DEV Community

Leo
Leo

Posted on

Connecting streamtasks over the Internet

Streamtasks is build on a robust and flexible networking layer.

The networking layer, unlike the classical IP network, does not distinguish between communication inside a process, between processes or between different machines. Everything is handled over a uniform network.

This enables us to connect different computers running instances of streamtasks, to distribute data or workloads.

One interesting application is the connection of two instances, which can not directly connect to each other over the IP protocol.

This is when we need an intermediate server running in the cloud.

One way to solve this problem, is by running a tunneling server like ngrok. We can also solve this problem with streamtasks directly.

This demo will show, how you can run such an intermediate server and connect your instances over websockets. This will allow you to benefit from the software solutions present for websockets, like standardized encryption and nginx.

Security

To securely send data over an internet connection we need to use encryption.

We have great standards for this and don't need to reinvent the wheel.

On the cloud server, you can install streamtasks and run:

streamtasks --serve ws://127.0.0.1:9000 -C
Enter fullscreen mode Exit fullscreen mode

This will run streamtasks and accept websocket connections received on 127.0.0.1:9000.

In order to have encryption, we will use nginx as a proxy and use a TLS certificate to secure our connections.

Our config could look something like this:

server {
    listen 443 ssl;
    server_name yourdomain.com;

    # SSL Configuration
    ssl_certificate /etc/nginx/ssl/yourdomain.com.crt;
    ssl_certificate_key /etc/nginx/ssl/yourdomain.com.key;

    location / {
        proxy_pass http://localhost:9000;

        # Proxy headers for WebSocket
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;

        # Other proxy headers (optional)
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Redirect HTTP to HTTPS
server {
    listen 80;
    server_name yourdomain.com;

    location / {
        return 301 https://$host$request_uri;
    }
}
Enter fullscreen mode Exit fullscreen mode

Authentication

Right now there is a rather primitive authentication method integrated into streamtasks. You can specify an authentication token in the URL that, that will be verified by the server. In order for this to work, you must specify this token in the URL for both the client and server.

On the server side:

streamtasks --serve ws://127.0.0.1:9000?auth=1234 -C
Enter fullscreen mode Exit fullscreen mode

This will make sure only clients with the correct credentials are allowed to join.

Connecting

In order to connect to an instance, you must specify the connect URL when running the instance.

In this case we do:

streamtasks --connect wss://yourdomain.com?auth=1234
Enter fullscreen mode Exit fullscreen mode

Try streamtasks!
GitHub: https://github.com/leopf/streamtasks
Documentation/Homepage: https://streamtasks.3-klicks.de
X: https://x.com/leopfff

Top comments (0)