selfhosted-apps-docker/rustdesk/readme.md

230 lines
7.7 KiB
Markdown
Raw Normal View History

2022-11-14 23:50:50 +00:00
# Rustdesk in docker
###### guide-by-example
![logo](https://i.imgur.com/ImsIffW.png)
# Purpose & Overview
2023-03-11 11:54:07 +00:00
Remote desktop access.
2022-11-14 23:50:50 +00:00
* [Official site](https://rustdesk.com/)
* [Github](https://github.com/rustdesk/rustdesk)
2023-03-11 11:54:07 +00:00
* [DockerHub for S6](https://hub.docker.com/r/rustdesk/rustdesk-server-s6)
2022-11-14 23:50:50 +00:00
2023-03-11 12:24:28 +00:00
Rustdesk is a new fully opensource alternative for TeamViewer or Anydesk.<br>
2023-03-11 11:54:07 +00:00
The major aspects are that it does NAT punching,
and lets you host all the infrastructure for it to function.<br>
2022-11-14 23:50:50 +00:00
Written in rust(gasp), with Dart and Flutter framework for client side.</br>
2023-03-11 11:54:07 +00:00
The idea is:
2022-11-19 23:06:37 +00:00
2023-03-11 12:24:28 +00:00
* Run a rustdesk server reachable online.
* Install clients on machines you want to connect from / to.
* The clients application keeps a regular heartbeat communication
with the server, in a way to [punch a hole](https://youtu.be/S7Ifw5XsypQ)
in the NAT and so allows connection initialized from the outside,
without doing port forwarding.
2023-03-11 11:54:07 +00:00
2022-11-15 22:42:47 +00:00
---
2022-11-15 22:35:44 +00:00
![interface-pic](https://i.imgur.com/ekA7Hms.png)
2022-11-14 23:50:50 +00:00
# Files and directory structure
```
/home/
└── ~/
└── docker/
└── rustdesk/
2023-03-11 11:54:07 +00:00
├── 🗁 rustdesk_data/
├── 🗋 .env
└── 🗋 docker-compose.yml
2022-11-14 23:50:50 +00:00
```
2023-03-11 11:54:07 +00:00
* `rustdesk_data/` - persistent data, contains sqlite database and the keys
2022-11-14 23:50:50 +00:00
* `.env` - a file containing environment variables for docker compose
* `docker-compose.yml` - a docker compose file, telling docker how to run the containers
2022-11-15 22:35:44 +00:00
You only need to provide the two files.</br>
The directory is created by docker compose on the first run.
2022-11-14 23:50:50 +00:00
# docker-compose
2023-03-11 12:24:28 +00:00
Using [S6-overlay](https://github.com/rustdesk/rustdesk-server#s6-overlay-based-images)
based image.<br>
2023-03-11 21:14:21 +00:00
It's a simpler, single container approach. The
[complexity](https://github.com/rustdesk/rustdesk-server#classic-image)
of rustdesk's `hbbs` server and `hbbr` relay hidden.
2022-11-15 22:35:44 +00:00
2023-03-11 12:24:28 +00:00
No network section since no http traffic that would need reverse proxy, yet.<br>
So just mapped ports on to docker host to do their thing.
2022-11-14 23:50:50 +00:00
`docker-compose.yml`
```yml
services:
rustdesk:
2023-03-11 11:54:07 +00:00
image: rustdesk/rustdesk-server-s6:1.1.7-1
2022-11-14 23:50:50 +00:00
container_name: rustdesk
hostname: rustdesk
restart: unless-stopped
env_file: .env
ports:
2023-03-11 11:54:07 +00:00
- "21116:21116"
- "21115:21115"
- "21116:21116/udp"
- "21117:21117"
- "21118:21118"
- "21119:21119"
2022-11-14 23:50:50 +00:00
volumes:
2023-03-11 11:54:07 +00:00
- ./rustdesk_data:/data
2022-11-14 23:50:50 +00:00
```
`.env`
```bash
# GENERAL
TZ=Europe/Bratislava
# RUSTDESK
RELAY=rust.example.com:21117
2023-03-11 11:54:07 +00:00
ENCRYPTED_ONLY=1
# KEY_PRIV=<put here content of ./rustdesk_data/id_ed25519>
# KEY_PUB=<put here content of ./rustdesk_data/id_ed25519.pub>
2022-11-14 23:50:50 +00:00
```
2023-03-12 08:47:19 +00:00
In the `.env` file encryption is enabled, so that only clients that have
2023-03-11 11:54:07 +00:00
correct public key will be allowed access to the rustdesk server.<br>
The keys are generated on the first run of the compose and can be found in
2023-03-12 08:47:19 +00:00
the `rustdesk_data` directory.
Once generated they should be added to the `.env` file for easier migration.
The public key needs to be distributed with the clients apps installation.
2023-03-11 11:54:07 +00:00
2022-11-14 23:50:50 +00:00
# Port forwarding
2022-11-17 16:52:41 +00:00
as can be seen in the compose
* **21115 - 21119** TCP need to be forwarded to docker host<br>
2023-03-11 12:24:28 +00:00
* **21116** is TCP **and UDP**
2022-11-17 16:52:41 +00:00
21115 is used for the NAT type test,
21116/UDP is used for the ID registration and heartbeat service,
21116/TCP is used for TCP hole punching and connection service,
21117 is used for the Relay services,
2023-03-11 12:24:28 +00:00
and 21118 and 21119 are used to support web clients.<br>
2022-11-17 16:52:41 +00:00
[source](https://rustdesk.com/docs/en/self-host/install/)
2022-11-14 23:50:50 +00:00
2022-11-15 22:42:47 +00:00
---
2022-11-14 23:50:50 +00:00
2022-11-15 22:41:45 +00:00
![interface-pic](https://i.imgur.com/CK6pRyq.png)
2023-03-11 11:54:07 +00:00
# The installation on clients
2022-11-15 22:42:47 +00:00
2023-03-11 12:24:28 +00:00
* Download and install the client apps from [the official site](https://rustdesk.com/).
2023-03-12 08:47:19 +00:00
* Three dots > ID/Relay Server
2023-03-11 12:24:28 +00:00
* `ID Server`: rust.example.com
* `Key`: *\<content of id_ed25519.pub\>*
* The green dot at the bottom should be green saying "ready".
2022-11-15 22:35:44 +00:00
2023-03-11 11:54:07 +00:00
![settings-pic](https://i.imgur.com/lX6egMH.png)
2022-11-14 23:50:50 +00:00
2023-03-12 08:47:19 +00:00
**On windows** one
[can deploy](https://rustdesk.com/docs/en/self-host/install/#put-config-in-rustdeskexe-file-name-windows-only)
client with **pre-sets** by renaming the installation file to:
2023-03-11 11:54:07 +00:00
`rustdesk-host=<host-ip-or-name>,key=<public-key-string>.exe`
2022-11-15 22:35:44 +00:00
example: `rustdesk-host=rust.example.com,key=3AVva64bn1ea2vsDuOuQH3i8+2M=.exe`
2022-11-17 16:52:41 +00:00
If by chance the public key contains symbols not usable in windows filenames,
down the container, delete the files `id_ed25519` and `id_ed25519.pub`,
2023-03-11 11:54:07 +00:00
up the container and try with the new keys.
# Extra info
* You really really **really want to be using domain and not your public IP**
2023-03-11 21:14:21 +00:00
when installing clients and setting ID server. That `rust.example.com`
can be changed to point at a different IP any time you want. Hard set IP not.
2023-03-12 08:47:19 +00:00
* Can do `tcpdump -n udp port 21116` on a docker host to **see heartbeat** udp traffic.
2023-03-11 21:14:21 +00:00
Seems machines report-in every \~13 seconds.
2023-03-12 08:47:19 +00:00
* on **windows** a **service** named `rustdesk` is enabled.
2023-03-11 21:14:21 +00:00
Disable it if the machine should be accessible only on demand,
when someone first runs rustdesk manually.<br>
2023-03-11 11:54:07 +00:00
In powershell - `Set-Service rustdesk -StartupType Disabled`
2023-03-11 21:14:21 +00:00
* One can relatively easily
**hardcode server url and pub key in to an executable** using
[github actions.](https://rustdesk.com/docs/en/self-host/hardcode-settings/)<br>
Tested it and it works. But seems you can only do workflow run of nightly build,
2023-03-12 08:47:19 +00:00
meaning all the latest stuff added is included, which means higher chance of bugs.<br>
2023-03-11 21:14:21 +00:00
Make sure you do step *"Enable upload permissions for workflows"*,
before you run the workflow.
2023-03-12 08:47:19 +00:00
* Questions about issues with selfhosting are **not answered** on github -
2023-03-11 12:24:28 +00:00
[#763](https://github.com/rustdesk/rustdesk/discussions/763),
2023-03-12 08:47:19 +00:00
next to try is their [discord](https://discord.com/invite/nDceKgxnkV) or
[subreddit](https://www.reddit.com/r/rustdesk/).
2023-03-11 21:14:21 +00:00
* [FAQ](https://github.com/rustdesk/rustdesk/wiki/FAQ)
* How does [rustdesk work?](https://github.com/rustdesk/rustdesk/wiki/How-does-RustDesk-work%3F)
![logo](https://i.imgur.com/ptfVMtJ.png)
2022-11-14 23:50:50 +00:00
# Trouble shooting
2023-03-11 21:14:21 +00:00
---
2023-03-11 11:54:07 +00:00
#### If just one machine is having issues.
2022-11-17 16:37:10 +00:00
2023-03-11 11:54:07 +00:00
uninstall, plus delete:
2022-11-17 16:37:10 +00:00
* `C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\RustDesk`
* `%AppData%\RustDesk`
2022-11-15 22:35:44 +00:00
2023-03-11 11:54:07 +00:00
Restart. Reinstall.<br>
2023-03-11 12:24:28 +00:00
Do not use the installer you used before, **download** from the site latest.
2023-03-11 11:54:07 +00:00
---
#### Error - Failed to connect to relay server
2023-03-12 08:47:19 +00:00
* I had wrong url set as `RELAY` in the `.env`
* if url is correct I would test if port 21117 tcp forwards
2023-03-11 11:54:07 +00:00
---
#### Investigate port forwarding
Install netcat and tcpdump on the docker host.
* docker compose down rustdesk container so that ports are free to use
2023-03-12 08:47:19 +00:00
* start a small netcat server listening on whichever port we test<br>
2023-03-11 12:24:28 +00:00
`sudo nc -u -vv -l -p 21116`<br>
the `-u` means udp traffic, delete to do tcp
2023-03-11 11:54:07 +00:00
* on a machine somewhere else in the world, not on the same network, try
`nc -u <public-ip> 21116`
2023-03-12 08:47:19 +00:00
If you write something and press enter, it should appear on the other machine, confirming
2023-03-11 11:54:07 +00:00
that port forwarding works.<br>
Also useful command can be `tcpdump -n udp port 21116`<br>
When port forwarding works, one should see heartbeat chatter,
as machines with installed rustdesk are announcing themselves every \~13 seconds.
2022-11-14 23:50:50 +00:00
2023-03-11 21:14:21 +00:00
---
2023-03-11 11:54:07 +00:00
# Manual image update:
2022-11-14 23:50:50 +00:00
- `docker-compose pull`</br>
- `docker-compose up -d`</br>
- `docker image prune`
# Backup and restore
#### Backup
Using [borg](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/borg_backup)
that makes daily snapshot of the entire directory.
#### Restore
* down the bookstack containers `docker-compose down`</br>
* delete the entire bookstack directory</br>
* from the backup copy back the bookstack directory</br>
* start the containers `docker-compose up -d`