Home
Softono
microtunnel

microtunnel

Open source MIT Go
GitHub
23
Stars
0
Forks
4
Issues
1
Watchers
1 year
Last Commit
Tunnel & Remote Access Developer Tools

About microtunnel

🌐 Self-hosted HTTPS tunnels using Go, WebSockets & Caddy. Good for demos, side-projects & webhooks.

Platforms

Web Self-hosted

Languages

Go

Links

Source Code
o
Published by
oleghq
Visit View Profile

README.md

View on GitHub

microtunnel

Architecture Diagram

Self-hosted HTTPS tunnels made simple β€” using Go, Caddy, and Cloudflare.

  • One lightweight Go binary.
  • Automatic HTTPS with wildcard certificates.
  • WebSocket-based tunneling (no raw TCP needed).
  • Fully self-hosted: your domain, your rules.

Read the full story here β†’

Why microtunnel?

Most tunneling tools either require paid plans, rely on proprietary infrastructure, or need complex setups. microtunnel is a self-hosted alternative that gives you HTTPS tunnels using just Go, WebSockets, and Caddy β€” no third-party services required.

  • No paid plans
  • No vendor lock-in
  • No opaque black boxes

Just one Go binary + Caddy with automatic TLS = your own public HTTPS tunnel.

Features

  • πŸ” Secure WebSocket-based tunneling
  • πŸ”’ Automatic Let's Encrypt TLS (via Cloudflare DNS)
  • πŸ“‘ Multiplexing multiple HTTP streams over one WebSocket with yamux
  • πŸ–ŠοΈ Simple, structured logs (thanks, Logrus)
  • 🌐 Designed for side-projects, demos, webhook testing

Quick Start

Server Setup

First, prepare your environment variables:

export TUNNEL_SERVER_DOMAIN_NAME=tunnel.example.com
export CADDY_PROXY_PORT=3000
export CF_API_TOKEN=your_cloudflare_token

Build and run the server:

go run main.go --port 3000 --base-domain-name=tunnel.example.com

Caddy needs to be set up separately for wildcard HTTPS. See full guide in the article.

Client Usage

Tunnel your local app (e.g., running on localhost:8080):

go run main.go --server-url=wss://tunnel.example.com/tunnel --port 8080

You'll get a URL like:

https://ab12cd34.tunnel.example.com

Open it. Magic.

How It Works

  • Clients connect to /tunnel via secure WebSocket.
  • Server assigns a random 8-character subdomain.
  • Caddy handles automatic TLS certificates.
  • Yamux multiplexes multiple HTTP requests over a single WebSocket.
  • HTTP hijacking enables raw streaming of HTTP traffic without re-encoding.

For a deeper technical dive, check the full article.

Requirements

  • A domain (e.g., example.com) with Cloudflare managing DNS.
  • A public VM (free Oracle/AWS/anything).
  • Go (for building the binary).
  • Caddy (with Cloudflare DNS plugin).

Future Improvements

  • Token-based tunnel authentication
  • gRPC transport support
  • Prometheus metrics for tunnel traffic

Demo

Tunnel established

Tunnel Ready

Incoming request to server

Server Log

Accessing local app via HTTPS

Browser Screenshot

License

MIT. Do whatever you want. Stars are appreciated

GitHub Repository β†’