Start tcp tunnel on reboot

[prgwar]

I am using self hosted zrok server to connect to my host pc through ssh tunnelling to run some workloads and manage them , its not a cloud pc so every time i restart the server i need to start a private share, I tried creating systemctl service and cron service also, I went into documentation for frontend (zrok-share) but that didnt help, Can some one help me to start the zrok private share in tunnel mode after reboot is completed

[dovholuknf]

Are you using a 'reserved' share? That will make things dramatically easier for you as you'll share the same share every time. That give you enough to go on and make sense?

[ColonialDagger]

Before you automate it, first make sure that any connection functions properly. You even test it in a terminal on both ends. Once you get a connection going, then move on to automating the connection.

Here's a guide I made for myself in starting automatic tunnels on my external server and my internal server. With this setup, both ends automatically revive if they might go down for whatever reason.

# How to set up a reverse tunnel using zrok

0. To use the custom api.zrok.<URL>.com endpoint, configure the correct apiEndpoint variable. If you want to use the official zrok endpoint, skip this step. However, be aware that the official endpoint has a 10 GB / day transfer limit.

	zrok config set apiEndpoint https://api.zrok.<URL>.com

1. Enable your zrok environment. This links all zrok machines with this activated environment key to your account. You can find this on https://api.<URL>.com under your account on the top right.

	zrok enable <id>

2. Reserve a share ID for private use, pointing to the destination server or the next server in the hop.

	zrok reserve private -b <type> <ip>:<port>
	
	Supported types:
		proxy
		web
		caddy
		drive
		tcpTunnel (Only for private shares!)
		udpTunnel (Only for private shares!)

3. On the external server, create an nginx server and edit /etc/nginx/nginx.conf to ingest traffic and redirect to the port shown on the external server's zrok panel using the following template:

	stream {
        	server {
               		listen <port>; # Nginx listens for incoming traffic from the internet on this port 
                	proxy_pass 127.0.0.1:<port>; # This is where zrok is listening to send traffic into the tunnel
        	}
	}

If a stream/server already exists, you may need to add another section to the entry. At the time of writing, it is unknown whether or not another stream entry is needed, or just another server entry within the same stream.

4. Using the given ID, start the test environment with:

	zrok share reserved <id>

5. On an external server, setup the environment just the same in step 1. Test that you can connect to the share using:

	zrok access private <id>

6. On the external server, create a systemd service with the following name "zrok-<service>.service" and format:

	[Unit]
	Description=zrok connector to <service> on <port>
	Requires=zrok-controller.service
	After=zrok-controller.service

	[Install]
	WantedBy=multi-user.target

	[Service]
	ExecStartPre=/bin/sleep 30
	ExecStart=/bin/bash -c 'zrok access private <id> --headless -b "127.0.0.1:<local_port>"''
	Restart=always
	User=ingest
	Group=ingest

Note: to use udpTunnel, you must use --backend-mode.

7. On the internal server, create a systemd service with the following name "zrok-<port>.service" and format:

	[Unit]
	Description=zrok share to localhost on 25565
	After=network.target

	[Install]
	WantedBy=multi-user.target

	[Service]
	ExecStart=/bin/bash -c 'zrok share reserved <id> --headless'
	Restart=always
	User=<user>
	Group=<user>

8. Start the service and start it at boot by running on both servers:

	sudo systemctl enable zrok-<port>.service

9. Don't forget to open up firewall ports on the Oracle Cloud interface under Subnet > Security List.

[prgwar]

Are you using a 'reserved' share? That will make things dramatically easier for you as you'll share the same share every time. That give you enough to go on and make sense?

I am using private share

[prgwar]

Before you automate it, first make sure that any connection functions properly. You even test it in a terminal on both ends. Once you get a connection going, then move on to automating the connection.

Here's a guide I made for myself in starting automatic tunnels on my external server and my internal server. With this setup, both ends automatically revive if they might go down for whatever reason.

# How to set up a reverse tunnel using zrok

0. To use the custom api.zrok.<URL>.com endpoint, configure the correct apiEndpoint variable. If you want to use the official zrok endpoint, skip this step. However, be aware that the official endpoint has a 10 GB / day transfer limit.

	zrok config set apiEndpoint https://api.zrok.<URL>.com

1. Enable your zrok environment. This links all zrok machines with this activated environment key to your account. You can find this on https://api.<URL>.com under your account on the top right.

	zrok enable <id>

2. Reserve a share ID for private use, pointing to the destination server or the next server in the hop.

	zrok reserve private -b <type> <ip>:<port>
	
	Supported types:
		proxy
		web
		caddy
		drive
		tcpTunnel (Only for private shares!)
		udpTunnel (Only for private shares!)

3. On the external server, create an nginx server and edit /etc/nginx/nginx.conf to ingest traffic and redirect to the port shown on the external server's zrok panel using the following template:

	stream {
        	server {
               		listen <port>; # Nginx listens for incoming traffic from the internet on this port 
                	proxy_pass 127.0.0.1:<port>; # This is where zrok is listening to send traffic into the tunnel
        	}
	}

If a stream/server already exists, you may need to add another section to the entry. At the time of writing, it is unknown whether or not another stream entry is needed, or just another server entry within the same stream.

4. Using the given ID, start the test environment with:

	zrok share reserved <id>

5. On an external server, setup the environment just the same in step 1. Test that you can connect to the share using:

	zrok access private <id>

6. On the external server, create a systemd service with the following name "zrok-<service>.service" and format:

	[Unit]
	Description=zrok connector to <service> on <port>
	Requires=zrok-controller.service
	After=zrok-controller.service

	[Install]
	WantedBy=multi-user.target

	[Service]
	ExecStartPre=/bin/sleep 30
	ExecStart=/bin/bash -c 'zrok access private <id> --headless -b "127.0.0.1:<local_port>"''
	Restart=always
	User=ingest
	Group=ingest

Note: to use udpTunnel, you must use --backend-mode.

7. On the internal server, create a systemd service with the following name "zrok-<port>.service" and format:

	[Unit]
	Description=zrok share to localhost on 25565
	After=network.target

	[Install]
	WantedBy=multi-user.target

	[Service]
	ExecStart=/bin/bash -c 'zrok share reserved <id> --headless'
	Restart=always
	User=<user>
	Group=<user>

8. Start the service and start it at boot by running on both servers:

	sudo systemctl enable zrok-<port>.service

9. Don't forget to open up firewall ports on the Oracle Cloud interface under Subnet > Security List.

I will try to setup and reply back thanks a lot