomicBool::new(false);
 
 #[derive(Clone)]
 struct Inner {
@@ -93,7 +93,6 @@ impl RendezvousServer {
     #[tokio::main(flavor = "multi_thread")]
     pub async fn start(port: i32, serial: i32, key: &str, rmem: usize) -> ResultType<()> {
         let (key, sk) = Self::get_server_sk(key);
-        let addr = format!("0.0.0.0:{port}");
         let nat_port = port - 1;
         let ws_port = port + 2;
         let pm = PeerMap::new().await?;
@@ -149,27 +148,36 @@ impl RendezvousServer {
             .to_uppercase()
             == "Y"
         {
-            unsafe {
-                ALWAYS_USE_RELAY = true;
-            }
+            ALWAYS_USE_RELAY.store(true, Ordering::SeqCst);
         }
         log::info!(
             "ALWAYS_USE_RELAY={}",
-            if unsafe { ALWAYS_USE_RELAY } {
+            if ALWAYS_USE_RELAY.load(Ordering::SeqCst) {
                 "Y"
             } else {
                 "N"
             }
         );
         if test_addr.to_lowercase() != "no" {
-            let test_addr = (if test_addr.is_empty() {
-                addr.replace("0.0.0.0", "127.0.0.1")
+            let test_addr = if test_addr.is_empty() {
+                listener.local_addr()?
             } else {
-                test_addr
-            })
-            .parse::<SocketAddr>()?;
+                test_addr.parse()?
+            };
             tokio::spawn(async move {
-                allow_err!(test_hbbs(test_addr).await);
+                if let Err(err) = test_hbbs(test_addr).await {
+                    if test_addr.is_ipv6() && test_addr.ip().is_unspecified() {
+                        let mut test_addr = test_addr;
+                        test_addr.set_ip(IpAddr::V4(Ipv4Addr::UNSPECIFIED));
+                        if let Err(err) = test_hbbs(test_addr).await {
+                            log::error!("Failed to run hbbs test with {test_addr}: {err}");
+                            std::process::exit(1);
+                        }
+                    } else {
+                        log::error!("Failed to run hbbs test with {test_addr}: {err}");
+                        std::process::exit(1);
+                    }
+                }
             });
         };
         let main_task = async move {
@@ -427,7 +435,7 @@ impl RendezvousServer {
                     self.handle_local_addr(la, addr, Some(socket)).await?;
                 }
                 Some(rendezvous_message::Union::ConfigureUpdate(mut cu)) => {
-                    if addr.ip() == ADDR_127 && cu.serial > self.inner.serial {
+                    if try_into_v4(addr).ip().is_loopback() && cu.serial > self.inner.serial {
                         let mut inner: Inner = (*self.inner).clone();
                         inner.serial = cu.serial;
                         self.inner = Arc::new(inner);
@@ -566,7 +574,7 @@ impl RendezvousServer {
                 ip != old.socket_addr.ip()
             } else {
                 ip.to_string() != old.info.ip
-            } && ip != ADDR_127;
+            } && !ip.is_loopback();
             let request_pk = old.pk.is_empty() || ip_change;
             if !request_pk {
                 old.socket_addr = socket_addr;
@@ -702,24 +710,21 @@ impl RendezvousServer {
             let peer_is_lan = self.is_lan(peer_addr);
             let is_lan = self.is_lan(addr);
             let mut relay_server = self.get_relay_server(addr.ip(), peer_addr.ip());
-            if unsafe { ALWAYS_USE_RELAY } || (peer_is_lan ^ is_lan) {
+            if ALWAYS_USE_RELAY.load(Ordering::SeqCst) || (peer_is_lan ^ is_lan) {
                 if peer_is_lan {
                     // https://github.com/rustdesk/rustdesk-server/issues/24
                     relay_server = self.inner.local_ip.clone()
                 }
                 ph.nat_type = NatType::SYMMETRIC.into(); // will force relay
             }
-            let same_intranet = !ws
-                && match peer_addr {
-                    SocketAddr::V4(a) => match addr {
-                        SocketAddr::V4(b) => a.ip() == b.ip(),
+            let same_intranet: bool = !ws
+                && (peer_is_lan && is_lan || {
+                    match (peer_addr, addr) {
+                        (SocketAddr::V4(a), SocketAddr::V4(b)) => a.ip() == b.ip(),
+                        (SocketAddr::V6(a), SocketAddr::V6(b)) => a.ip() == b.ip(),
                         _ => false,
-                    },
-                    SocketAddr::V6(a) => match addr {
-                        SocketAddr::V6(b) => a.ip() == b.ip(),
-                        _ => false,
-                    },
-                };
+                    }
+                });
             let socket_addr = AddrMangle::encode(addr).into();
             if same_intranet {
                 log::debug!(
@@ -899,10 +904,7 @@ impl RendezvousServer {
         } else if self.relay_servers.len() == 1 {
             return self.relay_servers[0].clone();
         }
-        let i = unsafe {
-            ROTATION_RELAY_SERVER += 1;
-            ROTATION_RELAY_SERVER % self.relay_servers.len()
-        };
+        let i = ROTATION_RELAY_SERVER.fetch_add(1, Ordering::SeqCst) % self.relay_servers.len();
         self.relay_servers[i].clone()
     }
 
@@ -1021,13 +1023,17 @@ impl RendezvousServer {
             Some("always-use-relay" | "aur") => {
                 if let Some(rs) = fds.next() {
                     if rs.to_uppercase() == "Y" {
-                        unsafe { ALWAYS_USE_RELAY = true };
+                        ALWAYS_USE_RELAY.store(true, Ordering::SeqCst);
                     } else {
-                        unsafe { ALWAYS_USE_RELAY = false };
+                        ALWAYS_USE_RELAY.store(false, Ordering::SeqCst);
                     }
                     self.tx.send(Data::RelayServers0(rs.to_owned())).ok();
                 } else {
-                    let _ = writeln!(res, "ALWAYS_USE_RELAY: {:?}", unsafe { ALWAYS_USE_RELAY });
+                    let _ = writeln!(
+                        res,
+                        "ALWAYS_USE_RELAY: {:?}",
+                        ALWAYS_USE_RELAY.load(Ordering::SeqCst)
+                    );
                 }
             }
             Some("test-geo" | "tg") => {
@@ -1053,7 +1059,7 @@ impl RendezvousServer {
         if addr.ip().is_loopback() {
             tokio::spawn(async move {
                 let mut stream = stream;
-                let mut buffer = [0; 64];
+                let mut buffer = [0; 1024];
                 if let Ok(Ok(n)) = timeout(1000, stream.read(&mut buffer[..])).await {
                     if let Ok(data) = std::str::from_utf8(&buffer[..n]) {
                         let res = rs.check_cmd(data).await;
@@ -1191,8 +1197,16 @@ impl RendezvousServer {
     #[inline]
     fn is_lan(&self, addr: SocketAddr) -> bool {
         if let Some(network) = &self.inner.mask {
-            if let SocketAddr::V4(addr) = addr {
-                return network.contains(*addr.ip());
+            match addr {
+                SocketAddr::V4(v4_socket_addr) => {
+                    return network.contains(*v4_socket_addr.ip());
+                }
+
+                SocketAddr::V6(v6_socket_addr) => {
+                    if let Some(v4_addr) = v6_socket_addr.ip().to_ipv4() {
+                        return network.contains(v4_addr);
+                    }
+                }
             }
         }
         false
@@ -1228,6 +1242,15 @@ async fn check_relay_servers(rs0: Arc<RelayServers>, tx: Sender) {
 
 // temp solution to solve udp socket failure
 async fn test_hbbs(addr: SocketAddr) -> ResultType<()> {
+    let mut addr = addr;
+    if addr.ip().is_unspecified() {
+        addr.set_ip(if addr.is_ipv4() {
+            IpAddr::V4(Ipv4Addr::LOCALHOST)
+        } else {
+            IpAddr::V6(Ipv6Addr::LOCALHOST)
+        });
+    }
+
     let mut socket = FramedSocket::new(config::Config::get_any_listen_addr(addr.is_ipv4())).await?;
     let mut msg_out = RendezvousMessage::new();
     msg_out.set_register_peer(RegisterPeer {
@@ -1241,8 +1264,7 @@ async fn test_hbbs(addr: SocketAddr) -> ResultType<()> {
         tokio::select! {
           _ = timer.tick() => {
               if last_time_recv.elapsed().as_secs() > 12 {
-                 log::error!("Timeout of test_hbbs");
-                 std::process::exit(1);
+                  bail!("Timeout of test_hbbs");
               }
               socket.send(&msg_out, addr).await?;
           }

systemd/rustdesk-hbbr.service

@@ -10,8 +10,8 @@ WorkingDirectory=/var/lib/rustdesk-server/
 User=
 Group=
 Restart=always
-StandardOutput=append:/var/log/rustdesk/rustdesk-hbbr.log
-StandardError=append:/var/log/rustdesk/rustdesk-hbbr.error
+StandardOutput=append:/var/log/rustdesk-server/hbbr.log
+StandardError=append:/var/log/rustdesk-server/hbbr.error
 # Restart service after 10 seconds if node service crashes
 RestartSec=10
 

systemd/rustdesk-hbbs.service

@@ -10,8 +10,8 @@ WorkingDirectory=/var/lib/rustdesk-server/
 User=
 Group=
 Restart=always
-StandardOutput=append:/var/log/rustdesk/rustdesk-hbbs.log
-StandardError=append:/var/log/rustdesk/rustdesk-hbbs.error
+StandardOutput=append:/var/log/rustdesk-server/hbbs.log
+StandardError=append:/var/log/rustdesk-server/hbbs.error
 # Restart service after 10 seconds if node service crashes
 RestartSec=10
 

ui/setup.nsi

@@ -15,7 +15,7 @@
 !define PRODUCT_NAME "rustdesk_server"
 !define PRODUCT_DESCRIPTION "Installer for ${PRODUCT_NAME}"
 !define COPYRIGHT "Copyright © 2021"
-!define VERSION "1.1.7"
+!define VERSION "1.1.10"
 
 VIProductVersion "${VERSION}.0"
 VIAddVersionKey "ProductName" "${PRODUCT_NAME}"
@@ -143,10 +143,10 @@ Section "Install"
   CreateShortCut "$SMPROGRAMS\${APP_NAME}\Uninstall.lnk" "$INSTDIR\uninstall.exe"
   CreateShortCut "$DESKTOP\${APP_NAME}.lnk" "$INSTDIR\${PRODUCT_NAME}.exe"
 
-  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=in action=allow program="$INSTDIR\hbbs.exe" enable=yes'
-  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=out action=allow program="$INSTDIR\hbbs.exe" enable=yes'
-  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=in action=allow program="$INSTDIR\hbbr.exe" enable=yes'
-  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=out action=allow program="$INSTDIR\hbbr.exe" enable=yes'
+  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=in action=allow program="$INSTDIR\bin\hbbs.exe" enable=yes'
+  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=out action=allow program="$INSTDIR\bin\hbbs.exe" enable=yes'
+  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=in action=allow program="$INSTDIR\bin\hbbr.exe" enable=yes'
+  nsExec::Exec 'netsh advfirewall firewall add rule name="${APP_NAME}" dir=out action=allow program="$INSTDIR\bin\hbbr.exe" enable=yes'
   ExecWait 'powershell.exe -NoProfile -windowstyle hidden try { [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12 } catch {}; Invoke-WebRequest -Uri "https://go.microsoft.com/fwlink/p/?LinkId=2124703" -OutFile "$$env:TEMP\MicrosoftEdgeWebview2Setup.exe" ; Start-Process -FilePath "$$env:TEMP\MicrosoftEdgeWebview2Setup.exe" -ArgumentList ($\'/silent$\', $\'/install$\') -Wait'
 SectionEnd