rustdesk/rustdesk-server
1
0
Fork 0
mirror of https://github.com/rustdesk/rustdesk-server.git synced 2025-07-01 23:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: rustdesk:1.1.14
Branches Tags
rustdesk:master
rustdesk:1.1.14
rustdesk:1.1.13
rustdesk:1.1.12
rustdesk:1.1.11-1
rustdesk:1.1.11
rustdesk:1.1.10-3
rustdesk:1.1.10-2
rustdesk:1.1.10
rustdesk:1.1.9
rustdesk:1.1.8-2
rustdesk:1.1.8-1
rustdesk:1.1.8
rustdesk:1.1.7-4
rustdesk:1.1.7-3
rustdesk:1.1.7-2
rustdesk:1.1.7-1
rustdesk:1.1.7
rustdesk:1.1.6-2
rustdesk:1.1.6-1
rustdesk:1.1.6
rustdesk:1.1.5-1
rustdesk:1.1.5
rustdesk:1.0.0
...
compare: rustdesk:master
Branches Tags
rustdesk:master
rustdesk:1.1.14
rustdesk:1.1.13
rustdesk:1.1.12
rustdesk:1.1.11-1
rustdesk:1.1.11
rustdesk:1.1.10-3
rustdesk:1.1.10-2
rustdesk:1.1.10
rustdesk:1.1.9
rustdesk:1.1.8-2
rustdesk:1.1.8-1
rustdesk:1.1.8
rustdesk:1.1.7-4
rustdesk:1.1.7-3
rustdesk:1.1.7-2
rustdesk:1.1.7-1
rustdesk:1.1.7
rustdesk:1.1.6-2
rustdesk:1.1.6-1
rustdesk:1.1.6
rustdesk:1.1.5-1
rustdesk:1.1.5
rustdesk:1.0.0

12 Commits
1.1.14 ... master

Author SHA1 Message Date
rustdesk
2c57e51ec5 higher default bandwidth 2025-06-22 15:03:13 +09:00
RustDesk
796a75af5c
Update README.md 2025-06-16 14:46:51 +08:00
rustdesk
f09b79c6da README-ZH.md 2025-06-16 00:23:50 +08:00
rustdesk
1e84478837 simplify doc 2025-06-16 00:23:33 +08:00
RustDesk
2417c7ddd0
Update build.yaml 2025-05-11 20:54:24 +08:00
bato3
235a3c326c
In cargo it is named "rustdesk-utils" (#551) 2025-04-29 20:40:55 +08:00
Guoiaoang
e4c85764f9
fix translation errors (#545) 2025-04-19 09:48:05 +08:00
dependabot[bot]
c650217919
Git submodule: Bump libs/hbb_common from 7cf11f7 to 83419b6 (#524) 
Bumps [libs/hbb_common](https://github.com/rustdesk/hbb_common) from `7cf11f7` to `83419b6`.
- [Commits](7cf11f7b77...83419b6549)

---
updated-dependencies:
- dependency-name: libs/hbb_common
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-07 09:06:09 +08:00
dependabot[bot]
262a1d49f8
Git submodule: Bump libs/hbb_common from 49c6b24 to 7cf11f7 (#523) 
Bumps [libs/hbb_common](https://github.com/rustdesk/hbb_common) from `49c6b24` to `7cf11f7`.
- [Commits](49c6b24a7a...7cf11f7b77)

---
updated-dependencies:
- dependency-name: libs/hbb_common
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 22:45:13 +08:00
XLion
f0a6c3de0b
Create dependabot.yml (#522) 2025-02-24 22:42:23 +08:00
621da3c8fe
fix: 127.0.0.1 is not loopback (#515) 2025-02-06 20:25:10 +08:00
RustDesk
801826f36d
Update build.yaml 2025-01-31 15:11:28 +08:00
11 changed files with 33 additions and 1723 deletions
Show Stats Expand all files Collapse all files

11
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,11 @@
version: 2
updates:
- package-ecosystem: "gitsubmodule"
directory: "/"
target-branch: "master"
schedule:
interval: "daily"
commit-message:
prefix: "Git submodule"
labels:
- "dependencies"

24
.github/workflows/build.yaml vendored
View File

@ -65,7 +65,7 @@ jobs:
run: chmod -v a+x target/${{ matrix.job.target }}/release/*
- name: Publish Artifacts
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: binaries-linux-${{ matrix.job.name }}
path: |
@ -155,7 +155,7 @@ jobs:
recursive: false
- name: Publish Artifacts
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: binaries-windows-x86_64
path: |
@ -187,7 +187,7 @@ jobs:
steps:
- name: Download binaries (${{ matrix.job.os }} - ${{ matrix.job.name }})
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: binaries-${{ matrix.job.os }}-${{ matrix.job.name }}
path: ${{ matrix.job.name }}
@ -230,7 +230,7 @@ jobs:
submodules: recursive
- name: Download binaries
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: binaries-linux-${{ matrix.job.name }}
path: docker/rootfs/usr/bin
@ -307,7 +307,7 @@ jobs:
# manifest for :1.2.3 tag
# this has to run only if invoked by a new tag
- name: Create and push manifest (:ve.rs.ion)
uses: Noelware/docker-manifest-action@master
uses: Noelware/docker-manifest-action@0.4.3
if: github.event_name != 'workflow_dispatch'
with:
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}
@ -316,7 +316,7 @@ jobs:
# manifest for :1 tag (major release)
- name: Create and push manifest (:major)
uses: Noelware/docker-manifest-action@master
uses: Noelware/docker-manifest-action@0.4.3
with:
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-i386
@ -324,7 +324,7 @@ jobs:
# manifest for :latest tag
- name: Create and push manifest (:latest)
uses: Noelware/docker-manifest-action@master
uses: Noelware/docker-manifest-action@0.4.3
with:
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-i386
@ -353,7 +353,7 @@ jobs:
submodules: recursive
- name: Download binaries
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: binaries-linux-${{ matrix.job.name }}
path: docker-classic/
@ -428,7 +428,7 @@ jobs:
# manifest for :1.2.3 tag
# this has to run only if invoked by a new tag
- name: Create and push manifest (:ve.rs.ion)
uses: Noelware/docker-manifest-action@master
uses: Noelware/docker-manifest-action@0.4.3
if: github.event_name != 'workflow_dispatch'
with:
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}
@ -437,7 +437,7 @@ jobs:
# manifest for :1 tag (major release)
- name: Create and push manifest (:major)
uses: Noelware/docker-manifest-action@master
uses: Noelware/docker-manifest-action@0.4.3
with:
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-armv7
@ -445,7 +445,7 @@ jobs:
# manifest for :latest tag
- name: Create and push manifest (:latest)
uses: Noelware/docker-manifest-action@master
uses: Noelware/docker-manifest-action@0.4.3
with:
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-armv7
@ -483,7 +483,7 @@ jobs:
mkdir -p debian-build/${{ matrix.job.name }}/bin
- name: Download binaries
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: binaries-linux-${{ matrix.job.name }}
path: debian-build/${{ matrix.job.name }}/bin

345
README-DE.md
View File

@ -1,345 +0,0 @@
<p align="center">
<a href="#manuelles-erstellen">Erstellen</a>
<a href="#docker-image">Docker</a>
<a href="#s6-overlay-basierte-images">S6-Overlay</a>
<a href="#ein-schlüsselpaar-erstellen">Schlüsselpaar</a>
<a href="#debian-pakete">Debian-Pakete</a>
<a href="#umgebungsvariablen">Umgebungsvariablen</a><br>
[<a href="README.md">English</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server-Programm
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
[**Herunterladen**](https://github.com/rustdesk/rustdesk-server/releases)
[**Handbuch**](https://rustdesk.com/docs/de/self-host/)
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
Hosten Sie Ihren eigenen RustDesk-Server selbst, er ist kostenlos und quelloffen.
## Manuelles Erstellen
```bash
cargo build --release
```
In target/release werden drei ausführbare Dateien erzeugt.
- hbbs - RustDesk ID/Rendezvous-Server
- hbbr - RustDesk Relay-Server
- rustdesk-utils - RustDesk CLI-Utilities
[Hier](https://github.com/rustdesk/rustdesk-server/releases) finden Sie aktualisierte Binärdateien.
Wenn Sie Ihren eigenen Server entwickeln wollen, könnte [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) ein besserer und einfacherer Start für Sie sein als dieses Repository.
## Docker-Image
Docker-Images werden automatisch generiert und bei jedem Github-Release veröffentlicht. Wir haben 2 Arten von Images.
### Klassisches Image
Diese Images sind mit `Ubuntu 20.04` gebaut, mit dem Zusatz der wichtigen Binärdateien (`hbbr` und `hbbs`). Sie sind auf [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) mit diesen Tags verfügbar:
| Architektur | Image:Tag |
| --- | --- |
| amd64 | `rustdesk/rustdesk-server:latest` |
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
Sie können diese Images direkt mit `docker run` mit diesen Befehlen starten:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
Oder ohne `--net=host`, aber die P2P-Direktverbindung kann dann nicht funktionieren.
Bei Systemen, die SELinux verwenden, muss `/root` durch `/root:z` ersetzt werden, damit die Container korrekt laufen. Alternativ kann die SELinux-Containertrennung durch Hinzufügen der Option `--security-opt label=disable` vollständig deaktiviert werden.
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
Der Parameter `relay-server-ip` ist die IP-Adresse (oder der DNS-Name) des Servers, auf dem diese Container laufen. Der **optionale** Parameter `port` muss verwendet werden, wenn Sie einen anderen Port als **21117** für `hbbr` verwenden.
Sie können auch Docker Compose verwenden, wobei diese Konfiguration als Vorlage dient:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
Bearbeiten Sie Zeile 16 so, dass sie auf Ihren Relay-Server verweist (den, der am Port 21117 lauscht). Sie können auch die Zeilen für die Volumes (Zeile 18 und 33) bearbeiten, wenn Sie dies wünschen.
(Die Anerkennung für Docker Compose geht an @lukebarone und @QuiGonLeong.)
## S6-Overlay-basierte Images
Diese Images sind mit `busybox:stable` gebaut, mit dem Zusatz Binärdateien (sowohl hbbr als auch hbbs) und [S6-overlay](https://github.com/just-containers/s6-overlay). Sie sind auf [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) mit diesen Tags verfügbar:
| Architektur | Version | Image:Tag |
| --- | --- | --- |
| multiarch | neueste | `rustdesk/rustdesk-server-s6:latest` |
| amd64 | neueste | `rustdesk/rustdesk-server-s6:latest-amd64` |
| i386 | neueste | `rustdesk/rustdesk-server-s6:latest-i386` |
| arm64v8 | neueste | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
| armv7 | neueste | `rustdesk/rustdesk-server-s6:latest-armv7` |
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
Es wird dringend empfohlen, das Image `multiarch` entweder mit dem Tag `major version` oder `latest` zu verwenden.
Das S6-Overlay fungiert als Supervisor und hält beide Prozesse am Laufen, sodass bei diesem Image keine zwei separaten Container benötigt werden.
Sie können diese Images direkt mit `docker run` mit diesem Befehl starten:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
oder ohne `--net=host`, aber die P2P-Direktverbindung kann dann nicht funktionieren.
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
Oder Sie können eine Docker Compose-Datei verwenden:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
Für dieses Container-Image können Sie diese Umgebungsvariablen verwenden, **zusätzlich** zu den im Abschnitt **Umgebungsvariablen** angegebenen Variablen:
| Variable | optional | Beschreibung |
| --- | --- | --- |
| RELAY | nein | IP-Adresse/DNS-Name des Rechners, auf dem dieser Container läuft |
| ENCRYPTED_ONLY | ja | Wenn auf **1** gesetzt, wird eine unverschlüsselte Verbindung nicht akzeptiert |
| KEY_PUB | ja | Öffentlicher Teil des Schlüsselpaares |
| KEY_PRIV | ja | Privater Teil des Schlüsselpaares |
### Verwaltung von Geheimnissen in S6-Overlay-basierten Images
Sie können das Schlüsselpaar natürlich in einem Docker-Volume aufbewahren, aber empfehlenswert ist, die Schlüssel nicht in das Dateisystem zu schreiben.
Beim Start des Containers wird das Vorhandensein des Schlüsselpaares geprüft (`/data/id_ed25519.pub` und `/data/id_ed25519`). Wenn einer dieser Schlüssel nicht existiert, wird er aus den Umgebungsvariablen oder den Docker-Geheimnissen neu erstellt.
Dann wird die Gültigkeit des Schlüsselpaares überprüft: Wenn öffentlicher und privater Schlüssel nicht übereinstimmen, wird der Container angehalten.
Wenn Sie keine Schlüssel angeben, erzeugt `hbbs` einen für Sie und legt ihn am Standardspeicherort ab.
#### Umgebungsvariablen zum Speichern des Schlüsselpaars verwenden
Sie können Docker-Umgebungsvariablen verwenden, um die Schlüssel zu speichern. Folgen Sie einfach diesen Beispielen:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### Docker-Geheimnisse zum Speichern des Schlüsselpaars verwenden
Sie können alternativ auch Docker-Geheimnisse verwenden, um die Schlüssel zu speichern.
Dies ist nützlich, wenn Sie **Docker Compose** oder **Docker Swarm** verwenden.
Folgen Sie einfach diesem Beispiel:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## Ein Schlüsselpaar erstellen
Für die Verschlüsselung wird ein Schlüsselpaar benötigt, das Sie bereitstellen können, aber Sie benötigen eine Möglichkeit, es zu erstellen.
Mit diesem Befehl können Sie ein Schlüsselpaar erzeugen:
```bash
/usr/bin/rustdesk-utils genkeypair
```
Wenn Sie das Paket `rustdesk-utils` nicht auf Ihrem System installiert haben (oder dies nicht wollen), können Sie den gleichen Befehl mit Docker aufrufen:
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
Die Ausgabe sieht dann etwa so aus:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## Debian-Pakete
Für jede Binärdatei stehen separate Debian-Pakete zur Verfügung, die Sie in [Releases](https://github.com/rustdesk/rustdesk-server/releases) finden können.
Diese Pakete sind für die folgenden Distributionen gedacht:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 11 Bullseye
- Debian 10 Buster
## Umgebungsvariablen
hbbs und hbbr können mit diesen Umgebungsvariablen konfiguriert werden.
Sie können die Variablen wie üblich angeben oder eine `.env`-Datei verwenden.
| Variable | Binärdatei | Beschreibung |
| --- | --- | --- |
| ALWAYS_USE_RELAY | hbbs | Wenn auf **Y** gesetzt, wird eine direkte Verbindung nicht zugelassen. |
| DB_URL | hbbs | Pfad für die Datenbankdatei |
| DOWNGRADE_START_CHECK | hbbr | Verzögerung (in Sekunden) vor der Downgrade-Prüfung |
| DOWNGRADE_THRESHOLD | hbbr | Schwellenwert der Downgrade-Prüfung (Bit/ms)) |
| KEY | hbbs/hbbr | Wenn gesetzt, wird die Verwendung eines bestimmten Schlüssels erzwungen. Wenn auf **_** gesetzt, wird die Verwendung eines beliebigen Schlüssels erzwungen. |
| LIMIT_SPEED | hbbr | Höchstgeschwindigkeit (in Mb/s) |
| PORT | hbbs/hbbr | Lauschender Port (21116 für hbbs - 21117 für hbbr) |
| RELAY_SERVERS | hbbs | IP-Adresse/DNS-Name der Rechner, auf denen hbbr läuft (durch Komma getrennt) |
| RUST_LOG | all | Debug-Level einstellen (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | Maximale Bandbreite für eine einzelne Verbindung (in Mb/s) |
| TOTAL_BANDWIDTH | hbbr | Maximale Gesamtbandbreite (in Mb/s) |

345
README-NL.md
View File

@ -1,345 +0,0 @@
<p align="center">
<a href="#hoe-handmatig-opbouwen">Opbouwen</a>
<a href="#docker-bestanden-images">Docker</a>
<a href="#s6-overlay-gebaseerde-bestanden">S6-Overlay</a>
<a href="#hoe-maak-je-een-key-paar">Key paar</a>
<a href="#deb-pakketten">Debian pakketten</a>
<a href="#env-variabelen">ENV variabelen</a><br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server Programa
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
[**Download**](https://github.com/rustdesk/rustdesk-server/releases)
[**Handleiding**](https://rustdesk.com/docs/nl/self-host/)
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
Zelf uw eigen RustDesk server hosten, het is gratis en open source.
## Hoe handmatig opbouwen
```bash
cargo build --release
```
In target/release worden drie uitvoerbare bestanden gegenereerd.
- hbbs - RustDesk ID/Rendezvous server
- hbbr - RustDesk relay server
- rustdesk-utils - RustDesk CLI hulpprogramma's
U kunt bijgewerkte binaries vinden op [releases](https://github.com/rustdesk/rustdesk-server/releases) pagina.
Als u uw eigen server wilt ontwikkelen, is [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) misschien een betere en eenvoudigere start voor u dan deze repo.
## Docker bestanden (images)
Docker bestanden (images) worden automatisch gegenereerd en gepubliceerd bij elke github release. We hebben 2 soorten bestanden (images).
### Klassiek bestand (image)
Deze bestanden (images) zijn gebouwd voor `ubuntu-20.04` met als enige toevoeging de belangrijkste binaries (`hbbr` en `hbbs`). Ze zijn beschikbaar op [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) met deze tags:
| architectuur | image:tag |
| --- | --- |
| amd64 | `rustdesk/rustdesk-server:latest` |
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
U kunt deze bestanden (images) direct starten via `docker run` met deze commando's:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
of zonder `--net=host`, maar een directe P2P verbinding zal niet werken.
Voor systemen die SELinux gebruiken is het vervangen van `/root` door `/root:z` nodig om de containers correct te laten draaien. Als alternatief kan SELinux containerscheiding volledig worden uitgeschakeld door de optie `--security-opt label=disable` toe te voegen.
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
De `relay-server-ip` parameter is het IP adres (of dns naam) van de server waarop deze containers draaien. De **optionele** `port` parameter moet gebruikt worden als je een andere poort dan **21117** gebruikt voor `hbbr`.
U kunt ook docker-compose gebruiken, met deze configuratie als sjabloon:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
Bewerk regel 16 om te verwijzen naar uw relais-server (degene die luistert op poort 21117). U kunt ook de inhoudsregels (L18 en L33) bewerken indien nodig.
(docker-compose erkenning gaat naar @lukebarone en @QuiGonLeong)
## S6-overlay gebaseerde bestanden
Deze bestanden (images) zijn gebouwd tegen `busybox:stable` met toevoeging van de binaries (zowel hbbr als hbbs) en [S6-overlay](https://github.com/just-containers/s6-overlay). Ze zijn beschikbaar op [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) met deze tags:
| architectuur | versie | image:tag |
| --- | --- | --- |
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
Je wordt sterk aangeraden om het `multiarch` bestand (image) te gebruiken met de `major version` of `latest` tag.
De S6-overlay fungeert als supervisor en houdt beide processen draaiende, dus met dit bestand (image) is het niet nodig om twee aparte draaiende containers te hebben.
U kunt deze bestanden (images) direct starten via `docker run` met dit commando:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
of zonder `--net=host`, maar een directe P2P verbinding zal niet werken.
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
Of u kunt een docker-compose bestand gebruiken:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
Voor dit container bestand (image) kunt u deze omgevingsvariabelen gebruiken, **naast** de variabelen in de volgende **ENV-variabelen** sectie:
| variabele | optioneel | beschrijving |
| --- | --- | --- |
| RELAY | no | het IP-adres/DNS-naam van de machine waarop deze container draait |
| ENCRYPTED_ONLY | yes | indien ingesteld op **"1"** wordt een niet-versleutelde verbinding niet geaccepteerd |
| KEY_PUB | yes | het openbare deel van het key paar |
| KEY_PRIV | yes | het private deel van het key paar |
### Geheim beheer in S6-overlay gebaseerde bestanden (images)
U kunt uiteraard het key paar bewaren in een docker volume, maar de optimale werkwijzen vertellen u om de keys niet op het bestandssysteem te schrijven; dus bieden we een paar opties.
Bij het opstarten van de container wordt de aanwezigheid van het key paar gecontroleerd (`/data/id_ed25519.pub` en `/data/id_ed25519`) en als een van deze keys niet bestaat, wordt deze opnieuw aangemaakt vanuit ENV variabelen of docker secrets.
Vervolgens wordt de geldigheid van het key paar gecontroleerd: indien publieke en private keys niet overeenkomen, stopt de container.
Als je geen keys opgeeft, zal `hbbs` er een voor je genereren en op de standaard locatie plaatsen.
#### Gebruik ENV om het key paar op te slaan
U kunt docker omgevingsvariabelen gebruiken om de keys op te slaan. Volg gewoon deze voorbeelden:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### Gebruik Docker secrets om het key paar op te slaan
U kunt ook docker secrets gebruiken om de keys op te slaan.
Dit is handig als je **docker-compose** of **docker swarm** gebruikt.
Volg deze voorbeelden:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## Hoe maak je een key paar
Een key paar is nodig voor encryptie; u kunt het verstrekken, zoals eerder uitgelegd, maar u heeft een manier nodig om er een te maken.
U kunt dit commando gebruiken om een key paar te genereren:
```bash
/usr/bin/rustdesk-utils genkeypair
```
Als u het pakket `rustdesk-utils` niet op uw systeem hebt staan (of wilt), kunt u hetzelfde commando met docker uitvoeren:
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
De uitvoer ziet er ongeveer zo uit:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## .deb pakketten
Voor elke binary zijn aparte .deb-pakketten beschikbaar, u kunt ze vinden in de [releases](https://github.com/rustdesk/rustdesk-server/releases).
Deze pakketten zijn bedoeld voor de volgende distributies:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 11 bullseye
- Debian 10 buster
## ENV variabelen
hbbs en hbbr kunnen worden geconfigureerd met deze ENV-variabelen.
U kunt de variabelen zoals gebruikelijk opgeven of een `.env` bestand gebruiken.
| variabele | binary | beschrijving |
| --- | --- | --- |
| ALWAYS_USE_RELAY | hbbs | indien ingesteld op **"Y"** wordt directe peer-verbinding niet toegestaan |
| DB_URL | hbbs | path voor database bestand |
| DOWNGRADE_START_CHECK | hbbr | vertraging (in seconden) voor downgrade-controle |
| DOWNGRADE_THRESHOLD | hbbr | drempel van downgrade controle (bit/ms) |
| KEY | hbbs/hbbr | indien ingesteld forceert dit het gebruik van een specifieke toets, indien ingesteld op **"_"** forceert dit het gebruik van een willekeurige toets |
| LIMIT_SPEED | hbbr | snelheidslimiet (in Mb/s) |
| PORT | hbbs/hbbr | luister-poort (21116 voor hbbs - 21117 voor hbbr) |
| RELAY_SERVERS | hbbs | IP-adres/DNS-naam van de machines waarop hbbr draait (gescheiden door komma) |
| RUST_LOG | all | debug-niveau instellen (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | maximale bandbreedte voor een enkele verbinding (in Mb/s) |
| TOTAL_BANDWIDTH | hbbr | maximale totale bandbreedte (in Mb/s) |

347
README-TW.md
View File

@ -1,347 +0,0 @@
<p align="center">
<a href="#如何自行建置">自行建置</a>
<a href="#Docker-映像檔">Docker</a>
<a href="#基於-S6-overlay-的映象檔">S6-overlay</a>
<a href="#如何建立金鑰對">金鑰對</a>
<a href="#deb-套件">Debian</a>
<a href="#ENV-環境參數">環境參數</a><br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server Program
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
[**下載**](https://github.com/rustdesk/rustdesk-server/releases)
[**說明文件**](https://rustdesk.com/docs/zh-tw/self-host/)
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
自行建置屬於您自己的 RustDesk 伺服器,它是免費的且開源。
## 如何自行建置
```bash
cargo build --release
```
在 target/release 中會產生三個可執行檔。
- hbbs - RustDesk ID/會合伺服器
- hbbr - RustDesk 中繼伺服器
- rustdesk-utils - RustDesk 命令行工具
您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 頁面上找到更新的執行檔。
如果您需要額外功能,[RustDesk 專業版伺服器](https://rustdesk.com/pricing.html) 或許更適合您。
如果您想開發自己的伺服器,[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 可能是一個比這個倉庫更好、更簡單的開始。
## Docker 映像檔
Docker 映像檔會在每次 GitHub 發布時自動生成並發布。我們有兩種映像檔。
### Classic 映像檔
這些映像檔是基於 `ubuntu-20.04` 建置的,僅添加了兩個主要的執行檔(`hbbr``hbbs`)。它們可在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上取得帶有以下tags
| 架構 | image:tag |
| ------- | ----------------------------------------- |
| amd64 | `rustdesk/rustdesk-server:latest` |
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
您可以使用以下指令,直接透過 ``docker run`` 來啟動這些映像檔:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
或刪去 `--net=host` 但 P2P 直接連線會無法運作。
對於使用 SELinux 的系統,需要將 ``/root`` 替換為 ``/root:z``,以便容器正確運行。或者,也可以通過添加選項 ``--security-opt label=disable`` 完全禁用 SELinux 容器隔離。
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
`relay-server-ip` 參數是執行這些容器的伺服器的 IP 地址(或 DNS 名稱)。如果您為 `hbbr` 使用的端口不是 **21117**,則必須使用 **可選**`port` 參數。
您也可以使用 docker-compose 使用這個設定做為範例:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
請編輯第 16 行,將其指向您的中繼伺服器 (監聽端口 21117 那一個)。 如果需要的話,您也可以編輯 volume (第 18 和 33 行)。
(感謝 @lukebarone@QuiGonLeong 協助提供 docker-compose 的設定範例)
## 基於 S6-overlay 的映象檔
這些映象檔是針對 `busybox:stable` 建置的並添加了執行檔hbbr 和 hbbs以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它們在以及這些 tags 在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 可用:
| 架構 | version | image:tag |
| --------- | ------- | -------------------------------------------- |
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
強烈建議您使用 `multiarch` 映象檔 可以選擇使用 `major version``latest` tags。
S6-overlay 在此充當監督程序,保持兩個進程運行,因此使用此映象檔,您無需運行兩個獨立的容器。
您可以直接使用以下命令使用 `docker run` 來啟動這個映象檔:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或刪去 `--net=host` 但 P2P 直接連線會無法運作。
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或是您可以使用 docker-compose 文件:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
對於此容器映象檔,您可以使用這些環境變數,**除了**以下**環境變數**部分指定的那些。
| 環境變數 | 是否可選 | 敘述 |
| -------------- | -------- | ------------------------------------------ |
| RELAY | 否 | 運行此容器的機器的 IP 地址/ DNS 名稱 |
| ENCRYPTED_ONLY | 是 | 如果設置為 **"1"**,將不接受未加密的連接。 |
| KEY_PUB | 是 | 金鑰對中的公鑰Public Key |
| KEY_PRIV | 是 | 金鑰對中的私鑰Private Key |
### 在基於 S6-overlay 的 Secret 管理
您可以將金鑰對保存在 Docker volume 中,但最佳實踐建議不要將金鑰寫入文件系統;因此,我們提供了一些選項。
在容器啟動時,會檢查金鑰對的是否存在(`/data/id_ed25519.pub``/data/id_ed25519`),如果其中一個金鑰不存在,則會從環境變數或 Docker Secret 重新生成它。
然後檢查金鑰對的有效性:如果公鑰和私鑰不匹配,容器將停止運行。
如果您未提供金鑰,`hbbs` 將為您產生一個,並將其放置在默認位置。
#### 使用 ENV 存儲金鑰對
您可以使用 Docker 環境變數來儲存金鑰。只需按照以下範例操作:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### 使用 Docker Secret 來儲存金鑰對
您還可以使用 Docker Secret來儲存金鑰。
如果您使用 **docker-compose****docker swarm**,這很有用。
只需按照以下示例操作:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## 如何建立金鑰對
加密需要一對金鑰;您可以按照前面所述提供它,但需要一種生成金鑰對的方法。
您可以使用以下命令生成一對金鑰:
```bash
/usr/bin/rustdesk-utils genkeypair
```
如果您沒有(或不想)在系統上安裝 `rustdesk-utils` 套件,您可以使用 Docker執行相同的命令
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
輸出將類似於以下內容:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## .deb 套件
每個執行檔都有單獨的 .deb 套件可供使用,您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 中找到它們。
這些套件適用於以下發行版:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 11 bullseye
- Debian 10 buster
## ENV 環境參數
可以使用這些 ENV 參數來配置 hbbs 和 hbbr。
您可以像往常一樣指定參數,或者使用 .env 文件。
| 參數 | 執行檔 | 敘述 |
| --------------------- | --------- | -------------------------------------------------------------------- |
| ALWAYS_USE_RELAY | hbbs | 如果設為 **"Y"**,禁止直接點對點連接 |
| DB_URL | hbbs | 資料庫的路徑 |
| DOWNGRADE_START_CHECK | hbbr | 降級檢查之前的延遲時間(以秒為單位) |
| DOWNGRADE_THRESHOLD | hbbr | 降級檢查的閾值bit/ms |
| KEY | hbbs/hbbr | 如果設置了,將強制使用特定金鑰,如果設為 **"_"**,則強制使用任何金鑰 |
| LIMIT_SPEED | hbbr | 速度限制以Mb/s為單位 |
| PORT | hbbs/hbbr | 監聽端口hbbs為21116hbbr為21117 |
| RELAY_SERVERS | hbbs | 運行hbbr的機器的IP地址/DNS名稱用逗號分隔 |
| RUST_LOG | all | 設定 debug level (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | 單個連接的最大頻寬以Mb/s為單位 |
| TOTAL_BANDWIDTH | hbbr | 最大總頻寬以Mb/s為單位 |

348
README-ZH.md
View File

@ -1,348 +0,0 @@
<p align="center">
<a href="#如何自行构建">自行构建</a>
<a href="#Docker-镜像">Docker</a>
<a href="#基于-S6-overlay-的镜像">S6-overlay</a>
<a href="#如何创建密钥">密钥</a>
<a href="#deb-套件">Debian</a>
<a href="#ENV-环境参数">环境参数</a><br>
[<a href="README.md">English</a>] | [<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁体中文</a>]<br>
</p>
# RustDesk Server Program
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
[**下载**](https://github.com/rustdesk/rustdesk-server/releases)
[**说明文件**](https://rustdesk.com/docs/zh-cn/self-host/)
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
自行搭建属于你的RustDesk服务器,所有的一切都是免费且开源的
## 如何自行构建
```bash
cargo build --release
```
执行后会在target/release目录下生成三个对应平台的可执行程序
- hbbs - RustDesk ID/会和服务器
- hbbr - RustDesk 中继服务器
- rustdesk-utils - RustDesk 命令行工具
您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到最新的服务端软件。
如果您需要额外的功能支持,[RustDesk 专业版服务器](https://rustdesk.com/pricing.html) 获取更适合您。
如果您想开发自己的服务器,[rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) 应该会比直接使用这个仓库更简单快捷。
## Docker 镜像
Docker镜像会在每次 GitHub 发布新的release版本时自动构建。我们提供两种类型的镜像。
### Classic 传统镜像
这个类型的镜像是基于 `ubuntu-20.04` 进行构建,镜像仅包含两个主要的可执行程序(`hbbr``hbbs`。它们可以通过以下tag在 [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) 上获得:
| 架构 | image:tag |
|---------| ----------------------------------------- |
| amd64 | `rustdesk/rustdesk-server:latest` |
| arm64v8 | `rustdesk/rustdesk-server:latest-arm64v8` |
您可以使用以下命令,直接通过 ``docker run`` 來启动这些镜像:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
或不使用 `--net=host` 参数启动, 但这样 P2P 直连功能将无法工作。
对于使用了 SELinux 的系统,您需要将 ``/root`` 替换为 ``/root:z``,以保证容器的正常运行。或者,也可以通过添加参数 ``--security-opt label=disable`` 来完全禁用 SELinux 容器隔离。
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
`relay-server-ip` 参数是运行这些容器的服务器的 IP 地址(或 DNS 名称)。如果你不想使用 **21117** 作为 `hbbr` 的服务端口,可使用可选参数 `port` 进行指定。
您也可以使用 docker-compose 进行构建,以下为配置示例:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
编辑第16行来指定你的中继服务器 (默认端口监听在 21117 的那一个)。 如果需要的话,您也可以编辑 volume 信息 (第 18 和 33 行)。
(感谢 @lukebarone@QuiGonLeong 协助提供的 docker-compose 配置示例)
## 基于 S6-overlay 的镜像
> 这些镜像是针对 `busybox:stable` 构建的并添加了可执行程序hbbr 和 hbbs以及 [S6-overlay](https://github.com/just-containers/s6-overlay)。 它们可以使用以下tag在 [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) 上获取:
| 架構 | version | image:tag |
| --------- | ------- | -------------------------------------------- |
| multiarch | latest | `rustdesk/rustdesk-server-s6:latest` |
| amd64 | latest | `rustdesk/rustdesk-server-s6:latest-amd64` |
| i386 | latest | `rustdesk/rustdesk-server-s6:latest-i386` |
| arm64v8 | latest | `rustdesk/rustdesk-server-s6:latest-arm64v8` |
| armv7 | latest | `rustdesk/rustdesk-server-s6:latest-armv7` |
| multiarch | 2 | `rustdesk/rustdesk-server-s6:2` |
| amd64 | 2 | `rustdesk/rustdesk-server-s6:2-amd64` |
| i386 | 2 | `rustdesk/rustdesk-server-s6:2-i386` |
| arm64v8 | 2 | `rustdesk/rustdesk-server-s6:2-arm64v8` |
| armv7 | 2 | `rustdesk/rustdesk-server-s6:2-armv7` |
| multiarch | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0` |
| amd64 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-amd64` |
| i386 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-i386` |
| arm64v8 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-arm64v8` |
| armv7 | 2.0.0 | `rustdesk/rustdesk-server-s6:2.0.0-armv7` |
强烈建议您使用`major version``latest` tag 的 `multiarch` 架构的镜像。
S6-overlay 在此处作为监控程序,用以保证两个进程的运行,因此使用此镜像,您无需运行两个容器。
您可以使用 `docker run` 命令直接启动镜像,如下:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或刪去 `--net=host` 参数, 但 P2P 直连功能将无法工作。
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
或着您也可以使用 docker-compose 文件:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
对于此容器镜像,除了在下面的环境变量部分指定的变量之外,您还可以使用以下`环境变量`
| 环境变量 | 是否可选 | 描述 |
|----------------|------|--------------------------|
| RELAY | 否 | 运行此容器的宿主机的 IP 地址/ DNS 名称 |
| ENCRYPTED_ONLY | 是 | 如果设置为 **"1"**,将不接受未加密的连接。 |
| KEY_PUB | 是 | 密钥对中的公钥Public Key |
| KEY_PRIV | 是 | 密钥对中的私钥Private Key |
### 基于 S6-overlay 镜像的密钥管理
您可以将密钥对保存在 Docker volume 中,但我们建议不要将密钥写入文件系統中;因此,我们提供了一些方案。
在容器启动时,会检查密钥对是否存在(`/data/id_ed25519.pub``/data/id_ed25519`),如果其中一個密钥不存在,则会从环境变量或 Docker Secret 中重新生成它。
然后检查密钥对的可用性:如果公钥和私钥不匹配,容器将停止运行。
如果您未提供密钥,`hbbs` 将会在默认位置生成一个。
#### 使用 ENV 存储密钥对
您可以使用 Docker 环境变量來存储密钥。如下:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### 使用 Docker Secret 來保存密钥对
您还可以使用 Docker Secret 來保存密钥。
如果您使用 **docker-compose****docker swarm**,推荐您使用。
只需按照以下示例操作:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## 如何生成密钥对
加密需要一对密钥;您可以按照前面所述提供它,但需要一个工具去生成密钥对。
您可以使用以下命令生成一对密钥:
```bash
/usr/bin/rustdesk-utils genkeypair
```
如果您沒有(或不想)在系统上安装 `rustdesk-utils` 套件,您可以使用 Docker 执行相同的命令:
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
运行后的输出内容如下:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## .deb 套件
每个可执行文件都有单独的 .deb 套件可供使用,您可以在 [releases](https://github.com/rustdesk/rustdesk-server/releases) 页面中找到它們。
這些套件适用于以下发行版:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 11 bullseye
- Debian 10 buster
## ENV 环境变量
可以使用这些`环境变量`参数來配置 hbbs 和 hbbr。
您可以像往常一样指定参数,或者使用 .env 文件。
| 参数 | 可执行文件 | 描述 |
|-----------------------|---------------|--------------------------------------------------|
| ALWAYS_USE_RELAY | hbbs | 如果设定为 **"Y"**,将关闭直接点对点连接功能 |
| DB_URL | hbbs | 数据库配置 |
| DOWNGRADE_START_CHECK | hbbr | 降级检查之前的延迟是啊尽(以秒为单位) |
| DOWNGRADE_THRESHOLD | hbbr | 降级检查的阈值bit/ms |
| KEY | hbbs/hbbr | 如果设置了此参数,将强制使用指定密钥对,如果设为 **"_"**,则强制使用任意密钥 |
| LIMIT_SPEED | hbbr | 速度限制以Mb/s为单位 |
| PORT | hbbs/hbbr | 监听端口hbbs为21116hbbr为21117 |
| RELAY_SERVERS | hbbs | 运行hbbr的机器的IP地址/DNS名称用逗号分隔 |
| RUST_LOG | all | 设置 debug level (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | 单个连接的最大带宽以Mb/s为单位 |
| TOTAL_BANDWIDTH | hbbr | 最大总带宽以Mb/s为单位 |

325
README.md
View File

@ -1,13 +1,3 @@
<p align="center">
<a href="#how-to-build-manually">Manually</a>
<a href="#docker-images">Docker</a>
<a href="#s6-overlay-based-images">S6-overlay</a>
<a href="#how-to-create-a-keypair">Keypair</a>
<a href="#deb-packages">Debian</a>
<a href="#env-variables">Variables</a><br>
[<a href="README-DE.md">Deutsch</a>] | [<a href="README-NL.md">Nederlands</a>] | [<a href="README-TW.md">繁體中文</a>] | [<a href="README-ZH.md">简体中文</a>]<br>
</p>
# RustDesk Server Program
[![build](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml/badge.svg)](https://github.com/rustdesk/rustdesk-server/actions/workflows/build.yaml)
@ -18,6 +8,8 @@
[**FAQ**](https://github.com/rustdesk/rustdesk/wiki/FAQ)
[**How to migrate OSS to Pro**](https://rustdesk.com/docs/en/self-host/rustdesk-server-pro/installscript/#convert-from-open-source)
Self-host your own RustDesk server, it is free and open source.
## How to build manually
@ -38,317 +30,8 @@ If you want extra features, [RustDesk Server Pro](https://rustdesk.com/pricing.h
If you want to develop your own server, [rustdesk-server-demo](https://github.com/rustdesk/rustdesk-server-demo) might be a better and simpler start for you than this repo.
## Docker images
## Installation
Docker images are automatically generated and published to [Docker Hub](https://hub.docker.com/r/rustdesk) and [GitHub Container Registry](https://github.com/rustdesk?tab=packages&repo_name=rustdesk-server) on every GitHub release. We have 2 kind of images.
Please follow this [doc](https://rustdesk.com/docs/en/self-host/rustdesk-server-oss/)
### Classic image
These images are built from scratch with two main binaries (`hbbs` and `hbbr`). They're available on [Docker Hub](https://hub.docker.com/r/rustdesk/rustdesk-server/) and [GitHub Container Registry](https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) with these architectures:
* amd64
* arm64v8
* armv7
You could use `latest` tag or major version tag `1` with supported architectures:
| Version | image:tag |
| ------------- | --------------------------------- |
| latest | `rustdesk/rustdesk-server:latest` |
| Major version | `rustdesk/rustdesk-server:1` |
You can start these images directly with `docker run` with these commands:
```bash
docker run --name hbbs --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr --net=host -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
or without `--net=host`, but P2P direct connection can not work.
For systems using SELinux, replacing `/root` by `/root:z` is required for the containers to run correctly. Alternatively, SELinux container separation can be disabled completely adding the option `--security-opt label=disable`.
```bash
docker run --name hbbs -p 21115:21115 -p 21116:21116 -p 21116:21116/udp -p 21118:21118 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbs -r <relay-server-ip[:port]>
docker run --name hbbr -p 21117:21117 -p 21119:21119 -v "$PWD/data:/root" -d rustdesk/rustdesk-server:latest hbbr
```
The `relay-server-ip` parameter is the IP address (or dns name) of the server running these containers. The **optional** `port` parameter has to be used if you use a port different than **21117** for `hbbr`.
You can also use docker-compose, using this configuration as a template:
```yaml
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r rustdesk.example.com:21117
volumes:
- ./data:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr
volumes:
- ./data:/root
networks:
- rustdesk-net
restart: unless-stopped
```
Edit line 16 to point to your relay server (the one listening on port 21117). You can also edit the volume lines (line 18 and line 33) if you need.
(docker-compose credit goes to @lukebarone and @QuiGonLeong)
> [!NOTE]
> The rustdesk/rustdesk-server:latest in China may be replaced with the latest version number on Docker Hub, such as `rustdesk-server:1.1.10-3`. Otherwise, the old version may be pulled due to image acceleration.
> [!NOTE]
> If you are experiencing issues pulling from Docker Hub, try pulling from the [GitHub Container Registry](https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) instead.
## S6-overlay based images
These images are build against `busybox:stable` with the addition of the binaries (both `hbbs` and `hbbr`) and [S6-overlay](https://github.com/just-containers/s6-overlay). They're available on [Docker hub](https://hub.docker.com/r/rustdesk/rustdesk-server-s6/) and [GitHub Container Registry](https://github.com/rustdesk/rustdesk-server/pkgs/container/rustdesk-server) with these architectures:
* amd64
* i386
* arm64v8
* armv7
You could use `latest` tag or major version tag `1` with supported architectures:
| Version | image:tag |
| ------------- | ------------------------------------ |
| latest | `rustdesk/rustdesk-server-s6:latest` |
| Major version | `rustdesk/rustdesk-server-s6:1` |
The S6-overlay acts as a supervisor and keeps both process running, so with this image, there's no need to have two separate running containers.
You can start these images directly with `docker run` with this command:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
or without `--net=host`, but P2P direct connection cannot work.
```bash
docker run --name rustdesk-server \
-p 21115:21115 -p 21116:21116 -p 21116:21116/udp \
-p 21117:21117 -p 21118:21118 -p 21119:21119 \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-v "$PWD/data:/data" -d rustdesk/rustdesk-server-s6:latest
```
Or you can use a docker-compose file:
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
volumes:
- ./data:/data
restart: unless-stopped
```
For this container image, you can use these environment variables, **in addition** to the ones specified in the following **ENV variables** section:
| variable | optional | description |
| --- | --- | --- |
| RELAY | no | the IP address/DNS name of the machine running this container |
| ENCRYPTED_ONLY | yes | if set to **"1"** unencrypted connection will not be accepted |
| KEY_PUB | yes | public part of the key pair |
| KEY_PRIV | yes | private part of the key pair |
### Secret management in S6-overlay based images
You can obviously keep the key pair in a docker volume, but the best practices tells you to not write the keys on the filesystem; so we provide a couple of options.
On container startup, the presence of the keypair is checked (`/data/id_ed25519.pub` and `/data/id_ed25519`) and if one of these keys doesn't exist, it's recreated from ENV variables or docker secrets.
Then the validity of the keypair is checked: if public and private keys doesn't match, the container will stop.
If you provide no keys, `hbbs` will generate one for you, and it'll place it in the default location.
#### Use ENV to store the key pair
You can use docker environment variables to store the keys. Just follow this examples:
```bash
docker run --name rustdesk-server \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
-e "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ==" \
-e "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE=" \
-v "$PWD/db:/db" -d rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
- "KEY_PRIV=FR2j78IxfwJNR+HjLluQ2Nh7eEryEeIZCwiQDPVe+PaITKyShphHAsPLn7So0OqRs92nGvSRdFJnE2MSyrKTIQ=="
- "KEY_PUB=iEyskoaYRwLDy5+0qNDqkbPdpxr0kXRSZxNjEsqykyE="
volumes:
- ./db:/db
restart: unless-stopped
```
#### Use Docker secrets to store the key pair
You can alternatively use docker secrets to store the keys.
This is useful if you're using **docker-compose** or **Docker Swarm**.
Just follow this examples:
```bash
cat secrets/id_ed25519.pub | docker secret create key_pub -
cat secrets/id_ed25519 | docker secret create key_priv -
docker service create --name rustdesk-server \
--secret key_priv --secret key_pub \
--net=host \
-e "RELAY=rustdeskrelay.example.com" \
-e "ENCRYPTED_ONLY=1" \
-e "DB_URL=/db/db_v2.sqlite3" \
--mount "type=bind,source=$PWD/db,destination=/db" \
rustdesk/rustdesk-server-s6:latest
```
```yaml
version: '3'
services:
rustdesk-server:
container_name: rustdesk-server
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21117:21117
- 21118:21118
- 21119:21119
image: rustdesk/rustdesk-server-s6:latest
environment:
- "RELAY=rustdesk.example.com:21117"
- "ENCRYPTED_ONLY=1"
- "DB_URL=/db/db_v2.sqlite3"
volumes:
- ./db:/db
restart: unless-stopped
secrets:
- key_pub
- key_priv
secrets:
key_pub:
file: secrets/id_ed25519.pub
key_priv:
file: secrets/id_ed25519
```
## How to create a keypair
A keypair is needed for encryption; you can provide it, as explained before, but you need a way to create one.
You can use this command to generate a keypair:
```bash
/usr/bin/rustdesk-utils genkeypair
```
If you don't have (or don't want) the `rustdesk-utils` package installed on your system, you can invoke the same command with docker:
```bash
docker run --rm --entrypoint /usr/bin/rustdesk-utils rustdesk/rustdesk-server-s6:latest genkeypair
```
The output will be something like this:
```text
Public Key: 8BLLhtzUBU/XKAH4mep3p+IX4DSApe7qbAwNH9nv4yA=
Secret Key: egAVd44u33ZEUIDTtksGcHeVeAwywarEdHmf99KM5ajwEsuG3NQFT9coAfiZ6nen4hfgNICl7upsDA0f2e/jIA==
```
## .deb packages
Separate .deb packages are available for each binary, you can find them in the [Releases](https://github.com/rustdesk/rustdesk-server/releases).
These packages are meant for the following distributions:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Debian 12 bookworm
- Debian 11 bullseye
- Debian 10 buster
## ENV variables
`hbbs` and `hbbr` can be configured using these ENV variables.
You can specify the variables as usual or use an `.env` file.
| variable | binary | description |
| --- | --- | --- |
| ALWAYS_USE_RELAY | hbbs | if set to **"Y"** disallows direct peer connection |
| DB_URL | hbbs | path for database file |
| DOWNGRADE_START_CHECK | hbbr | delay (in seconds) before downgrade check |
| DOWNGRADE_THRESHOLD | hbbr | threshold of downgrade check (bit/ms) |
| KEY | hbbs/hbbr | if set force the use of a specific key, if set to **"_"** force the use of any key |
| LIMIT_SPEED | hbbr | speed limit (in Mb/s) |
| PORT | hbbs/hbbr | listening port (21116 for hbbs - 21117 for hbbr) |
| RELAY | hbbs | IP address/DNS name of the machines running hbbr (separated by comma) |
| RUST_LOG | all | set debug level (error\|warn\|info\|debug\|trace) |
| SINGLE_BANDWIDTH | hbbr | max bandwidth for a single connection (in Mb/s) |
| TOTAL_BANDWIDTH | hbbr | max total bandwidth (in Mb/s) |

1
libs/hbb_common

@ -1 +0,0 @@
Subproject commit 49c6b24a7a8c39d4448e07b743007ef1a3febd43

1
libs/hbb_common Normal file
View File

@ -0,0 +1 @@
83419b6549636ee39dacef7776c473f5802e08d6

4
src/relay_server.rs
View File

@ -39,9 +39,9 @@ lazy_static::lazy_static! {
static DOWNGRADE_THRESHOLD_100: AtomicUsize = AtomicUsize::new(66); // 0.66
static DOWNGRADE_START_CHECK: AtomicUsize = AtomicUsize::new(1_800_000); // in ms
static LIMIT_SPEED: AtomicUsize = AtomicUsize::new(4 * 1024 * 1024); // in bit/s
static LIMIT_SPEED: AtomicUsize = AtomicUsize::new(32 * 1024 * 1024); // in bit/s
static TOTAL_BANDWIDTH: AtomicUsize = AtomicUsize::new(1024 * 1024 * 1024); // in bit/s
static SINGLE_BANDWIDTH: AtomicUsize = AtomicUsize::new(16 * 1024 * 1024); // in bit/s
static SINGLE_BANDWIDTH: AtomicUsize = AtomicUsize::new(128 * 1024 * 1024); // in bit/s
const BLACKLIST_FILE: &str = "blacklist.txt";
const BLOCKLIST_FILE: &str = "blocklist.txt";

3
src/rendezvous_server.rs
View File

@ -1056,7 +1056,8 @@ impl RendezvousServer {
async fn handle_listener2(&self, stream: TcpStream, addr: SocketAddr) {
let mut rs = self.clone();
if addr.ip().is_loopback() {
let ip = try_into_v4(addr).ip();
if ip.is_loopback() {
tokio::spawn(async move {
let mut stream = stream;
let mut buffer = [0; 1024];

2
src/utils.rs
View File

@ -10,7 +10,7 @@ use std::{
fn print_help() {
println!(
"Usage:
rustdesk-util [command]\n
rustdesk-utils [command]\n
Available Commands:
genkeypair Generate a new keypair
validatekeypair [public key] [secret key] Validate an existing keypair