13 comments

[ 3.0 ms ] story [ 51.5 ms ] thread
(comment deleted)
This is a neat idea, but still requires running a local executable. To ease adoption, a web app would be better.

So how about a ngrok like service where you just open a page to forward local traffic ? The vulnerability we've seen yesterday, "A web page can see your local servers", suggests it's doable. The webrtc code needs to open a HTTP connection to the local server. JS code would proxy all requests coming through an external hostname to this local server. Is this doable ?

"I can see your local servers" https://news.ycombinator.com/item?id=20028108

Shameless self plug

That is the exact reason I made sish (ssi.sh). It uses ssh to do local port forwarding and can be self hosted with authentication. It's open source[0] and the only thing you need locally is SSH (which is included by default on most systems).

[0]: https://github.com/antoniomika/sish

Neat! This is like a self-hosted version of ngrok? So you'd just need a public host somewhere and then you can tunnel in. I've been doing some edge computing stuff recently with Windows, so I'd love to try this with RDP.
Yep, that's exactly it! Because it supports TCP forwarding, that sounds like it should work!
This is cool! I came up with something similar for hosting a few personal sites from my home network, except I did it the other way around - I built a docker image that does the SSH tunneling part. The external host is just a cheap droplet with GatewayPorts set to yes in the sshd config. A benefit of doing it this way is that you don't even have to expose localhost; I have Caddy running in another container in a docker-compose.yml file, so I can forward it directly with:

  ssh -R 80:caddy:80 -R 443:caddy:443
So all the networking happens within the network created by docker-compose.
Nice, that's something that's useful too. I think this is especially important as it pertains to home services/exposed things. I just wanted to build my own tools around it mainly for the virtual hosting/websockets support. Also I just find these things fun to write and figure out :)
This sounds like a fun summer projects. I'll take a look
What is the purpose and/or novelty of this project? Just a simple http server? Or that it’s js?
If you are developing a service / webapp on a local machine, you can use something like this (or ngrok) to make it publicly accessible to demo or test.

The novelty of this, I think, is that it provides both client and server programs. So that instead of paying for a service like ngrok, you can deploy this on your own. At least, that was my takeaway.

Ah interesting. I guess I've been spoiled with built-in apache all these years (and terrified of the idea of opening up LAN to public). Thanks!
The idea here is that you’re exposing the LAN the minimum amount possible, and only indirectly... all public access is through the server component, which you could lock down as much or as little as possible.
Makes sense. I’d still 1000 times over pay for a cloud/virtual server from some provider (even if only for a day) than trust myself to configure something like that 100% securely.