Add tutorial for manual TCP server setup

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
inlets · Feb 9, 2024 · 311c684 · 311c684
1 parent d0cd9de
commit 311c684
Show file tree

Hide file tree

Showing 2 changed files with 97 additions and 3 deletions.
diff --git a/docs/tutorial/manual-tcp-server.md b/docs/tutorial/manual-tcp-server.md
@@ -0,0 +1,93 @@
+## Setting up a TCP server manually
+
+In this tutorial we will set up a TCP tunnel server manually.
+
+## Pre-reqs
+
+* A Linux server, Windows and MacOS are also supported
+* The inlets-pro binary at /usr/local/bin/
+
+## Log into your existing VM
+
+Generate an authentication token for the tunnel:
+
+```bash
+TOKEN="$(openssl rand -base64 32)" > token.txt
+
+# Find the instance's public IPv4 address:
+PUBLIC_IP="$(curl -s https://checkip.amazonaws.com)"
+```
+
+Let's imagine the public IP resolved to `46.101.128.5` which is part of the DigitalOcean range.
+
+```bash
+inlets-pro tcp server \
+ --token "$TOKEN" \
+ --auto-tls-san $PUBLIC_IP \
+ --generate=systemd > inlets-pro.service
+```
+
+Example:
+
+```ini
+[Unit]
+Description=inlets Pro TCP Server
+After=network.target
+
+[Service]
+Type=simple
+Restart=always
+RestartSec=5
+StartLimitInterval=0
+ExecStart=/usr/local/bin/inlets-pro tcp server --auto-tls --auto-tls-san=46.101.128.5 --control-addr=0.0.0.0 --token="ISgW7E2TQk+ZmbJldN9ophfE96B93eZKk8L1+gBysg4=" --control-port=8124 --auto-tls-path=/tmp/inlets-pro
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Next install the unit file with:
+
+```bash
+sudo cp inlets-pro.service /etc/systemd/system/
+sudo systemctl daemon-reload
+sudo systemctl enable inlets-pro.service
+
+sudo systemctl restart inlets-pro.service
+```
+
+You'll now be able to check the logs for the server:
+
+```bash
+sudo journalctl -u inlets-pro
+```
+
+Finally you can connect your TCP client from a remote network. In this case, port 5900 is being exposed for VNC, along with port 2222 for SSH. Port 2222 is an extra port added to the `/etc/ssh/sshd_config` file on the Linux machine to avoid conflicting with SSH on the tunnel server itself.
+
+```bash
+inlets-pro tcp client \
+  --token "ISgW7E2TQk+ZmbJldN9ophfE96B93eZKk8L1+gBysg4=" \
+  --upstream 192.168.0.15 \
+  --port 2222 \
+  --port 5900 \
+  --url wss://46.101.128.5:8124
+```
+
+You can now connect to the public IP of your server via SSH and VNC:
+
+For example:
+
+```bash
+ssh -p 2222 [email protected]
+```
+
+## Wrapping up
+
+You now have a TCP tunnel server that you can connect as and when you like.
+
+* You can change the ports of the connected client
+* You can change the upstream
+* You can run multiple `inlets-pro tcp client` commands to load-balance traffic
+
+But bear in mind that you cannot have two clients exposing different ports at the same time unless you're an [inlets uplink user](/uplink/become-a-provider).
+
+We would recommend creating TCP tunnel servers via [inletsctl](/tutorial/ssh-tcp-tunnel) which automates all of the above in a few seconds.
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -89,9 +89,10 @@ nav:
       - Introduction: index.md
       - FAQ: /reference/faq/
   - Tutorials:
-      - Automated HTTP tunnel setup: /tutorial/automated-http-server/
-      - Manual HTTP tunnel setup: /tutorial/manual-http-server/
-      - Dual TCP and HTTP tunnels: /tutorial/dual-tunnels/
+      - Automated HTTPs tunnel server: /tutorial/automated-http-server/
+      - Manual HTTPs tunnel server: /tutorial/manual-http-server/
+      - Manual TCP tunnel server: /tutorial/manual-tcp-server/
+      - Dual TCP and HTTPs server: /tutorial/dual-tunnels/
       - IP Allow list (ext): https://inlets.dev/blog/2021/10/15/allow-lists.html
       - Docker Compose (ext): https://inlets.dev/blog/2021/09/09/compose-and-inlets.html
       - Community tutorials: /tutorial/community/