ttyd是一个简单的命令行工具,用于通过网络共享终端。
介绍
ttyd是开源的,支持在网页上使用SSH终端的服务。
ttyd 接受到访问事件后,才创建对应的进行,如容器
特点
-
构建于 Libwebsockets 之上,使用libuv以提高速度
-
基于 Xterm.js 的全功能终端,支持CJK(中文、日文、韩文)和IME
-
图形化的ZMODEM集成,支持 lrzsz
-
基于OpenSSL的SSL支持
-
运行任何带有选项的自定义命令
-
支持基本认证(Basic Auth)和许多其他自定义选项
-
跨平台:MacOS、Linux、FreeBSD/OpenBSD、OpenWrt、Windows
-
使用案例
安装
二进制安装
# https://github.com/tsl0922/ttyd/releases
wget -O ttyd https://github.com/tsl0922/ttyd/releases/download/1.5.2/ttyd_linux.x86_64
chmod +x ttyd
mv ttyd /usr/local/bin/
# 查看版本
$ ttyd -v
ttyd version 1.5.2
Mac
brew install ttyd
OpenWrt
opkg install ttyd
源码安装
sudo apt-get install build-essential cmake git libjson-c-dev libwebsockets-dev
git clone https://github.com/tsl0922/ttyd.git
cd ttyd && mkdir build && cd build
cmake ..
make && make install
使用
help
$ ttyd --help
ttyd is a tool for sharing terminal over the web
USAGE:
ttyd [options] <command> [<arguments...>]
VERSION:
1.5.2
OPTIONS:
-p, --port Port to listen (default: 7681, use `0` for random port)
-i, --interface Network interface to bind (eg: eth0), or UNIX domain socket path (eg: /var/run/ttyd.sock)
-c, --credential Credential for Basic Authentication (format: username:password)
-u, --uid User id to run with
-g, --gid Group id to run with
-s, --signal Signal to send to the command when exit it (default: 1, SIGHUP)
-a, --url-arg Allow client to send command line arguments in URL (eg: http://localhost:7681?arg=foo&arg=bar)
-R, --readonly Do not allow clients to write to the TTY
-t, --client-option Send option to client (format: key=value), repeat to add more options
-T, --terminal-type Terminal type to report, default: xterm-256color
-O, --check-origin Do not allow websocket connection from different origin
-m, --max-clients Maximum clients to support (default: 0, no limit)
-o, --once Accept only one client and exit on disconnection
-B, --browser Open terminal with the default system browser
-I, --index Custom index.html path
-6, --ipv6 Enable IPv6 support
-S, --ssl Enable SSL
-C, --ssl-cert SSL certificate file path
-K, --ssl-key SSL key file path
-A, --ssl-ca SSL CA file path for client certificate verification
-d, --debug Set log level (default: 7)
-v, --version Print the version and exit
-h, --help Print this text and exit
Visit https://github.com/tsl0922/ttyd to get more information and report bugs.
示例:运行bash
# 默认启动服务,监听在 7681 端口
$ ttyd bash
# --once 只接受一个客户端并在断开连接时退出
$ ttyd --once bash
# 认证信息
$ ttyd -c user:password bash
# 启动一个容器
$ ttyd --once docker run -it alpine:latest
# 设置超时时间,10后自动杀死进程
$ timeout 10 ttyd --once docker run -it alpine:latest
守护进程创建
- /etc/systemd/system/ttyd@7681.service
$ cat /etc/systemd/system/ttyd@7681.service
[Unit]
Description=ttyd
After=network.target
[Service]
ExecStart=/usr/local/bin/ttyd -p 7681 bash
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl start ttyd@7681.service
journalctl -u ttyd@7681.service
nginx 认证代理
server {
listen 80;
server_name _;
location / {
auth_basic "Please input password";
auth_basic_user_file /etc/nginx/passwd;
proxy_set_header X-WEBAUTH-USER $remote_user;
proxy_set_header Authorization "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_pass http://unix:/tmp/ttyd.sock;
proxy_pass http://127.0.0.1:7681;
}
}
location ~ ^/ttyd(.*)$ {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:$1;
}