container
docker
free open source software
proxy
self hosted
tunneling
vpn
akses jauh, alat devops, devops tools, docker tunnel, expose local services, kawalan jauh selamat, kubernetes ingress, nginx reverse proxy, open source ingress, pendedahan perkhidmatan tempatan, penghosan sendiri, perkhidmatan kendiri, remote access, reverse vpn, secure self hosting, self hosted vpn, vpn alternative, vpn sumber terbuka, wiredoor, wireguard, zero trust networking
9M2PJU
0 Comments
Wiredoor: Securely Expose Private Services with Reverse VPN Magic
Exposing private services to the internet is traditionally a messy affair — it usually involves port forwarding, firewalls, VPNs, or jumping through hoops with third-party tunnels and ingress controllers.
But what if there was a secure, self-hosted way to do it all — using just WireGuard and NGINX — without giving up control?
Meet Wiredoor.
🌐 What Is Wiredoor?
Wiredoor is an open-source ingress-as-a-service platform designed for securely exposing services from private networks to the internet. It uses a reverse VPN tunnel (powered by WireGuard) and a built-in NGINX reverse proxy to forward requests to your local services — no matter where they are.
Whether you’re a developer, sysadmin, or just privacy-conscious, Wiredoor gives you complete control of how your internal services become externally available — without relying on a public cloud provider.
🔐 Why Wiredoor?
Here’s what makes Wiredoor stand out:
- Reverse VPN with WireGuard: Secure, high-performance tunneling from internal nodes to the internet-facing gateway.
- NGINX Reverse Proxy: Routes traffic efficiently and supports HTTPS, WebSockets, and subdomain mapping.
- OAuth2 Authentication: Restrict access with Google, GitHub, or any OIDC provider using OAuth2-Proxy.
- Automatic SSL: Built-in Let’s Encrypt integration for public domains, or use self-signed certs for internal use.
- Web UI: Manage nodes, services, and domains from a sleek, browser-based interface.
- Flexible Deployments: Works in Docker, Kubernetes, bare-metal servers, IoT devices — anything with Linux.
- CLI Client: Register and expose services easily from the terminal with
wiredoor-cli
.
And of course, it’s fully open source and 100% self-hosted.
⚡ Quickstart: Get Wiredoor Running in Minutes
You’ll need:
- A Linux VPS with Docker
- Open ports:
80
,443
, and51820/UDP
(VPN) - A domain (optional but recommended)
Step 1: Deploy the Wiredoor Server
git clone https://github.com/wiredoor/docker-setup.git
cd docker-setup
cp .env.example .env
nano .env # Edit admin email, password, hostname/IP, and ports
docker compose up -d
Step 2: Log in to the Web UI
Go to https://your-server-domain-or-ip
in your browser, and log in with the credentials you set in .env
.
Now you’ve got the control panel to manage everything — nodes, domains, and services.
🖥️ Expose Your First Private Service
Now, install the Wiredoor CLI on your local device (or any internal machine):
curl -s https://www.wiredoor.net/install-wiredoor-cli.sh | sh
Then connect it to your server:
wiredoor login --url=https://your-server-domain-or-ip
And expose a service running on port 3000:
wiredoor http myapp --domain app.yourdomain.com --port 3000
Make sure app.yourdomain.com
points to your Wiredoor server’s public IP. Wiredoor will handle SSL, tunneling, and routing for you.
🔧 Advanced Use Cases
Wiredoor works great in more complex environments too:
- Docker Gateway: Drop-in sidecar container to expose services in Compose stacks.
- Kubernetes: Use the Helm chart to expose services from inside your cluster.
- IoT Networks: Expose dashboards, logs, or remote device control panels from isolated networks.
- Site-to-Site VPN: Use gateway nodes to bridge entire networks, not just individual services.
🔒 Designed with Security in Mind
Wiredoor doesn’t compromise on security. You get:
- Encrypted VPN connections (WireGuard)
- Fine-grained OAuth2 access controls
- Secure session handling
- Automatic certificate renewal
- Brute-force resistant login with admin PIN/password
You control your ingress — not some third-party SaaS provider.
✅ Ideal Use Cases
- Share a dev or staging app with your client — securely
- Access internal dashboards (like Prometheus, Grafana, etc.) from anywhere
- Replace complex OpenVPN/ZeroTier setups with a simple alternative
- Expose IoT devices, edge services, or legacy systems with minimal configuration
📦 100% Open Source, Self-Hosted
Wiredoor is maintained by developers who care about privacy, control, and simplicity. You can inspect, modify, or host it yourself — no vendor lock-in.
Check out the source code, contribute, or just star the repo to support the project:
👉 GitHub: wiredoor/docker-setup
Final Thoughts
Wiredoor offers a refreshing take on secure service exposure. If you’re tired of fragile SSH tunnels, overpriced third-party solutions, or clunky VPN setups — give Wiredoor a try.
It’s simple, self-hosted, and made for people who want to control their own infrastructure.
Post Comment