Secure Tunnel Service

Easily expose your local services with secure, SSL-terminated tunnels

Get Started

Create a new tunnel for your local service:

# Make sure your local service is running and accessible
# Remember to bind your service to 0.0.0.0

# Create a new tunnel (replace 8080 with your service's port)
$ curl -X POST http://localhost:8080/new-machine \
  -H "Authorization: Bearer your-secure-token" \
  -o tunnel.conf
This will generate a WireGuard configuration file (tunnel.conf)
# Start the tunnel
$ wg-quick up ./tunnel.conf
✓ Tunnel is now active! Your service is accessible at https://<unique-subdomain>.your-domain.com

Manage Tunnels

Add a subdomain

# Add a subdomain for a specific port
$ curl -X POST http://localhost:8080/add-subdomain/<machine-ip>/port/<port> \
  -H "Authorization: Bearer your-secure-token"

Remove a subdomain

# Remove a specific subdomain
$ curl -X DELETE http://localhost:8080/remove-subdomain/<subdomain-slug> \
  -H "Authorization: Bearer your-secure-token"

Stop the tunnel

$ wg-quick down ./tunnel.conf

Docker Deployment

You can also run this service using Docker Compose:

# Start the service
docker-compose up -d --build

# View logs
docker-compose logs -f

Make sure to configure your .env file before starting the container.

Securely exposing your local services with WireGuard and Python