towonel: A Self-Hosted Tunnel That Doesn't Read Your Traffic — Erwan Leboucher
erwanleboucher.dev
Cloudflare Tunnel decrypts everything. Towonel doesn't.

So you don’t want to port-forward on your home router or have Cloudflare decrypt all your traffic? Check out Towonel.

Most open source Cloudflare Tunnel alternatives involve setting up a VPS, terminating TLS there on a reverse proxy, then setting up a Wireguard tunnel to your server at home.

Towonel is different: it does not decrypt your traffic on the VPS and you can easily share one, so not every self-hoster has to buy and maintain a VPS.

Check it out!

Mastodon link: https://gts.erwanleboucher.dev/@eleboucher/statuses/01KS4YNA2SYMSP0FSKJVNJA155

  • Deebster@infosec.pubEnglish
    16·
    7 hours ago

    So I built towonel. In Rust, partly because I wanted to learn the language properly

    This bit makes me a little wary.

    • atomicbocks@sh.itjust.worksEnglish
      4·
      3 hours ago

      Why? I didn’t know python until one of my clients decided they would only use it for everything going forward. It took me all of a day to start converting C# code and this was a decade before LLMs.

      Knowledge of a specific language does not reflect development skill.

      • MinFapper@startrek.websiteEnglish
        11·
        3 hours ago

        Yes, but ported C# usually doesn’t make for the most idiomatic Python.

        99% of the time that doesn’t matter, but a highly security sensitive reverse proxy shared by multiple users most likely part of the stack to be attacked might be an exception.