RustDesk/rustdesk-server
1
0
Fork 0
mirror of https://github.com/rustdesk/rustdesk-server.git synced 2026-02-17 22:10:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: RustDesk:1.1.8-1
Branches Tags
RustDesk:master
RustDesk:1.1.15 RustDesk:1.1.14 RustDesk:1.1.13 RustDesk:1.1.12 RustDesk:1.1.11-1 RustDesk:1.1.11 RustDesk:1.1.10-3 RustDesk:1.1.10-2 RustDesk:1.1.10 RustDesk:1.1.9 RustDesk:1.1.8-2 RustDesk:1.1.8-1 RustDesk:1.1.8 RustDesk:1.1.7-4 RustDesk:1.1.7-3 RustDesk:1.1.7-2 RustDesk:1.1.7-1 RustDesk:1.1.7 RustDesk:1.1.6-2 RustDesk:1.1.6-1 RustDesk:1.1.6 RustDesk:1.1.5-1 RustDesk:1.1.5 RustDesk:1.0.0
...
compare: RustDesk:1.1.12
Branches Tags
RustDesk:master
RustDesk:1.1.15 RustDesk:1.1.14 RustDesk:1.1.13 RustDesk:1.1.12 RustDesk:1.1.11-1 RustDesk:1.1.11 RustDesk:1.1.10-3 RustDesk:1.1.10-2 RustDesk:1.1.10 RustDesk:1.1.9 RustDesk:1.1.8-2 RustDesk:1.1.8-1 RustDesk:1.1.8 RustDesk:1.1.7-4 RustDesk:1.1.7-3 RustDesk:1.1.7-2 RustDesk:1.1.7-1 RustDesk:1.1.7 RustDesk:1.1.6-2 RustDesk:1.1.6-1 RustDesk:1.1.6 RustDesk:1.1.5-1 RustDesk:1.1.5 RustDesk:1.0.0

49 Commits
1.1.8-1 ... 1.1.12

Author SHA1 Message Date
rustdesk
6f18a97644 v1.1.12 2024-10-07 16:21:36 +08:00
XLion
3b386b6b54 feat: Publish container images to GitHub ghcr.io (#473) 
* ghcr

* fix name

* ghcr

* ghcr

* ghcr

* ghcr

* ghcr

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr classic

* ghcr classic

* ghcr: better naming and tidy up

* ghcr classic fix chmod

* tidy up

* tidy up

* if-no-files-found: error
 2024-09-30 08:46:35 +08:00
Fionera
b37033d92c docs: the servers are by comma instead of colon (#462) 2024-09-28 23:34:47 +08:00
XLion
b7bab80bfe Bump S6 overlay and fix env warnings (#472) 2024-09-28 23:33:47 +08:00
Dominik Hassler
041a603173 add illumos support (#433) 2024-06-29 22:25:47 +08:00
rustdesk
e40994d62e remove useless KEY_FOR_API 2024-05-26 21:43:13 +08:00
rustdesk
5078a1f797 reuse port, and revert hbbr -k 2024-05-24 18:37:11 +08:00
rustdesk
a22dacce0c fix ci 2024-05-24 18:09:12 +08:00
rustdesk
064c9e4bb4 fix ci 2024-05-24 18:02:39 +08:00
rustdesk
3cf0f6560f bump to 1.1.11 2024-05-24 17:59:53 +08:00
rustdesk
c4c26dd6d7 change -k to default _ 2024-05-24 17:57:37 +08:00
r00t
4240c47244 Add Simplified Chinese Readme File. (#409) 2024-04-24 19:04:02 +08:00
writegr
6e91f41a10 chore: fix some typos in comments (#404) 
Signed-off-by: writegr <wellweek@outlook.com>
 2024-04-18 14:39:10 +08:00
3x3cut0r
1a7cee157c Update README.md (#389) 
RELAY_SERVERS was renamed RELAY, as this variable does not exist
 2024-03-15 21:30:12 +08:00
dforel
72641270f1 Update README.md (#388) 
* Update README.md

增加一点可能出错的提示

* Update README.md

* Update README.md

---------

Co-authored-by: RustDesk <71636191+rustdesk@users.noreply.github.com>
 2024-03-15 10:22:21 +08:00
tschettervictor
19f8d3a0f4 Add description of relay server variable for clarity (#378) 
Since the "rustdesk_hbbs_ip" is not where the server should listen on, but actually the relay server to use, I added a description that will clarify this
 2024-02-27 21:44:56 +08:00
XLion
bac9548f86 Add README for Traditional Chinese (#364) 
* Add README-TW.md

* Add "繁體中文" hyperlink to README.md

* Add English hyperlink to README-TW.md

* Add "繁體中文" hyperlink to README-NL.md

* Add "繁體中文" hyperlink to README-DE.md
 2024-02-16 10:48:19 +08:00
rustdesk
79f0eb497b trim private key 2024-01-31 11:30:42 +08:00
Paolo Asperti
94ae51458c fix Pk size check (#361) 
* more descriptive error

* fix key size check
 2024-01-31 11:21:00 +08:00
rustdesk
778c89efb1 bump to 1.1.10-3 2024-01-31 11:20:04 +08:00
rustdesk
a7a0fa7cb5 bump to 1.1.10-2 2024-01-30 19:23:36 +08:00
RustDesk
2d8f6ae4f4 Update changelog 2024-01-30 19:16:44 +08:00
RustDesk
324dfd6a1f fix https://github.com/rustdesk/rustdesk-server/issues/306 2024-01-30 19:02:30 +08:00
RustDesk
70242e6eb2 Update common.rs 2024-01-30 18:29:04 +08:00
RustDesk
42cdfb0885 Merge pull request #348 from paspo/pk-check 
private key size check
 2024-01-30 18:24:04 +08:00
paspo
cea8403dbc private key size check 2024-01-30 11:18:43 +01:00
RustDesk
0ebfc09f8b Merge pull request #333 from ledeuns/patch-1 
Update mac_address
 2023-12-25 08:49:52 +08:00
Denis Fondras
2e06125974 Update mac_address 
The latest version of mac_address allows to compile rustdesk-server on OpenBSD
 2023-12-24 18:21:51 +01:00
RustDesk
fc775102ff Delete .github/workflows/test-selfhosted.yaml 2023-12-22 20:03:30 +08:00
RustDesk
891f388040 Merge pull request #328 from paspo/slim-docker-classic 
minimal docker classic images
 2023-12-07 17:09:11 +08:00
paspo
8b7f3491b1 minimal docker classic images 2023-12-07 08:15:00 +01:00
rustdesk
27ac9dec56 remove docker again 2023-12-06 02:05:33 +08:00
rustdesk
acf2c6d787 try archlinux/archlinux:base-devel 2023-12-06 01:19:57 +08:00
rustdesk
5f137710be do not use docker for the runner 2023-12-06 00:33:52 +08:00
rustdesk
1a6016f08f specify image 2023-12-06 00:28:59 +08:00
rustdesk
f67e8991ef test self-hosted runner 2023-12-05 23:43:41 +08:00
rustdesk
d81010224d remove sign 2023-12-05 17:22:40 +08:00
rustdesk
4c27143125 bump 1.1.9 2023-12-05 17:09:07 +08:00
rustdesk
9461bbe8f3 remove unused 2023-12-01 11:33:16 +08:00
rustdesk
1142cf105b Fix #324 to remove unsafe 2023-12-01 11:32:07 +08:00
RustDesk
5133af1863 Merge pull request #320 from tschettervictor/patch-1 
Update rustdesk-hbbs
 2023-11-17 11:44:29 +08:00
tschettervictor
7c7d554609 Update rustdesk-hbbs 
typo
 2023-11-16 18:27:01 -07:00
RustDesk
272a094fde Delete ask-a-question.md 2023-08-08 10:18:04 +08:00
RustDesk
b33d7954be Merge pull request #292 from dinger1986/master 
Update README.md
 2023-08-04 16:43:06 +08:00
dinger1986
f519be8e92 Update README.md 2023-08-04 09:23:02 +01:00
RustDesk
33331be361 Merge pull request #289 from madpilot78/FreeBSD_rc_scripts_fixes 
FreeBSD rc scripts fixes
 2023-07-25 13:24:21 +08:00
Guido Falsi
04a9d307c5 Change chdir location to /var/db, according to hier(7). 
BSD systems do not really have a /var/lib directory, although it happens to exist on live systems because some installed software creates it.
 2023-07-24 17:06:23 +02:00
Guido Falsi
35c2386c98 Remove unneeded quotes. 2023-07-24 17:05:57 +02:00
Guido Falsi
4f41300450 Fix comments. 2023-07-24 17:01:34 +02:00
27 changed files with 1236 additions and 326 deletions
Expand all files Collapse all files

14
.github/ISSUE_TEMPLATE/ask-a-question.md vendored
View File

@@ -1,14 +0,0 @@
---
name: Ask a question
about: Ask the community for help
title: ''
labels: 'question'
assignees: ''
---
This is the place for generic questions. Please stay on topic and be polite.
**Notes**
- Please write in english only. If you provide some images in different languages, you're required to write a translation in english.
- In any case, **NEVER** put here the content if your `id_ed25519` file

24
.github/workflows/build.yaml vendored
View File

@@ -113,6 +113,7 @@ jobs:
- name: Sign exe files
uses: GermanBluefox/code-sign-action@v7
if: false
with:
certificate: '${{ secrets.WINDOWS_PFX_BASE64 }}'
password: '${{ secrets.WINDOWS_PFX_PASSWORD }}'
@@ -141,6 +142,7 @@ jobs:
- name: Sign UI setup file
uses: GermanBluefox/code-sign-action@v7
if: false
with:
certificate: '${{ secrets.WINDOWS_PFX_BASE64 }}'
password: '${{ secrets.WINDOWS_PFX_PASSWORD }}'
@@ -171,12 +173,12 @@ jobs:
fail-fast: false
matrix:
job:
- { os: "linux", name: "amd64" }
- { os: "linux", name: "arm64v8" }
- { os: "linux", name: "armv7" }
- { os: "linux", name: "i386" }
- { os: "linux", name: "amd64fb" }
- { os: "windows", name: "x86_64" }
- { os: "linux", name: "amd64", suffix: "" }
- { os: "linux", name: "arm64v8", suffix: "" }
- { os: "linux", name: "armv7", suffix: "" }
- { os: "linux", name: "i386", suffix: "" }
- { os: "linux", name: "amd64fb", suffix: "" }
- { os: "windows", name: "x86_64", suffix: "-unsigned" }
steps:
@@ -193,13 +195,13 @@ jobs:
run: |
sudo apt update
DEBIAN_FRONTEND=noninteractive sudo apt install -y zip
zip ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}.zip ${{ matrix.job.name }}/*
zip ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}${{ matrix.job.suffix }}.zip ${{ matrix.job.name }}/*
- name: Create Release (${{ matrix.job.os }} - (${{ matrix.job.name }})
uses: softprops/action-gh-release@v1
with:
draft: true
files: ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}.zip
files: ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}${{ matrix.job.suffix }}.zip
# docker build and push of single-arch images
docker:
@@ -258,11 +260,12 @@ jobs:
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
- name: Build and push Docker image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v5
with:
context: "./docker"
platforms: ${{ matrix.job.docker_platform }}
push: true
provenance: false
build-args: |
S6_ARCH=${{ matrix.job.s6_platform }}
tags: |
@@ -378,11 +381,12 @@ jobs:
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
- name: Build and push Docker image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v5
with:
context: "./docker-classic"
platforms: ${{ matrix.job.docker_platform }}
push: true
provenance: false
tags: |
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}

329
.github/workflows/ghcr.yml vendored Normal file
View File

@@ -0,0 +1,329 @@
name: Build and publish to ghcr.io
on:
workflow_dispatch:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
- '[0-9]+.[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-[0-9]+'
- '[0-9]+.[0-9]+.[0-9]+-[0-9]+'
env:
CARGO_TERM_COLOR: always
LATEST_TAG: latest
permissions:
contents: read
packages: write # So need to set "secrets.GITHUB_TOKEN"
jobs:
# Binary build
build:
name: Build - ${{ matrix.job.name }}
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
job:
- { name: "amd64", target: "x86_64-unknown-linux-musl" }
- { name: "arm64v8", target: "aarch64-unknown-linux-musl" }
- { name: "armv7", target: "armv7-unknown-linux-musleabihf" }
- { name: "i386", target: "i686-unknown-linux-musl" }
#- { name: "amd64fb", target: "x86_64-unknown-freebsd" }
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@v1
with:
toolchain: "1.70.0"
targets: ${{ matrix.job.target }}
components: "rustfmt"
- uses: Swatinem/rust-cache@v2
with:
prefix-key: ${{ matrix.job.os }}
- name: Build
uses: actions-rs/cargo@v1
with:
command: build
args: --release --all-features --target=${{ matrix.job.target }}
use-cross: true
- name: Exec chmod
run: chmod -v a+x target/${{ matrix.job.target }}/release/*
- name: Publish Artifacts
uses: actions/upload-artifact@v4
with:
name: binaries-linux-${{ matrix.job.name }}
path: |
target/${{ matrix.job.target }}/release/hbbr
target/${{ matrix.job.target }}/release/hbbs
target/${{ matrix.job.target }}/release/rustdesk-utils
if-no-files-found: error
# Build and push single-arch Docker images to ghcr.io
create-s6-overlay-images:
name: Docker push - ${{ matrix.job.name }}
needs: build
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
job:
- { name: "amd64", docker_platform: "linux/amd64", s6_platform: "x86_64" }
- { name: "arm64v8", docker_platform: "linux/arm64", s6_platform: "aarch64" }
- { name: "armv7", docker_platform: "linux/arm/v7", s6_platform: "armhf" }
- { name: "i386", docker_platform: "linux/386", s6_platform: "i686" }
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download binaries
uses: actions/download-artifact@v4
with:
pattern: binaries-linux-${{ matrix.job.name }}
path: docker/rootfs/usr/bin
merge-multiple: true
- name: Make binaries executable
run: chmod -v a+x docker/rootfs/usr/bin/*
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}-s6
- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: "./docker"
platforms: ${{ matrix.job.docker_platform }}
push: true
provenance: false
build-args: |
S6_ARCH=${{ matrix.job.s6_platform }}
tags: |
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
labels: ${{ steps.meta.outputs.labels }}
# Set up minifest and tag for pushed image
create-s6-overlay-images-manifest:
name: Manifest for s6-overlay images
needs: create-s6-overlay-images
runs-on: ubuntu-24.04
steps:
- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
# Create and push manifest for :ve.rs.ion tag
- name: Create and push manifest (:ve.rs.ion)
uses: Noelware/docker-manifest-action@master
if: github.event_name != 'workflow_dispatch'
with:
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-amd64,
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-armv7,
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-i386
push: true
# Create and push manifest for :major tag
- name: Create and push manifest (:major)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-amd64,
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-armv7,
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-i386
push: true
# Create and push manifest for :latest tag
- name: Create and push manifest (:latest)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-amd64,
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-armv7,
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-i386
push: true
# Build and push single-arch Docker images to ghcr.io
create-classic-images:
name: Docker push - ${{ matrix.job.name }}
needs: build
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
job:
- { name: "amd64", docker_platform: "linux/amd64" }
- { name: "arm64v8", docker_platform: "linux/arm64" }
- { name: "armv7", docker_platform: "linux/arm/v7" }
- { name: "i386", docker_platform: "linux/386" }
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download binaries
uses: actions/download-artifact@v4
with:
pattern: binaries-linux-${{ matrix.job.name }}
path: docker-classic
merge-multiple: true
- name: Make binaries executable
run: chmod -v a+x docker-classic/*
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: "./docker-classic"
platforms: ${{ matrix.job.docker_platform }}
push: true
provenance: false
tags: |
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
labels: ${{ steps.meta.outputs.labels }}
# Set up minifest and tag for pushed image
create-classic-images-manifest:
name: Manifest for classic images
needs: create-classic-images
runs-on: ubuntu-24.04
steps:
- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
# Create and push manifest for :ve.rs.ion tag
- name: Create and push manifest (:ve.rs.ion)
uses: Noelware/docker-manifest-action@master
if: github.event_name != 'workflow_dispatch'
with:
base-image: ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-amd64,
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-armv7,
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-i386
push: true
# Create and push manifest for :major tag
- name: Create and push manifest (:major)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-amd64,
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-armv7,
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-i386
push: true
# Create and push manifest for :latest tag
- name: Create and push manifest (:latest)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-amd64,
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-armv7,
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-i386
push: true

1
.gitignore vendored
View File

@@ -9,3 +9,4 @@ debian/debhelper-build-stamp
src/version.rs
db_v2.sqlite3
test.*
.idea

6
Cargo.lock generated
View File

@@ -779,7 +779,7 @@ dependencies = [
[[package]]
name = "hbbs"
version = "1.1.8"
version = "1.1.12"
dependencies = [
"async-speed-limit",
"async-trait",
@@ -1111,9 +1111,9 @@ dependencies = [
[[package]]
name = "mac_address"
version = "1.1.3"
version = "1.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df1d1bc1084549d60725ccc53a2bfa07f67fe4689fda07b05a36531f2988104a"
checksum = "4863ee94f19ed315bf3bc00299338d857d4b5bc856af375cc97d237382ad3856"
dependencies = [
"nix",
"winapi",

4
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package]
name = "hbbs"
version = "1.1.8"
version = "1.1.12"
authors = ["rustdesk <info@rustdesk.com>"]
edition = "2021"
build = "build.rs"
@@ -26,7 +26,7 @@ clap = "2"
rust-ini = "0.18"
minreq = { version = "2.4", features = ["punycode"] }
machine-uid = "0.2"
mac_address = "1.1"
mac_address = "1.1.5"
whoami = "1.2"
base64 = "0.13"
axum = { version = "0.5", features = ["headers"] }

2
README-DE.md
View File

@@ -5,7 +5,7 @@
<a href="#ein-schlüsselpaar-erstellen">Schlüsselpaar</a> •
<a href="#debian-pakete">Debian-Pakete</a> •
<a href="#umgebungsvariablen">Umgebungsvariablen</a><br>
[<a href="README.md">English</a>] | [<a href="README-NL.md">Nederlands</a>]<br>
[<a href="README.md">English</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server-Programm

2
README-NL.md
View File

@@ -5,7 +5,7 @@
<a href="#hoe-maak-je-een-key-paar">Key paar</a> •
<a href="#deb-pakketten">Debian pakketten</a> •
<a href="#env-variabelen">ENV variabelen</a><br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>]<br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server Programa

347
README-TW.md Normal file
View File

@@ -0,0 +1,347 @@
<p align="center">
<a href="#如何自行建置">自行建置</a> •
<a href="#Docker-映像檔">Docker</a> •
<a href="#基於-S6-overlay-的映象檔">S6-overlay</a> •
<a href="#如何建立金鑰對">金鑰對</a> •
<a href="#deb-套件">Debian</a> •
<a href="#ENV-環境參數">環境參數</a><br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server Program
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
[**下載**](https://github.com/rustdesk/rustdesk-server/releases)
[**說明文件**](https://rustdesk.com/docs/zh-tw/self-host/)
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
自行建置屬於您自己的 RustDesk 伺服器,它是免費的且開源。
## 如何自行建置
```bash
cargo build --release
```
在 target/release 中會產生三個可執行檔。
- hbbs - RustDesk ID/會合伺服器
- hbbr - RustDesk 中繼伺服器
- rustdesk-utils - RustDesk 命令行工具
您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 頁面上找到更新的執行檔。
如果您需要額外功能,[RustDesk 專業版伺服器](https://rustdesk.com/pricing.html) 或許更適合您。
如果您想開發自己的伺服器,[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 可能是一個比這個倉庫更好、更簡單的開始。
## Docker 映像檔
Docker 映像檔會在每次 GitHub 發布時自動生成並發布。我們有兩種映像檔。
### Classic 映像檔
這些映像檔是基於 `ubuntu-20.04` 建置的,僅添加了兩個主要的執行檔(`hbbr``hbbs`)。它們可在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上取得帶有以下tags
| 架構 | image:tag |
| ------- | ----------------------------------------- |
| amd64 | `rustdesk/rustdesk-server:latest` |
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
您可以使用以下指令,直接透過 ``docker run`` 來啟動這些映像檔:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
或刪去 `--net=host` 但 P2P 直接連線會無法運作。
對於使用 SELinux 的系統,需要將 ``/root`` 替換為 ``/root:z``,以便容器正確運行。或者,也可以通過添加選項 ``--security-opt label=disable`` 完全禁用 SELinux 容器隔離。
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
`relay-server-ip` 參數是執行這些容器的伺服器的 IP 地址(或 DNS 名稱)。如果您為 `hbbr` 使用的端口不是 **21117**,則必須使用 **可選** 的 `port` 參數。
您也可以使用 docker-compose 使用這個設定做為範例:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
請編輯第 16 行,將其指向您的中繼伺服器 (監聽端口 21117 那一個)。 如果需要的話,您也可以編輯 volume (第 18 和 33 行)。
(感謝 @lukebarone 和 @QuiGonLeong 協助提供 docker-compose 的設定範例)
## 基於 S6-overlay 的映象檔
這些映象檔是針對 `busybox:stable` 建置的並添加了執行檔hbbr 和 hbbs以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它們在以及這些 tags 在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 可用:
| 架構 | version | image:tag |
| --------- | ------- | -------------------------------------------- |
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
強烈建議您使用 `multiarch` 映象檔 可以選擇使用 `major version` 或 `latest` tags。
S6-overlay 在此充當監督程序,保持兩個進程運行,因此使用此映象檔,您無需運行兩個獨立的容器。
您可以直接使用以下命令使用 `docker run` 來啟動這個映象檔:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或刪去 `--net=host` 但 P2P 直接連線會無法運作。
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或是您可以使用 docker-compose 文件:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
對於此容器映象檔,您可以使用這些環境變數,**除了**以下**環境變數**部分指定的那些。
| 環境變數 | 是否可選 | 敘述 |
| -------------- | -------- | ------------------------------------------ |
| RELAY | 否 | 運行此容器的機器的 IP 地址/ DNS 名稱 |
| ENCRYPTED_ONLY | 是 | 如果設置為 **"1"**,將不接受未加密的連接。 |
| KEY_PUB | 是 | 金鑰對中的公鑰Public Key |
| KEY_PRIV | 是 | 金鑰對中的私鑰Private Key |
### 在基於 S6-overlay 的 Secret 管理
您可以將金鑰對保存在 Docker volume 中,但最佳實踐建議不要將金鑰寫入文件系統;因此,我們提供了一些選項。
在容器啟動時,會檢查金鑰對的是否存在(`/data/id_ed25519.pub` 和 `/data/id_ed25519`),如果其中一個金鑰不存在,則會從環境變數或 Docker Secret 重新生成它。
然後檢查金鑰對的有效性:如果公鑰和私鑰不匹配,容器將停止運行。
如果您未提供金鑰,`hbbs` 將為您產生一個,並將其放置在默認位置。
#### 使用 ENV 存儲金鑰對
您可以使用 Docker 環境變數來儲存金鑰。只需按照以下範例操作:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### 使用 Docker Secret 來儲存金鑰對
您還可以使用 Docker Secret來儲存金鑰。
如果您使用 **docker-compose** 或 **docker swarm**,這很有用。
只需按照以下示例操作:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## 如何建立金鑰對
加密需要一對金鑰;您可以按照前面所述提供它,但需要一種生成金鑰對的方法。
您可以使用以下命令生成一對金鑰:
```bash
/usr/bin/rustdesk-utils genkeypair
```
如果您沒有(或不想)在系統上安裝 `rustdesk-utils` 套件,您可以使用 Docker執行相同的命令
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
輸出將類似於以下內容:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## .deb 套件
每個執行檔都有單獨的 .deb 套件可供使用,您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 中找到它們。
這些套件適用於以下發行版:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 11 bullseye
- Debian 10 buster
## ENV 環境參數
可以使用這些 ENV 參數來配置 hbbs 和 hbbr。
您可以像往常一樣指定參數,或者使用 .env 文件。
| 參數 | 執行檔 | 敘述 |
| --------------------- | --------- | -------------------------------------------------------------------- |
| ALWAYS_USE_RELAY | hbbs | 如果設為 **"Y"**,禁止直接點對點連接 |
| DB_URL | hbbs | 資料庫的路徑 |
| DOWNGRADE_START_CHECK | hbbr | 降級檢查之前的延遲時間(以秒為單位) |
| DOWNGRADE_THRESHOLD | hbbr | 降級檢查的閾值bit/ms |
| KEY | hbbs/hbbr | 如果設置了,將強制使用特定金鑰,如果設為 **"_"**,則強制使用任何金鑰 |
| LIMIT_SPEED | hbbr | 速度限制以Mb/s為單位 |
| PORT | hbbs/hbbr | 監聽端口hbbs為21116hbbr為21117 |
| RELAY_SERVERS | hbbs | 運行hbbr的機器的IP地址/DNS名稱用逗號分隔 |
| RUST_LOG | all | 設定 debug level (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | 單個連接的最大頻寬以Mb/s為單位 |
| TOTAL_BANDWIDTH | hbbr | 最大總頻寬以Mb/s為單位 |

348
README-ZH.md Normal file
View File

@@ -0,0 +1,348 @@
<p align="center">
<a href="#如何自行构建">自行构建</a> •
<a href="#Docker-镜像">Docker</a> •
<a href="#基于-S6-overlay-的镜像">S6-overlay</a> •
<a href="#如何创建密钥">密钥</a> •
<a href="#deb-套件">Debian</a> •
<a href="#ENV-环境参数">环境参数</a><br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁体中文</a>]<br>
</p>
# RustDesk Server Program
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
[**下载**](https://github.com/rustdesk/rustdesk-server/releases)
[**说明文件**](https://rustdesk.com/docs/zh-cn/self-host/)
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
自行搭建属于你的RustDesk服务器,所有的一切都是免费且开源的
## 如何自行构建
```bash
cargo build --release
```
执行后会在target/release目录下生成三个对应平台的可执行程序
- hbbs - RustDesk ID/会和服务器
- hbbr - RustDesk 中继服务器
- rustdesk-utils - RustDesk 命令行工具
您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到最新的服务端软件。
如果您需要额外的功能支持,[RustDesk 专业版服务器](https://rustdesk.com/pricing.html) 获取更适合您。
如果您想开发自己的服务器,[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 应该会比直接使用这个仓库更简单快捷。
## Docker 镜像
Docker镜像会在每次 GitHub 发布新的release版本时自动构建。我们提供两种类型的镜像。
### Classic 传统镜像
这个类型的镜像是基于 `ubuntu-20.04` 进行构建,镜像仅包含两个主要的可执行程序(`hbbr``hbbs`。它们可以通过以下tag在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上获得:
| 架构 | image:tag |
|---------| ----------------------------------------- |
| amd64 | `rustdesk/rustdesk-server:latest` |
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
您可以使用以下命令,直接通过 ``docker run`` 來启动这些镜像:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
或不使用 `--net=host` 参数启动, 但这样 P2P 直连功能将无法工作。
对于使用了 SELinux 的系统,您需要将 ``/root`` 替换为 ``/root:z``,以保证容器的正常运行。或者,也可以通过添加参数 ``--security-opt label=disable`` 来完全禁用 SELinux 容器隔离。
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
`relay-server-ip` 参数是运行这些容器的服务器的 IP 地址(或 DNS 名称)。如果你不想使用 **21117** 作为 `hbbr` 的服务端口,可使用可选参数 `port` 进行指定。
您也可以使用 docker-compose 进行构建,以下为配置示例:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
编辑第16行来指定你的中继服务器 (默认端口监听在 21117 的那一个)。 如果需要的话,您也可以编辑 volume 信息 (第 18 和 33 行)。
(感谢 @lukebarone 和 @QuiGonLeong 协助提供的 docker-compose 配置示例)
## 基于 S6-overlay 的镜像
> 这些镜像是针对 `busybox:stable` 构建的并添加了可执行程序hbbr 和 hbbs以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它们可以使用以下tag在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 上获取:
| 架構 | version | image:tag |
| --------- | ------- | -------------------------------------------- |
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
强烈建议您使用`major version` 或 `latest` tag 的 `multiarch` 架构的镜像。
S6-overlay 在此处作为监控程序,用以保证两个进程的运行,因此使用此镜像,您无需运行两个容器。
您可以使用 `docker run` 命令直接启动镜像,如下:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或刪去 `--net=host` 参数, 但 P2P 直连功能将无法工作。
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或着您也可以使用 docker-compose 文件:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
对于此容器镜像,除了在下面的环境变量部分指定的变量之外,您还可以使用以下`环境变量`
| 环境变量 | 是否可选 | 描述 |
|----------------|------|--------------------------|
| RELAY | 否 | 运行此容器的宿主机的 IP 地址/ DNS 名称 |
| ENCRYPTED_ONLY | 是 | 如果设置为 **"1"**,将不接受未加密的连接。 |
| KEY_PUB | 是 | 密钥对中的公钥Public Key |
| KEY_PRIV | 是 | 密钥对中的私钥Private Key |
### 基于 S6-overlay 镜像的密钥管理
您可以将密钥对保存在 Docker volume 中,但我们建议不要将密钥写入文件系統中;因此,我们提供了一些方案。
在容器启动时,会检查密钥对是否存在(`/data/id_ed25519.pub` 和 `/data/id_ed25519`),如果其中一個密钥不存在,则会从环境变量或 Docker Secret 中重新生成它。
然后检查密钥对的可用性:如果公钥和私钥不匹配,容器将停止运行。
如果您未提供密钥,`hbbs` 将会在默认位置生成一个。
#### 使用 ENV 存储密钥对
您可以使用 Docker 环境变量來存储密钥。如下:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### 使用 Docker Secret 來保存密钥对
您还可以使用 Docker Secret 來保存密钥。
如果您使用 **docker-compose** 或 **docker swarm**,推荐您使用。
只需按照以下示例操作:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## 如何生成密钥对
加密需要一对密钥;您可以按照前面所述提供它,但需要一个工具去生成密钥对。
您可以使用以下命令生成一对密钥:
```bash
/usr/bin/rustdesk-utils genkeypair
```
如果您沒有(或不想)在系统上安装 `rustdesk-utils` 套件,您可以使用 Docker 执行相同的命令:
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
运行后的输出内容如下:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## .deb 套件
每个可执行文件都有单独的 .deb 套件可供使用,您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到它們。
這些套件适用于以下发行版:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 11 bullseye
- Debian 10 buster
## ENV 环境变量
可以使用这些`环境变量`参数來配置 hbbs 和 hbbr。
您可以像往常一样指定参数,或者使用 .env 文件。
| 参数 | 可执行文件 | 描述 |
|-----------------------|---------------|--------------------------------------------------|
| ALWAYS_USE_RELAY | hbbs | 如果设定为 **"Y"**,将关闭直接点对点连接功能 |
| DB_URL | hbbs | 数据库配置 |
| DOWNGRADE_START_CHECK | hbbr | 降级检查之前的延迟是啊尽(以秒为单位) |
| DOWNGRADE_THRESHOLD | hbbr | 降级检查的阈值bit/ms |
| KEY | hbbs/hbbr | 如果设置了此参数,将强制使用指定密钥对,如果设为 **"_"**,则强制使用任意密钥 |
| LIMIT_SPEED | hbbr | 速度限制以Mb/s为单位 |
| PORT | hbbs/hbbr | 监听端口hbbs为21116hbbr为21117 |
| RELAY_SERVERS | hbbs | 运行hbbr的机器的IP地址/DNS名称用逗号分隔 |
| RUST_LOG | all | 设置 debug level (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | 单个连接的最大带宽以Mb/s为单位 |
| TOTAL_BANDWIDTH | hbbr | 最大总带宽以Mb/s为单位 |

9
README.md
View File

@@ -5,7 +5,7 @@
<a href="#how-to-create-a-keypair">Keypair</a> •
<a href="#deb-packages">Debian</a> •
<a href="#env-variables">Variables</a><br>
[<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>]<br>
[<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server Program
@@ -34,6 +34,8 @@ Three executables will be generated in target/release.
You can find updated binaries on the [releases](https://github.com/rustdesk/rustdesk-server/releases) page.
If you want extra features [RustDesk Server Pro](https://rustdesk.com/pricing.html) might suit you better.
If you want to develop your own server, [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) might be a better and simpler start for you than this repo.
## Docker images
@@ -112,6 +114,9 @@ Edit line 16 to point to your relay server (the one listening on port 21117). Yo
(docker-compose credit goes to @lukebarone and @QuiGonLeong)
> Note that here, the rustdesk/rustdesk-server:latest in China may be replaced with the latest version number on dockerhub, such as rustdesk-server:1.1.10-3. Otherwise, the old version may be pulled due to image acceleration.
## S6-overlay based images
These images are build against `busybox:stable` with the addition of the binaries (both hbbr and hbbs) and [S6-overlay](https://github.com/just-containers/s6-overlay). They're available on [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) with these tags:
@@ -339,7 +344,7 @@ You can specify the variables as usual or use an `.env` file.
| KEY | hbbs/hbbr | if set force the use of a specific key, if set to **"_"** force the use of any key |
| LIMIT_SPEED | hbbr | speed limit (in Mb/s) |
| PORT | hbbs/hbbr | listening port (21116 for hbbs - 21117 for hbbr) |
| RELAY_SERVERS | hbbs | IP address/DNS name of the machines running hbbr (separated by comma) |
| RELAY | hbbs | IP address/DNS name of the machines running hbbr (separated by comma) |
| RUST_LOG | all | set debug level (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | max bandwidth for a single connection (in Mb/s) |
| TOTAL_BANDWIDTH | hbbr | max total bandwidth (in Mb/s) |

BIN
db_v2.sqlite3
View File

Binary file not shown.

23
debian/changelog vendored
View File

@@ -1,3 +1,26 @@
rustdesk-server (1.1.12) UNRELEASED; urgency=medium
* WS real ip
* Bump s6-overlay to v3.2.0.0 and fix env warnings
rustdesk-server (1.1.11-1) UNRELEASED; urgency=medium
* set reuse port to make restart friendly
* revert hbbr `-k` to not ruin back-compatibility
rustdesk-server (1.1.11) UNRELEASED; urgency=medium
* change -k to default '-', so you need not to set -k any more
rustdesk-server (1.1.10-3) UNRELEASED; urgency=medium
* fix on -2
rustdesk-server (1.1.10-2) UNRELEASED; urgency=medium
* fix hangup signal exit when run with nohup
* some minors
rustdesk-server (1.1.9) UNRELEASED; urgency=medium
* remove unsafe
rustdesk-server (1.1.8) UNRELEASED; urgency=medium
* fix test_hbbs and mask in lan

2
docker-classic/Dockerfile
View File

@@ -1,4 +1,4 @@
FROM ubuntu:20.04
FROM scratch
COPY hbbs /usr/bin/hbbs
COPY hbbr /usr/bin/hbbr
WORKDIR /root

6
docker/Dockerfile
View File

@@ -1,6 +1,6 @@
FROM busybox:stable
ARG S6_OVERLAY_VERSION=3.1.1.2
ARG S6_OVERLAY_VERSION=3.2.0.0
ARG S6_ARCH=x86_64
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz /tmp
@@ -12,8 +12,8 @@ RUN \
COPY rootfs /
ENV RELAY relay.example.com
ENV ENCRYPTED_ONLY 0
ENV RELAY=relay.example.com
ENV ENCRYPTED_ONLY=0
EXPOSE 21115 21116 21116/udp 21117 21118 21119

1
libs/hbb_common/src/lib.rs
View File

@@ -1,5 +1,4 @@
pub mod compress;
pub mod platform;
pub mod protos;
pub use bytes;
use config::Config;

157
libs/hbb_common/src/platform/linux.rs
View File

@@ -1,157 +0,0 @@
use crate::ResultType;
lazy_static::lazy_static! {
pub static ref DISTRO: Distro = Distro::new();
}
pub struct Distro {
pub name: String,
pub version_id: String,
}
impl Distro {
fn new() -> Self {
let name = run_cmds("awk -F'=' '/^NAME=/ {print $2}' /etc/os-release".to_owned())
.unwrap_or_default()
.trim()
.trim_matches('"')
.to_string();
let version_id =
run_cmds("awk -F'=' '/^VERSION_ID=/ {print $2}' /etc/os-release".to_owned())
.unwrap_or_default()
.trim()
.trim_matches('"')
.to_string();
Self { name, version_id }
}
}
pub fn get_display_server() -> String {
let mut session = get_values_of_seat0([0].to_vec())[0].clone();
if session.is_empty() {
// loginctl has not given the expected output. try something else.
if let Ok(sid) = std::env::var("XDG_SESSION_ID") {
// could also execute "cat /proc/self/sessionid"
session = sid;
}
if session.is_empty() {
session = run_cmds("cat /proc/self/sessionid".to_owned()).unwrap_or_default();
}
}
get_display_server_of_session(&session)
}
fn get_display_server_of_session(session: &str) -> String {
let mut display_server = if let Ok(output) =
run_loginctl(Some(vec!["show-session", "-p", "Type", session]))
// Check session type of the session
{
let display_server = String::from_utf8_lossy(&output.stdout)
.replace("Type=", "")
.trim_end()
.into();
if display_server == "tty" {
// If the type is tty...
if let Ok(output) = run_loginctl(Some(vec!["show-session", "-p", "TTY", session]))
// Get the tty number
{
let tty: String = String::from_utf8_lossy(&output.stdout)
.replace("TTY=", "")
.trim_end()
.into();
if let Ok(xorg_results) = run_cmds(format!("ps -e | grep \"{tty}.\\\\+Xorg\""))
// And check if Xorg is running on that tty
{
if xorg_results.trim_end() != "" {
// If it is, manually return "x11", otherwise return tty
return "x11".to_owned();
}
}
}
}
display_server
} else {
"".to_owned()
};
if display_server.is_empty() || display_server == "tty" {
// loginctl has not given the expected output. try something else.
if let Ok(sestype) = std::env::var("XDG_SESSION_TYPE") {
display_server = sestype;
}
}
// If the session is not a tty, then just return the type as usual
display_server
}
pub fn get_values_of_seat0(indices: Vec<usize>) -> Vec<String> {
if let Ok(output) = run_loginctl(None) {
for line in String::from_utf8_lossy(&output.stdout).lines() {
if line.contains("seat0") {
if let Some(sid) = line.split_whitespace().next() {
if is_active(sid) {
return indices
.into_iter()
.map(|idx| line.split_whitespace().nth(idx).unwrap_or("").to_owned())
.collect::<Vec<String>>();
}
}
}
}
}
// some case, there is no seat0 https://github.com/rustdesk/rustdesk/issues/73
if let Ok(output) = run_loginctl(None) {
for line in String::from_utf8_lossy(&output.stdout).lines() {
if let Some(sid) = line.split_whitespace().next() {
let d = get_display_server_of_session(sid);
if is_active(sid) && d != "tty" {
return indices
.into_iter()
.map(|idx| line.split_whitespace().nth(idx).unwrap_or("").to_owned())
.collect::<Vec<String>>();
}
}
}
}
return indices
.iter()
.map(|_x| "".to_owned())
.collect::<Vec<String>>();
}
fn is_active(sid: &str) -> bool {
if let Ok(output) = run_loginctl(Some(vec!["show-session", "-p", "State", sid])) {
String::from_utf8_lossy(&output.stdout).contains("active")
} else {
false
}
}
pub fn run_cmds(cmds: String) -> ResultType<String> {
let output = std::process::Command::new("sh")
.args(vec!["-c", &cmds])
.output()?;
Ok(String::from_utf8_lossy(&output.stdout).to_string())
}
#[cfg(not(feature = "flatpak"))]
fn run_loginctl(args: Option<Vec<&str>>) -> std::io::Result<std::process::Output> {
let mut cmd = std::process::Command::new("loginctl");
if let Some(a) = args {
return cmd.args(a).output();
}
cmd.output()
}
#[cfg(feature = "flatpak")]
fn run_loginctl(args: Option<Vec<&str>>) -> std::io::Result<std::process::Output> {
let mut l_args = String::from("loginctl");
if let Some(a) = args {
l_args = format!("{} {}", l_args, a.join(" "));
}
std::process::Command::new("flatpak-spawn")
.args(vec![String::from("--host"), l_args])
.output()
}

2
libs/hbb_common/src/platform/mod.rs
View File

@@ -1,2 +0,0 @@
#[cfg(target_os = "linux")]
pub mod linux;

18
libs/hbb_common/src/tcp.rs
View File

@@ -62,10 +62,11 @@ fn new_socket(addr: std::net::SocketAddr, reuse: bool) -> Result<TcpSocket, std:
std::net::SocketAddr::V6(..) => TcpSocket::new_v6()?,
};
if reuse {
// windows has no reuse_port, but it's reuse_address
// windows has no reuse_port, but its reuse_address
// almost equals to unix's reuse_port + reuse_address,
// though may introduce nondeterministic behavior
#[cfg(unix)]
// though may introduce nondeterministic behavior.
// illumos has no support for SO_REUSEPORT
#[cfg(all(unix, not(target_os = "illumos")))]
socket.set_reuseport(true)?;
socket.set_reuseaddr(true)?;
}
@@ -260,8 +261,17 @@ pub async fn new_listener<T: ToSocketAddrs>(addr: T, reuse: bool) -> ResultType<
}
}
pub async fn listen_any(port: u16) -> ResultType<TcpListener> {
pub async fn listen_any(port: u16, reuse: bool) -> ResultType<TcpListener> {
if let Ok(mut socket) = TcpSocket::new_v6() {
if reuse {
// windows has no reuse_port, but its reuse_address
// almost equals to unix's reuse_port + reuse_address,
// though may introduce nondeterministic behavior.
// illumos has no support for SO_REUSEPORT
#[cfg(all(unix, not(target_os = "illumos")))]
socket.set_reuseport(true).ok();
socket.set_reuseaddr(true).ok();
}
#[cfg(unix)]
{
use std::os::unix::io::{FromRawFd, IntoRawFd};

7
libs/hbb_common/src/udp.rs
View File

@@ -20,10 +20,11 @@ fn new_socket(addr: SocketAddr, reuse: bool, buf_size: usize) -> Result<Socket,
SocketAddr::V6(..) => Socket::new(Domain::ipv6(), Type::dgram(), None),
}?;
if reuse {
// windows has no reuse_port, but it's reuse_address
// windows has no reuse_port, but its reuse_address
// almost equals to unix's reuse_port + reuse_address,
// though may introduce nondeterministic behavior
#[cfg(unix)]
// though may introduce nondeterministic behavior.
// illumos has no support for SO_REUSEPORT
#[cfg(all(unix, not(target_os = "illumos")))]
socket.set_reuse_port(true)?;
socket.set_reuse_address(true)?;
}

8
rcd/rustdesk-hbbr
View File

@@ -8,9 +8,9 @@
# to enable this service:
#
# rustdesk_hbbr_enable (bool): Set to NO by default.
# Set it to YES to enable nfs-exporter.
# rustdesk_hbbr_args (string): Set extra arguments to pass to nfs-exporter
# Default is "".
# Set it to YES to enable rustdesk_hbbr.
# rustdesk_hbbr_args (string): Set extra arguments to pass to rustdesk_hbbr
# Default is "-k _".
# rustdesk_hbbr_user (string): Set user that rustdesk_hbbr will run under
# Default is "root".
# rustdesk_hbbr_group (string): Set group that rustdesk_hbbr will run under
@@ -32,7 +32,7 @@ load_rc_config $name
pidfile=/var/run/rustdesk_hbbr.pid
command=/usr/sbin/daemon
procname=/usr/local/sbin/hbbr
rustdesk_hbbr_chdir="/var/lib/rustdesk-server/"
rustdesk_hbbr_chdir=/var/db/rustdesk-server
command_args="-p ${pidfile} -o /var/log/rustdesk-hbbr.log ${procname} ${rustdesk_hbbr_args}"
## If you want the daemon do its log over syslog comment out the above line and remove the comment from the below replacement
#command_args="-p ${pidfile} -T ${name} ${procname} ${rustdesk_hbbr_args}"

12
rcd/rustdesk-hbbs
View File

@@ -8,9 +8,11 @@
# to enable this service:
#
# rustdesk_hbbs_enable (bool): Set to NO by default.
# Set it to YES to enable nfs-exporter.
# rustdesk_hbbs_args (string): Set extra arguments to pass to nfs-exporter
# Default is "".
# Set it to YES to enable rustdesk_hbbs.
# rustdesk_hbbs_ip (string): Set IP address/hostname of relay server to use
# Defaults to "127.0.0.1", please replace with your server hostname/IP.
# rustdesk_hbbs_args (string): Set extra arguments to pass to rustdesk_hbbs
# Default is "-r ${rustdesk_hbbs_ip} -k _".
# rustdesk_hbbs_user (string): Set user that rustdesk_hbbs will run under
# Default is "root".
# rustdesk_hbbs_group (string): Set group that rustdesk_hbbs will run under
@@ -33,9 +35,9 @@ load_rc_config $name
pidfile=/var/run/rustdesk_hbbs.pid
command=/usr/sbin/daemon
procname=/usr/local/sbin/hbbs
rustdesk_hbbs_chdir="/var/lib/rustdesk-server/"
rustdesk_hbbs_chdir=/var/db/rustdesk-server
command_args="-p ${pidfile} -o /var/log/rustdesk-hbbs.log ${procname} ${rustdesk_hbbs_args}"
## If you want the daemon do its log over syslog comment out the above line and remove the comment from the below replacement
## If you want the daemon to do its log over syslog, comment out the above line and remove the comment from the below replacement
#command_args="-p ${pidfile} -T ${name} ${procname} ${rustdesk_hbbs_args}"
start_precmd=rustdesk_hbbs_startprecmd

14
src/common.rs
View File

@@ -78,7 +78,7 @@ pub fn init_args(args: &str, name: &str, about: &str) {
}
}
for (k, v) in matches.args {
if let Some(v) = v.vals.get(0) {
if let Some(v) = v.vals.first() {
std::env::set_var(arg_name(k), v.to_string_lossy().to_string());
}
}
@@ -113,13 +113,18 @@ pub fn gen_sk(wait: u64) -> (String, Option<sign::SecretKey>) {
if let Ok(mut file) = std::fs::File::open(sk_file) {
let mut contents = String::new();
if file.read_to_string(&mut contents).is_ok() {
let sk = base64::decode(&contents).unwrap_or_default();
let contents = contents.trim();
let sk = base64::decode(contents).unwrap_or_default();
if sk.len() == sign::SECRETKEYBYTES {
let mut tmp = [0u8; sign::SECRETKEYBYTES];
tmp[..].copy_from_slice(&sk);
let pk = base64::encode(&tmp[sign::SECRETKEYBYTES / 2..]);
log::info!("Private key comes from {}", sk_file);
return (pk, Some(sign::SecretKey(tmp)));
} else {
// don't use log here, since it is async
println!("Fatal error: malformed private key in {sk_file}.");
std::process::exit(1);
}
}
} else {
@@ -156,8 +161,6 @@ pub async fn listen_signal() -> Result<()> {
use hbb_common::tokio::signal::unix::{signal, SignalKind};
tokio::spawn(async {
let mut s = signal(SignalKind::hangup())?;
let hangup = s.recv();
let mut s = signal(SignalKind::terminate())?;
let terminate = s.recv();
let mut s = signal(SignalKind::interrupt())?;
@@ -166,9 +169,6 @@ pub async fn listen_signal() -> Result<()> {
let quit = s.recv();
tokio::select! {
_ = hangup => {
log::info!("signal hangup");
}
_ = terminate => {
log::info!("signal terminate");
}

6
src/main.rs
View File

@@ -17,9 +17,9 @@ fn main() -> ResultType<()> {
"-c --config=[FILE] +takes_value 'Sets a custom config file'
-p, --port=[NUMBER(default={RENDEZVOUS_PORT})] 'Sets the listening port'
-s, --serial=[NUMBER(default=0)] 'Sets configure update serial number'
-R, --rendezvous-servers=[HOSTS] 'Sets rendezvous servers, seperated by colon'
-R, --rendezvous-servers=[HOSTS] 'Sets rendezvous servers, separated by comma'
-u, --software-url=[URL] 'Sets download url of RustDesk software of newest version'
-r, --relay-servers=[HOST] 'Sets the default relay servers, seperated by colon'
-r, --relay-servers=[HOST] 'Sets the default relay servers, separated by comma'
-M, --rmem=[NUMBER(default={RMEM})] 'Sets UDP recv buffer size, set system rmem_max first, e.g., sudo sysctl -w net.core.rmem_max=52428800. vi /etc/sysctl.conf, net.core.rmem_max=52428800, sudo sysctl p'
, --mask=[MASK] 'Determine if the connection comes from LAN, e.g. 192.168.0.0/16'
-k, --key=[KEY] 'Only allow the client with the same key'",
@@ -31,6 +31,6 @@ fn main() -> ResultType<()> {
}
let rmem = get_arg("rmem").parse::<usize>().unwrap_or(RMEM);
let serial: i32 = get_arg("serial").parse().unwrap_or(0);
RendezvousServer::start(port, serial, &get_arg("key"), rmem)?;
RendezvousServer::start(port, serial, &get_arg_or("key", "-".to_owned()), rmem)?;
Ok(())
}

161
src/relay_server.rs
View File

@@ -25,6 +25,7 @@ use std::{
io::prelude::*,
io::Error,
net::SocketAddr,
sync::atomic::{AtomicUsize, Ordering},
};
type Usage = (usize, usize, usize, usize);
@@ -36,11 +37,11 @@ lazy_static::lazy_static! {
static ref BLOCKLIST: RwLock<HashSet<String>> = Default::default();
}
static mut DOWNGRADE_THRESHOLD: f64 = 0.66;
static mut DOWNGRADE_START_CHECK: usize = 1_800_000; // in ms
static mut LIMIT_SPEED: usize = 4 * 1024 * 1024; // in bit/s
static mut TOTAL_BANDWIDTH: usize = 1024 * 1024 * 1024; // in bit/s
static mut SINGLE_BANDWIDTH: usize = 16 * 1024 * 1024; // in bit/s
static DOWNGRADE_THRESHOLD_100: AtomicUsize = AtomicUsize::new(66); // 0.66
static DOWNGRADE_START_CHECK: AtomicUsize = AtomicUsize::new(1_800_000); // in ms
static LIMIT_SPEED: AtomicUsize = AtomicUsize::new(4 * 1024 * 1024); // in bit/s
static TOTAL_BANDWIDTH: AtomicUsize = AtomicUsize::new(1024 * 1024 * 1024); // in bit/s
static SINGLE_BANDWIDTH: AtomicUsize = AtomicUsize::new(16 * 1024 * 1024); // in bit/s
const BLACKLIST_FILE: &str = "blacklist.txt";
const BLOCKLIST_FILE: &str = "blocklist.txt";
@@ -84,7 +85,7 @@ pub async fn start(port: &str, key: &str) -> ResultType<()> {
let main_task = async move {
loop {
log::info!("Start");
io_loop(listen_any(port).await?, listen_any(port2).await?, &key).await;
io_loop(listen_any(port, true).await?, listen_any(port2, true).await?, &key).await;
}
};
let listen_signal = crate::common::listen_signal();
@@ -99,57 +100,53 @@ fn check_params() {
.map(|x| x.parse::<f64>().unwrap_or(0.))
.unwrap_or(0.);
if tmp > 0. {
unsafe {
DOWNGRADE_THRESHOLD = tmp;
}
DOWNGRADE_THRESHOLD_100.store((tmp * 100.) as _, Ordering::SeqCst);
}
unsafe { log::info!("DOWNGRADE_THRESHOLD: {}", DOWNGRADE_THRESHOLD) };
log::info!(
"DOWNGRADE_THRESHOLD: {}",
DOWNGRADE_THRESHOLD_100.load(Ordering::SeqCst) as f64 / 100.
);
let tmp = std::env::var("DOWNGRADE_START_CHECK")
.map(|x| x.parse::<usize>().unwrap_or(0))
.unwrap_or(0);
if tmp > 0 {
unsafe {
DOWNGRADE_START_CHECK = tmp * 1000;
}
DOWNGRADE_START_CHECK.store(tmp * 1000, Ordering::SeqCst);
}
unsafe { log::info!("DOWNGRADE_START_CHECK: {}s", DOWNGRADE_START_CHECK / 1000) };
log::info!(
"DOWNGRADE_START_CHECK: {}s",
DOWNGRADE_START_CHECK.load(Ordering::SeqCst) / 1000
);
let tmp = std::env::var("LIMIT_SPEED")
.map(|x| x.parse::<f64>().unwrap_or(0.))
.unwrap_or(0.);
if tmp > 0. {
unsafe {
LIMIT_SPEED = (tmp * 1024. * 1024.) as usize;
}
LIMIT_SPEED.store((tmp * 1024. * 1024.) as usize, Ordering::SeqCst);
}
unsafe { log::info!("LIMIT_SPEED: {}Mb/s", LIMIT_SPEED as f64 / 1024. / 1024.) };
log::info!(
"LIMIT_SPEED: {}Mb/s",
LIMIT_SPEED.load(Ordering::SeqCst) as f64 / 1024. / 1024.
);
let tmp = std::env::var("TOTAL_BANDWIDTH")
.map(|x| x.parse::<f64>().unwrap_or(0.))
.unwrap_or(0.);
if tmp > 0. {
unsafe {
TOTAL_BANDWIDTH = (tmp * 1024. * 1024.) as usize;
}
TOTAL_BANDWIDTH.store((tmp * 1024. * 1024.) as usize, Ordering::SeqCst);
}
unsafe {
log::info!(
"TOTAL_BANDWIDTH: {}Mb/s",
TOTAL_BANDWIDTH as f64 / 1024. / 1024.
)
};
log::info!(
"TOTAL_BANDWIDTH: {}Mb/s",
TOTAL_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
);
let tmp = std::env::var("SINGLE_BANDWIDTH")
.map(|x| x.parse::<f64>().unwrap_or(0.))
.unwrap_or(0.);
if tmp > 0. {
unsafe {
SINGLE_BANDWIDTH = (tmp * 1024. * 1024.) as usize;
}
SINGLE_BANDWIDTH.store((tmp * 1024. * 1024.) as usize, Ordering::SeqCst);
}
unsafe {
log::info!(
"SINGLE_BANDWIDTH: {}Mb/s",
SINGLE_BANDWIDTH as f64 / 1024. / 1024.
)
};
log::info!(
"SINGLE_BANDWIDTH: {}Mb/s",
SINGLE_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
)
}
async fn check_cmd(cmd: &str, limiter: Limiter) -> String {
@@ -233,76 +230,68 @@ async fn check_cmd(cmd: &str, limiter: Limiter) -> String {
if let Some(v) = fds.next() {
if let Ok(v) = v.parse::<f64>() {
if v > 0. {
unsafe {
DOWNGRADE_THRESHOLD = v;
}
DOWNGRADE_THRESHOLD_100.store((v * 100.) as _, Ordering::SeqCst);
}
}
} else {
unsafe {
res = format!("{DOWNGRADE_THRESHOLD}\n");
}
res = format!(
"{}\n",
DOWNGRADE_THRESHOLD_100.load(Ordering::SeqCst) as f64 / 100.
);
}
}
Some("downgrade-start-check" | "t") => {
if let Some(v) = fds.next() {
if let Ok(v) = v.parse::<usize>() {
if v > 0 {
unsafe {
DOWNGRADE_START_CHECK = v * 1000;
}
DOWNGRADE_START_CHECK.store(v * 1000, Ordering::SeqCst);
}
}
} else {
unsafe {
res = format!("{}s\n", DOWNGRADE_START_CHECK / 1000);
}
res = format!("{}s\n", DOWNGRADE_START_CHECK.load(Ordering::SeqCst) / 1000);
}
}
Some("limit-speed" | "ls") => {
if let Some(v) = fds.next() {
if let Ok(v) = v.parse::<f64>() {
if v > 0. {
unsafe {
LIMIT_SPEED = (v * 1024. * 1024.) as _;
}
LIMIT_SPEED.store((v * 1024. * 1024.) as _, Ordering::SeqCst);
}
}
} else {
unsafe {
res = format!("{}Mb/s\n", LIMIT_SPEED as f64 / 1024. / 1024.);
}
res = format!(
"{}Mb/s\n",
LIMIT_SPEED.load(Ordering::SeqCst) as f64 / 1024. / 1024.
);
}
}
Some("total-bandwidth" | "tb") => {
if let Some(v) = fds.next() {
if let Ok(v) = v.parse::<f64>() {
if v > 0. {
unsafe {
TOTAL_BANDWIDTH = (v * 1024. * 1024.) as _;
limiter.set_speed_limit(TOTAL_BANDWIDTH as _);
}
TOTAL_BANDWIDTH.store((v * 1024. * 1024.) as _, Ordering::SeqCst);
limiter.set_speed_limit(TOTAL_BANDWIDTH.load(Ordering::SeqCst) as _);
}
}
} else {
unsafe {
res = format!("{}Mb/s\n", TOTAL_BANDWIDTH as f64 / 1024. / 1024.);
}
res = format!(
"{}Mb/s\n",
TOTAL_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
);
}
}
Some("single-bandwidth" | "sb") => {
if let Some(v) = fds.next() {
if let Ok(v) = v.parse::<f64>() {
if v > 0. {
unsafe {
SINGLE_BANDWIDTH = (v * 1024. * 1024.) as _;
}
SINGLE_BANDWIDTH.store((v * 1024. * 1024.) as _, Ordering::SeqCst);
}
}
} else {
unsafe {
res = format!("{}Mb/s\n", SINGLE_BANDWIDTH as f64 / 1024. / 1024.);
}
res = format!(
"{}Mb/s\n",
SINGLE_BANDWIDTH.load(Ordering::SeqCst) as f64 / 1024. / 1024.
);
}
}
Some("usage" | "u") => {
@@ -336,7 +325,7 @@ async fn check_cmd(cmd: &str, limiter: Limiter) -> String {
async fn io_loop(listener: TcpListener, listener2: TcpListener, key: &str) {
check_params();
let limiter = <Limiter>::new(unsafe { TOTAL_BANDWIDTH as _ });
let limiter = <Limiter>::new(TOTAL_BANDWIDTH.load(Ordering::SeqCst) as _);
loop {
tokio::select! {
res = listener.accept() => {
@@ -403,19 +392,30 @@ async fn handle_connection(
async fn make_pair(
stream: TcpStream,
addr: SocketAddr,
mut addr: SocketAddr,
key: &str,
limiter: Limiter,
ws: bool,
) -> ResultType<()> {
if ws {
make_pair_(
tokio_tungstenite::accept_async(stream).await?,
addr,
key,
limiter,
)
.await;
use tokio_tungstenite::tungstenite::handshake::server::{Request, Response};
let callback = |req: &Request, response: Response| {
let headers = req.headers();
let real_ip = headers
.get("X-Real-IP")
.or_else(|| headers.get("X-Forwarded-For"))
.and_then(|header_value| header_value.to_str().ok());
if let Some(ip) = real_ip {
if ip.contains('.') {
addr = format!("{ip}:0").parse().unwrap_or(addr);
} else {
addr = format!("[{ip}]:0").parse().unwrap_or(addr);
}
}
Ok(response)
};
let ws_stream = tokio_tungstenite::accept_hdr_async(stream, callback).await?;
make_pair_(ws_stream, addr, key, limiter).await;
} else {
make_pair_(FramedStream::from(stream, addr), addr, key, limiter).await;
}
@@ -475,10 +475,11 @@ async fn relay(
let mut highest_s = 0;
let mut downgrade: bool = false;
let mut blacked: bool = false;
let limiter = <Limiter>::new(unsafe { SINGLE_BANDWIDTH as _ });
let blacklist_limiter = <Limiter>::new(unsafe { LIMIT_SPEED as _ });
let sb = SINGLE_BANDWIDTH.load(Ordering::SeqCst) as f64;
let limiter = <Limiter>::new(sb);
let blacklist_limiter = <Limiter>::new(LIMIT_SPEED.load(Ordering::SeqCst) as _);
let downgrade_threshold =
(unsafe { SINGLE_BANDWIDTH as f64 * DOWNGRADE_THRESHOLD } / 1000.) as usize; // in bit/ms
(sb * DOWNGRADE_THRESHOLD_100.load(Ordering::SeqCst) as f64 / 100. / 1000.) as usize; // in bit/ms
let mut timer = interval(Duration::from_secs(3));
let mut last_recv_time = std::time::Instant::now();
loop {
@@ -546,7 +547,7 @@ async fn relay(
(elapsed as _, total as _, highest_s as _, speed as _),
);
total_s = 0;
if elapsed > unsafe { DOWNGRADE_START_CHECK }
if elapsed > DOWNGRADE_START_CHECK.load(Ordering::SeqCst)
&& !downgrade
&& total > elapsed * downgrade_threshold
{

57
src/rendezvous_server.rs
View File

@@ -35,6 +35,7 @@ use sodiumoxide::crypto::sign;
use std::{
collections::HashMap,
net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr},
sync::atomic::{AtomicBool, AtomicUsize, Ordering},
sync::Arc,
time::Instant,
};
@@ -55,10 +56,10 @@ enum Sink {
}
type Sender = mpsc::UnboundedSender<Data>;
type Receiver = mpsc::UnboundedReceiver<Data>;
static mut ROTATION_RELAY_SERVER: usize = 0;
static ROTATION_RELAY_SERVER: AtomicUsize = AtomicUsize::new(0);
type RelayServers = Vec<String>;
static CHECK_RELAY_TIMEOUT: u64 = 3_000;
static mut ALWAYS_USE_RELAY: bool = false;
static ALWAYS_USE_RELAY: AtomicBool = AtomicBool::new(false);
#[derive(Clone)]
struct Inner {
@@ -147,13 +148,11 @@ impl RendezvousServer {
.to_uppercase()
== "Y"
{
unsafe {
ALWAYS_USE_RELAY = true;
}
ALWAYS_USE_RELAY.store(true, Ordering::SeqCst);
}
log::info!(
"ALWAYS_USE_RELAY={}",
if unsafe { ALWAYS_USE_RELAY } {
if ALWAYS_USE_RELAY.load(Ordering::SeqCst) {
"Y"
} else {
"N"
@@ -711,7 +710,7 @@ impl RendezvousServer {
let peer_is_lan = self.is_lan(peer_addr);
let is_lan = self.is_lan(addr);
let mut relay_server = self.get_relay_server(addr.ip(), peer_addr.ip());
if unsafe { ALWAYS_USE_RELAY } || (peer_is_lan ^ is_lan) {
if ALWAYS_USE_RELAY.load(Ordering::SeqCst) || (peer_is_lan ^ is_lan) {
if peer_is_lan {
// https://github.com/rustdesk/rustdesk-server/issues/24
relay_server = self.inner.local_ip.clone()
@@ -905,10 +904,7 @@ impl RendezvousServer {
} else if self.relay_servers.len() == 1 {
return self.relay_servers[0].clone();
}
let i = unsafe {
ROTATION_RELAY_SERVER += 1;
ROTATION_RELAY_SERVER % self.relay_servers.len()
};
let i = ROTATION_RELAY_SERVER.fetch_add(1, Ordering::SeqCst) % self.relay_servers.len();
self.relay_servers[i].clone()
}
@@ -1027,13 +1023,17 @@ impl RendezvousServer {
Some("always-use-relay" | "aur") => {
if let Some(rs) = fds.next() {
if rs.to_uppercase() == "Y" {
unsafe { ALWAYS_USE_RELAY = true };
ALWAYS_USE_RELAY.store(true, Ordering::SeqCst);
} else {
unsafe { ALWAYS_USE_RELAY = false };
ALWAYS_USE_RELAY.store(false, Ordering::SeqCst);
}
self.tx.send(Data::RelayServers0(rs.to_owned())).ok();
} else {
let _ = writeln!(res, "ALWAYS_USE_RELAY: {:?}", unsafe { ALWAYS_USE_RELAY });
let _ = writeln!(
res,
"ALWAYS_USE_RELAY: {:?}",
ALWAYS_USE_RELAY.load(Ordering::SeqCst)
);
}
}
Some("test-geo" | "tg") => {
@@ -1106,13 +1106,29 @@ impl RendezvousServer {
async fn handle_listener_inner(
&mut self,
stream: TcpStream,
addr: SocketAddr,
mut addr: SocketAddr,
key: &str,
ws: bool,
) -> ResultType<()> {
let mut sink;
if ws {
let ws_stream = tokio_tungstenite::accept_async(stream).await?;
use tokio_tungstenite::tungstenite::handshake::server::{Request, Response};
let callback = |req: &Request, response: Response| {
let headers = req.headers();
let real_ip = headers
.get("X-Real-IP")
.or_else(|| headers.get("X-Forwarded-For"))
.and_then(|header_value| header_value.to_str().ok());
if let Some(ip) = real_ip {
if ip.contains('.') {
addr = format!("{ip}:0").parse().unwrap_or(addr);
} else {
addr = format!("[{ip}]:0").parse().unwrap_or(addr);
}
}
Ok(response)
};
let ws_stream = tokio_tungstenite::accept_hdr_async(stream, callback).await?;
let (a, mut b) = ws_stream.split();
sink = Some(Sink::Ws(a));
while let Ok(Some(Ok(msg))) = timeout(30_000, b.next()).await {
@@ -1182,14 +1198,11 @@ impl RendezvousServer {
out_sk = sk;
if !key.is_empty() {
key = pk;
} else {
std::env::set_var("KEY_FOR_API", pk);
}
}
if !key.is_empty() {
log::info!("Key: {}", key);
std::env::set_var("KEY_FOR_API", key.clone());
}
(key, out_sk)
}
@@ -1294,19 +1307,19 @@ async fn send_rk_res(
async fn create_udp_listener(port: i32, rmem: usize) -> ResultType<FramedSocket> {
let addr = SocketAddr::new(IpAddr::V6(Ipv6Addr::UNSPECIFIED), port as _);
if let Ok(s) = FramedSocket::new_reuse(&addr, false, rmem).await {
if let Ok(s) = FramedSocket::new_reuse(&addr, true, rmem).await {
log::debug!("listen on udp {:?}", s.local_addr());
return Ok(s);
}
let addr = SocketAddr::new(IpAddr::V4(Ipv4Addr::UNSPECIFIED), port as _);
let s = FramedSocket::new_reuse(&addr, false, rmem).await?;
let s = FramedSocket::new_reuse(&addr, true, rmem).await?;
log::debug!("listen on udp {:?}", s.local_addr());
Ok(s)
}
#[inline]
async fn create_tcp_listener(port: i32) -> ResultType<TcpListener> {
let s = listen_any(port as _).await?;
let s = listen_any(port as _, true).await?;
log::debug!("listen on tcp {:?}", s.local_addr());
Ok(s)
}

2
ui/setup.nsi
View File

@@ -15,7 +15,7 @@
!define PRODUCT_NAME "rustdesk_server"
!define PRODUCT_DESCRIPTION "Installer for ${PRODUCT_NAME}"
!define COPYRIGHT "Copyright © 2021"
!define VERSION "1.1.8"
!define VERSION "1.1.12"
VIProductVersion "${VERSION}.0"
VIAddVersionKey "ProductName" "${PRODUCT_NAME}"