26 comments

[ 2.7 ms ] story [ 42.5 ms ] thread
A ngrok-style secure tunnel server written in Rust. Expose local services through a public server over encrypted WebSocket connections with TLS termination, HTTP/TCP proxying, a live dashboard, Prometheus metrics, and audit logging.
One of my vendors recently disallowed registering ngrok URLs for testing webhooks. They said they were too unreliable — and the vendor was getting blamed for ngrok failing to deliver requests.

Seems like a real shame that they’ve been abandoning their core product that was reliable for years in pursuit of nebulous AI/enterprise routing products.

I get that dev tunnels are probably not a massive business that’s going to get VCs mouths’ watering, but maybe not every business needs to shoot the moon?

Anyway, glad competitors are coming in to fill the space.

Really glad to see someone stepping up to fill this void! I've debated doing this myself many times but it's low on my list of priorities.

Please don't interpret these frank questions as criticism or mistrust up front, but we've been burned a few times with tools like this start open source and then realize there might be some money out there and go proprietary, usually with a rug pull. I don't mind offering paid hosting at all (in fact I think it makes sense to offer that) so long as the code all remains open source. The "open core" model may even be ok so long as it's truly just "enterprise" feature that are gated, though that's a hard line to tread.

What are your monetization plans? Are you committed to long-term being actually open source?

Personally, I would suggest licensing this as AGPL to ensure that if anyone does take it and try to stand up a paid/proprietary service based on your work, the license will at least force them to open their code. It's not perfect. but with MIT you have zero defense against that. It would also give people like me some peace of mind.

Interesting project. Is the main value to "self-host your own ngrok", or is it to actually compete with ngrok using an open-source project ? If so how do you intend to monetize your project ?
Hmm, how to monetize such projects?
We hit this exact problem bridging n8n Cloud to a local Ollama instance on a Mac Mini. Tried Cloudflare tunnels (502 errors), bore-cli (random ports on restart — unusable with multiple HTTP nodes), and ngrok (requires auth/signup).

Ended up on localtunnel with a fixed subdomain and keepalive script. It works but drops connections and requires a bypass-tunnel-reminder header on every request.

Key requirements for this use case: fixed/predictable URL so downstream services don't need reconfiguration, low latency for API calls, and auto-reconnect as a daemon. Would be interested to try Rustunnel if it supports fixed subdomains.

Hey! it does support subdomains. Either by passing a flag --subdomain or just configuring them straight up in you config.yml file.

We also implemented auto-reconnect.

For now we only running servers in Europe, but we are implementing multi-region right now and should have it up in a couple of days. That should cut latency way down for people that not in Europe.

Interesting. Currently building something simpler with outbound[1]. Decided to go with gRPC instead, but mine is mostly focusing on developers, for basic HTTP service reverse tunneling.

[1]https://github.com/kwakubiney/outbound

Interesting! I'll take a look.
Not trying to be a jerk but how is this different than the Rust solutions listed on https://github.com/anderspitman/awesome-tunneling already?

What makes your solution better or different?

Fair point, and honestly at work I'd push back the same way: shipping a custom tunnel solution when mature ones exist? Why?

But for personal projects I think the calculus is different. Rebuilding something is great to understand how it works

I'm not experienced like some people posting here, but vouching for this comment that projects may have value for personal development and education.
Personally I don’t care what it is written in. I care what the code does and how well it does it.

Rust is a cool and interesting language that helps solve some problems, but it doesn’t make it immune from all. But that doesn’t make it inherently better, or worse for the job. We have seen this trend for everything from C++ onwards (Java, Ruby, C#, Python, etc etc)

Well since it still not uses a custom port for the client connection and not plain h2 streaming what’s the difference to pangolin? I mean it does not like it has that much more benefits? If clients would also connect to 443 h2 than yeah. But in Corporate environments having a port different than 443 always is a pain no matter the protocol.
Interesting! Can it be used in Google Colab to open temporary access to python server? NGROK can be attached this way in 6 lines of code
i've been thinking of running something similar in my stack for the last few years, and this thread got me to finally figure it out. i ended up implementing an approach that works for me without any additional services beyond what i was already running. documented here: https://igor.moomers.org/posts/basic-tunnel