From 43c493d8f83b6e7039807f6ffb8d6aaee9a8e7ae Mon Sep 17 00:00:00 2001 From: Trevor Atkinson Date: Sun, 4 Jan 2026 22:56:32 -0700 Subject: [PATCH 1/4] update quick start docs --- .gitignore | 2 + Makefile | 89 ++++++++++++++++++---- README.md | 33 +++++++- local.compose.yaml | 0 scripts/generate_certs.sh | 2 - docker-compose.yaml => tunnel.compose.yaml | 0 6 files changed, 105 insertions(+), 21 deletions(-) create mode 100644 local.compose.yaml delete mode 100755 scripts/generate_certs.sh rename docker-compose.yaml => tunnel.compose.yaml (100%) diff --git a/.gitignore b/.gitignore index 75a4c9c..6905b90 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ .certs .local-volumes + +bin \ No newline at end of file diff --git a/Makefile b/Makefile index 66ab880..61097b9 100644 --- a/Makefile +++ b/Makefile @@ -1,40 +1,97 @@ # binary build command args -BINARY ?= cli -BIN_OUT ?= bin/$BINARY +BINARY ?= dino +BIN_OUT ?= bin/$(BINARY) +ABS_BIN_PATH := $(shell pwd)/$(BIN_OUT) + +CERT_OUT ?= .certs # version control docker build args GO_VERSION ?= "1.25.5" ALPINE_VERSION ?= "3.23" +DINO_HOSTNAME ?= tunnel.dino.local + # fips at build time # on : enable # off : disable FIPS_MODE ?= "on" +.PHONY: protos lint test cli server tunnel certs all + +.PHONY: clean +clean: + @rm -rf .certs .local-volumes + @mkdir -p .certs .local-volumes .local-volumes/pgdata + +certs: + @echo "Generating ECDSA P-256 certs for $(DINO_HOSTNAME)..." \ + mkdir -p $(CERT_OUT) \ + openssl req -x509 -nodes -days 365 \ + -newkey ec:<(openssl ecparam -name prime256v1) \ + -keyout $(CERT_OUT)/backend.key \ + -out $(CERT_OUT)/backend.cert \ + -sha384 \ + -subj "/C=US/ST=State/L=City/O=Dev/CN=$(DINO_HOSTNAME)" \ + chmod 0644 $(CERT_OUT)/backend.cert $(CERT_OUT)/backend.key + protos: - protoc --go_out=. --go_opt=paths=source_relative \ - --go-grpc_out=. --go-grpc_opt=paths=source_relative \ - pb/tunnels/v1/tunnel_service.proto - protoc --go_out=. --go_opt=paths=source_relative \ - --go-grpc_out=. --go-grpc_opt=paths=source_relative \ - pb/rtunnel/v1/rtunnel_service.proto - protoc --go_out=. --go_opt=paths=source_relative \ - --go-grpc_out=. --go-grpc_opt=paths=source_relative \ - pb/routes/v1/route_service.proto + @protoc --go_out=. --go_opt=paths=source_relative \ + --go-grpc_out=. --go-grpc_opt=paths=source_relative \ + pb/tunnels/v1/tunnel_service.proto + @protoc --go_out=. --go_opt=paths=source_relative \ + --go-grpc_out=. --go-grpc_opt=paths=source_relative \ + pb/rtunnel/v1/rtunnel_service.proto + @protoc --go_out=. --go_opt=paths=source_relative \ + --go-grpc_out=. --go-grpc_opt=paths=source_relative \ + pb/routes/v1/route_service.proto lint: @golangci-lint run ./... test: - @go test -v ./... + @go test ./... + +.PHONY: ci +ci: protos lint test + +alias: cli + @echo "Configuring alias for $(BINARY)..." + @ALIAS_CMD="alias dino='$(ABS_BIN_PATH)'"; \ + if [ -f "$$HOME/.zshrc" ]; then \ + CONF="$$HOME/.zshrc"; \ + elif [ -f "$$HOME/.bashrc" ]; then \ + CONF="$$HOME/.bashrc"; \ + else \ + echo "No config file found"; exit 1; \ + fi; \ + if grep -q "alias dino=" "$$CONF"; then \ + echo "Alias already exists in $$CONF. Skipping."; \ + else \ + echo "$$ALIAS_CMD" >> "$$CONF"; \ + echo "Added alias to $$CONF. Run 'source $$CONF' to activate."; \ + fi + +unalias: + @if [ -f "$$HOME/.zshrc" ]; then sed -i '/alias dino=/d' ~/.zshrc; fi + @if [ -f "$$HOME/.bashrc" ]; then sed -i '/alias dino=/d' ~/.bashrc; fi + @echo "Removed dino alias from shell config files." cli: - @GODEBUG=fips140=${FIPS_MODE} CGO_ENABLED=0 go build -o ./bin/dino ./cmd/cli + @CGO_ENABLED=0 go build -o $(BIN_OUT) ./cmd/cli server: - docker build -t dino/server:latest \ - --build-arg FIPS_ON=${FIPS_MODE} \ - --build-arg GO_VERSION=${GO_VERSION} \ + docker build -t dino/server:latest \ + --build-arg FIPS_ON=${FIPS_MODE} \ + --build-arg GO_VERSION=${GO_VERSION} \ --build-arg ALPINE_VERSION=${ALPINE_VERSION} \ -f docker/server.Dockerfile . + +tunnel: + docker build -t dino/tunnel:latest \ + --build-arg FIPS_ON=${FIPS_MODE} \ + --build-arg GO_VERSION=${GO_VERSION} \ + --build-arg ALPINE_VERSION=${ALPINE_VERSION} \ + -f docker/tunnel.Dockerfile . + +all: server tunnel \ No newline at end of file diff --git a/README.md b/README.md index 5d13e5d..f322ff2 100644 --- a/README.md +++ b/README.md @@ -14,10 +14,37 @@ Routing & Tunnel Management ## 🚀 Quick Start -1. **Clone & Launch** ```bash +# clone and enter repository git clone https://github.com/structx/dino.git cd dino -docker compose up -d + +# create local volumes +mkdir -p .certs .local-volumes .local-volumes/pgdata + +# set desired hostname for local tunnel +HOSTNAME="tunnel.dino.local" + +# generate certs for local tunnel +openssl req -x509 -nodes -days 365 \ + -newkey ec:<(openssl ecparam -name prime256v1) \ + -keyout ./backend.key \ + -out ./backend.cert \ + -sha384 \ + -subj "/C=US/ST=State/L=City/O=DinoDev/CN=$HOSTNAME" + +# update local hosts file (requires sudo) +echo "127.0.0.1 api.dino.local traefik.dino.local tunnel.dino.local whoami.dino.local" | sudo tee -a /etc/hosts + +# dockerize local server and tunnel +docker build -t dino/server:latest \ + -f docker/server.Dockerfile . +docker build -t dino/tunnel:latest \ + -f docker/tunnel.Dockerfile . + +# start tunnel infra snd servers +docker compose -f tunnel.compose.yaml up -d + +# verify dino has started +docker logs dino ``` -2. Verify: `docker logs dino` diff --git a/local.compose.yaml b/local.compose.yaml new file mode 100644 index 0000000..e69de29 diff --git a/scripts/generate_certs.sh b/scripts/generate_certs.sh deleted file mode 100755 index 4c4b236..0000000 --- a/scripts/generate_certs.sh +++ /dev/null @@ -1,2 +0,0 @@ - -openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./backend.key -out ./backend.cert -sha256 \ No newline at end of file diff --git a/docker-compose.yaml b/tunnel.compose.yaml similarity index 100% rename from docker-compose.yaml rename to tunnel.compose.yaml From c125e2b864d99a8229db9891ccfb2c43af5ba532 Mon Sep 17 00:00:00 2001 From: Trevor Atkinson Date: Sun, 4 Jan 2026 22:56:51 -0700 Subject: [PATCH 2/4] update tunnel dockerfile --- docker/tunnel.Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docker/tunnel.Dockerfile b/docker/tunnel.Dockerfile index ed9998a..fe0d698 100644 --- a/docker/tunnel.Dockerfile +++ b/docker/tunnel.Dockerfile @@ -1,5 +1,8 @@ -FROM golang:1.25.3-alpine3.22 +ARG ALPINE_VERSION=3.23 +ARG GO_VERSION=1.25.5 + +FROM golang:${GO_VERSION}-alpine${ALPINE_VERSION} WORKDIR /usr/src/app From 2ffbc696b5cb659406e0a25607cb8222792bfcac Mon Sep 17 00:00:00 2001 From: Trevor Atkinson Date: Sun, 4 Jan 2026 23:16:52 -0700 Subject: [PATCH 3/4] fix start errors --- .gitignore | 2 +- Makefile | 2 +- local.compose.yaml | 21 +++++++++++++++++++++ setup/config.go | 8 ++++---- tunnel.compose.yaml | 28 +++++++--------------------- 5 files changed, 34 insertions(+), 27 deletions(-) diff --git a/.gitignore b/.gitignore index 6905b90..50b6d72 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ .certs .local-volumes -bin \ No newline at end of file +bin diff --git a/Makefile b/Makefile index 61097b9..31e578d 100644 --- a/Makefile +++ b/Makefile @@ -94,4 +94,4 @@ tunnel: --build-arg ALPINE_VERSION=${ALPINE_VERSION} \ -f docker/tunnel.Dockerfile . -all: server tunnel \ No newline at end of file +all: server tunnel diff --git a/local.compose.yaml b/local.compose.yaml index e69de29..fcff50d 100644 --- a/local.compose.yaml +++ b/local.compose.yaml @@ -0,0 +1,21 @@ +--- +version: '3.9' + +services: + + tunnel: + image: dino/tunnel:latest + container_name: reverse-tunnel + restart: 'unless-stopped' + environment: + - name=value + networks: + - tunnel-network + - local-network + + whoami: + image: dino/whoami:latest + container_name: whoami + networks: + - local-network + diff --git a/setup/config.go b/setup/config.go index f3764e8..fa2a5b0 100644 --- a/setup/config.go +++ b/setup/config.go @@ -47,10 +47,10 @@ type Proxy struct { Host string `env:"HOST, default=127.0.0.1"` Port string `env:"PORT, default=8080"` - ReadTimeout time.Duration `env:"READ_TIMEOUT, default=15"` - ReadHeaderTimeout time.Duration `env:"READ_HEADER_TIMEOUT, default=15"` - WriteTimeout time.Duration `env:"WRITE_TIMEOUT, default=15"` - IdleTimeout time.Duration `env:"IDLE_TIMEOUT, default=30"` + ReadTimeout time.Duration `env:"READ_TIMEOUT, default=15s"` + ReadHeaderTimeout time.Duration `env:"READ_HEADER_TIMEOUT, default=15s"` + WriteTimeout time.Duration `env:"WRITE_TIMEOUT, default=15s"` + IdleTimeout time.Duration `env:"IDLE_TIMEOUT, default=30s"` } // Server diff --git a/tunnel.compose.yaml b/tunnel.compose.yaml index f64042b..cd71a34 100644 --- a/tunnel.compose.yaml +++ b/tunnel.compose.yaml @@ -23,7 +23,7 @@ services: container_name: traefik-ingress restart: 'unless-stopped' depends_on: - - server + - dino security_opt: - no-new-privileges:true - label=type:container_runtime_t @@ -89,30 +89,16 @@ services: - proxy - dino-private-network volumes: - - ${PWD}/certs/backend.cert:/etc/ssl/live/server.crt:z - - ${PWD}/certs/backend.key:/etc/ssl/live/server.key:z + - ${PWD}/.certs/backend.cert:/etc/ssl/live/server.crt:z + - ${PWD}/.certs/backend.key:/etc/ssl/live/server.key:z ports: - 50051 - 4242/udp - # tunnel: - # image: dino/tunnel:latest - # container_name: reverse-tunnel - # restart: 'unless-stopped' - # environment: - # - name=value - # networks: - # - tunnel-network - # - local-network - - # whoami: - # image: dino/whoami:latest - # container_name: whoami - # networks: - # - local-network - networks: proxy: # ingress network - external: true + name: dino-proxy + driver: bridge dino-private-network: # private remote network - external: true \ No newline at end of file + name: dino-private + internal: true \ No newline at end of file From bc7e397c0c65ad39cbceec5efbab694965418ea8 Mon Sep 17 00:00:00 2001 From: Trevor Atkinson Date: Sun, 4 Jan 2026 23:18:01 -0700 Subject: [PATCH 4/4] fix nit --- tunnel.compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tunnel.compose.yaml b/tunnel.compose.yaml index cd71a34..36afe36 100644 --- a/tunnel.compose.yaml +++ b/tunnel.compose.yaml @@ -101,4 +101,4 @@ networks: driver: bridge dino-private-network: # private remote network name: dino-private - internal: true \ No newline at end of file + internal: true