tunnelv1.0

Built with Go · WebSockets · HTTPS

Exposelocalhostsecurely.

A lightweight reverse tunnel platform built in Go. Share local servers over HTTPS via WSS — self-hosted, fast, and open-source. Like ngrok, but yours.

Download Binary Setup Guide

tunnel — bash

~/projects/myapp $ tunnel http 5000▋

Connecting to tunnel.annuvrat.com...

✔ Tunnel established successfully

Forwarding https://tunnel.annuvrat.com/t/abc123

→ http://localhost:5000

● connectedHTTPS + WSSReverse Tunnel

// features

Production-grade tunneling

Everything you need to expose a local server reliably and securely.

Security

Secure WSS Transport

Encrypted WebSocket tunnels between client and server — every byte in transit is protected.

Networking

Automatic HTTPS

Caddy + Let's Encrypt handle TLS automatically. Your local server gets a real HTTPS URL instantly.

Performance

Concurrent Goroutines

Built in Go — handles bursts of concurrent requests without breaking a sweat.

Portability

Cross-Platform CLI

Pre-built binaries for Windows, Linux, and macOS. Download, add to PATH, run.

DevOps

Docker Ready

Production-ready containerized server infrastructure with zero-config deployment.

Reliability

Heartbeat Monitoring

Persistent connection health checks with graceful reconnection and shutdown handling.

// downloads

Download CLI binary

Available for every major platform.

Linux

x64 / AMD64

Download tunnel-linux-amd64.tar.gz

Quick command

tunnel http 5000

Installation steps

# Extract the archive
tar -xzf tunnel-linux-amd64.tar.gz

# Make the binary executable
chmod +x tunnel

# Move it to a directory in PATH
sudo mv tunnel /usr/local/bin/

# Run from anywhere
tunnel http 5000

// setup

Installation guide

All platforms, step by step.

Windows

x64 / AMD64

▶

# 1. Extract the ZIP archive

# 2. Move tunnel.exe to a permanent location
#    e.g. C:\Tools\tunnel.exe

# 3. Add the folder to your PATH environment variable
#    System Properties -> Environment Variables -> PATH

# 4. Open a new terminal and run
tunnel http 5000

Linux

x64 / AMD64

▶

# Extract the archive
tar -xzf tunnel-linux-amd64.tar.gz

# Make the binary executable
chmod +x tunnel

# Move it to a directory in PATH
sudo mv tunnel /usr/local/bin/

# Run from anywhere
tunnel http 5000

macOS

Apple Silicon

▶

# Extract the archive
tar -xzf tunnel-macos-arm64.tar.gz

# Make the binary executable
chmod +x tunnel

# Move it to a directory in PATH
sudo mv tunnel /usr/local/bin/

# Run from anywhere
tunnel http 5000

// architecture

Infrastructure overview

Minimal, production-ready, and fully self-hosted.

Browser

Public request

→

Caddy

TLS termination

→

Tunnel Server

Go backend

→

WSS

Encrypted pipe

→

localhost

Your app

TLS Termination

Caddy handles all HTTPS and certificate renewal automatically via Let's Encrypt.

Tunnel Server

A Go server accepts WSS connections from CLI clients and proxies HTTP traffic bidirectionally.

WSS Pipe

A persistent encrypted WebSocket carries request/response payloads between server and local app.