rustdesk server

由 datahunter 在三, 24/07/2024 - 18:32 發表

最後更新: 2024-07-24

RustDesk Self-hosting Server

Source Code: https://github.com/rustdesk/rustdesk-server

Core Ports(minimum required ports):

TCP 21115-21117
UDP 21116

Ports Info

21114/TCP # web console, only available in Pro version
21115/TCP # used for the NAT type test
21116/UDP # used for the ID registration and heartbeat service
21116/TCP # used for TCP hole punching and connection service
21117/TCP # used for the Relay services
21118, 21119 # used to support RustDesk Web Client

Server

Signal Server (hbbs) # 21116/UDP&TCP ID server
Relay Server (hbbr) # 21117TCP Relay server

Setup on Ubuntu 22.04

Firewall

ufw allow proto tcp from YOURIP to any port 22

ufw allow 21115:21117/tcp

ufw allow 21116/udp

sudo ufw enable

ufw status

下載 Source

mkdir -p /opt/rustdesk /var/log/rustdesk

cd /opt/rustdesk

RDLATEST=1.1.11-1

wget "https://github.com/rustdesk/rustdesk-server/releases/download/${RDLATEST}/rustdesk-server-linux-amd64.zip"

unzip rustdesk-server-linux-amd64.zip

mv amd64 bin

建立 User

useradd -d /opt/rustdesk rustdesk

passwd -l rustdesk

environment

/etc/environment

PATH="/opt/rustdesk/bin:..."

OS Settings

# Sets UDP recv buffer size

/etc/sysctl.conf

net.core.rmem_max=52428800

sysctl –p

Keypair

A keypair is needed for encryption

cd /opt/rustdesk

/opt/rustdesk/bin/rustdesk-utils genkeypair

Public Key: ...
Secret Key: ...

# files in the running directory

id_ed25519 # Secret Key
id_ed25519.pub # Public Key

chmod 600 id_ed25519*

hbbs & hbbr 的 ENV variables

You can specify the variables as usual or use an /opt/rustdesk/env

e.g.

ALWAYS_USE_RELAY=Y
RELAY=rd.datahunter.org

Other Settings

[hbbs]

ALWAYS_USE_RELAY # "Y" disallows direct peer connection
PORT # Default: 21116/UDP&TCP
KEY # 有 key file 就不用設定它
DB_URL # Default: ./db_v2.sqlite3
RELAY # hbbr 的 domain, 必須設定

[hbbr]

PORT # 21117/TCP
KEY # 有 key file 就不用設定它
DOWNGRADE_START_CHECK # delay before downgrade check. 1800 (in seconds)
DOWNGRADE_THRESHOLD # threshold of downgrade check. 0.66 (in bit/ms)
LIMIT_SPEED # Default: 4 (in mbps)
# LIMIT_SPEED = HBBR_BLACKLIST_BANDWIDTH (blacklist.txt)
SINGLE_BANDWIDTH # Default: 16 (in mbps)
# max bandwidth for a single connection (包含檔案傳輸)
TOTAL_BANDWIDTH # Default: 1024 (in mbps)
# whole server speed limit.

Files

blacklist.txt # IPs bandwidth limited
blocklist.txt # IPs not allowed to connect

Service file

mkdir /var/log/rustdesk; chown rustdesk: /var/log/rustdesk

/etc/systemd/system/rustdesksignal.service

[Unit]
Description=Rustdesk Relay Server
[Service]
Type=simple
EnvironmentFile=/opt/rustdesk/env
LimitNOFILE=1000000
ExecStart=/opt/rustdesk/bin/hbbr
WorkingDirectory=/opt/rustdesk/
User=rustdesk
Group=rustdesk
Restart=always
StandardOutput=append:/var/log/rustdesk/relayserver.log
StandardError=append:/var/log/rustdesk/relayserver.error
# Restart service after 10 seconds if node service crashes
RestartSec=10
[Install]
WantedBy=multi-user.target

/etc/systemd/system/rustdeskrelay.service

[Unit]
Description=Rustdesk Signal Server
[Service]
Type=simple
EnvironmentFile=/opt/rustdesk/env
LimitNOFILE=1000000
ExecStart=/opt/rustdesk/bin/hbbs
WorkingDirectory=/opt/rustdesk/
User=rustdesk
Group=rustdesk
Restart=always
StandardOutput=append:/var/log/rustdesk/signalserver.log
StandardError=append:/var/log/rustdesk/signalserver.error
# Restart service after 10 seconds if node service crashes
RestartSec=10
[Install]
WantedBy=multi-user.target

systemctl daemon-reload

systemctl enable {rustdeskrelay,rustdesksignal} --now