About • Demo • Features • Use-cases • Access • Architecture • Deployment • FAQs
EXPOSE is your new favourite open source tool for exposing your local services on the public Internet with no installation or configuration required. EXPOSE relies on your SSH client and authenticates using the public SSH keys you have on your GitHub account.
To expose localhost:3000, simply type:
ssh -R 1:localhost:3000 expose.shIf your computer username differs from your GitHub username:
ssh -R 1:localhost:3000 [email protected]expose_demo.mp4
- Nothing to install: use only your terminal and SSH client
- Nothing to configure: automatically retrieve public SSH keys from your GitHub account
- Custom URL: based on your GitHub username
- QR code generation: for easy mobile testing
- Multiple tunnels: up to 5 simultaneous services per account
- Distributed system: global routing for fastest access worldwide
- Secure: SSH encryption with automatic HTTPS certificates
- Open source: fully transparent
- Demos and presentations: access your applications from any internet-connected device
- Mobile development: expose local backends for Android/iOS app testing
- Webhook testing: test webhooks from payment gateways, messaging platforms, and APIs
- Cross-device testing: ensure your application works on all device types
- Development sharing: quickly share work-in-progress with team members
To prevent malicious use, you must star this repository to access EXPOSE.
Authentication is handled through your GitHub SSH keys.
Tunnel allocation:
- Tunnels 1-3: Named as
username,username-2,username-3, etc. - Tunnels 4-5: Random names like
username-x7k2m9 - Maximum: 5 concurrent tunnels per user
- Session limit: 2 hours (reconnectable unlimited times)
EXPOSE consists of three containerized components deployed globally using Fly.io:
- Handles SSH connections and authentication
- Validates GitHub SSH keys and stargazer status
- Manages tunnel creation with slot-based naming
- Enforces connection limits and timeouts
- Creates Unix socket forwarding for local services
- Acts as intermediary between SSH server and web server
- Manages GitHub API integration with caching
- Generates QR codes for tunnel URLs
- Handles cache management across distributed instances
- Serves local banner content
- Routes traffic to appropriate tunnels based on subdomains
- Handles caching and load balancing
- Provides HTTPS termination with automatic certificates
- Manages WebSocket upgrades
Generate an SSH key pair:
ssh-keygen -t ed25519 -f ./ssh_key -N ""- Copy the example configuration:
cp fly.toml.example fly.toml- Update the required configuration fields:
app = 'your-app-name'
primary_region = 'cdg' # Choose your preferred region
[env]
FLYDOTIO_APP_NAME = 'your-app-name'
HTTP_URL = 'yourdomain.com'
SSH_SERVER_URL = 'ssh.yourdomain.com'
GITHUB_REPOSITORY = 'gaetanlhf/EXPOSE'- Configure optional settings:
- Adjust
NAMED_TUNNELS_RANGEandRANDOM_TUNNELS_RANGEfor tunnel allocation - Set
TIMEOUTfor session duration (in minutes) - Modify
LOG_LEVELfor debugging (DEBUG,INFO,WARNING,ERROR)
- Adjust
- Launch the application:
fly launch- Add the SSH private key secret:
fly secrets set SSH_SERVER_KEY="$(cat ssh_key)"-
Configure DNS to point your domains to Fly.io's IPv4 and IPv6 addresses
-
Add HTTPS certificates in the Fly.io dashboard for your domains
| Variable | Description | Example |
|---|---|---|
app |
Fly.io application name | my-expose-server |
primary_region |
Fly.io deployment region | cdg, lax, fra |
FLYDOTIO_APP_NAME |
Must match the app name | my-expose-server |
HTTP_URL |
Domain for tunnel URLs | expos.es |
SSH_SERVER_URL |
SSH connection endpoint | expose.sh |
GITHUB_REPOSITORY |
Repository to check for stargazers | gaetanlhf/EXPOSE |
| Variable | Default | Description |
|---|---|---|
NAMED_TUNNELS_RANGE |
1-3 |
Slots for username-based naming |
RANDOM_TUNNELS_RANGE |
4-5 |
Slots for random naming |
TIMEOUT |
120 |
Session timeout in minutes |
LOG_LEVEL |
INFO |
Logging level (DEBUG, INFO, WARNING, ERROR) |
SSH_SERVER_PORT |
2222 |
Internal SSH server port |
NODEJS_TOOLS_PORT |
3000 |
Internal tools service port |
Single tunnel:
ssh -R 1:localhost:3000 expose.shMultiple tunnels:
ssh -R 1:localhost:3000 -R 2:localhost:8080 expose.shAuto-reconnect:
until ssh -R 1:localhost:3000 expose.sh; do echo "Reconnecting..."; doneIs EXPOSE secure?
Yes, SSH is an encrypted protocol, and access to your application is secure thanks to automatic HTTPS certificates.What do you mean by no installation and no configuration?
No installation because EXPOSE uses your existing SSH client. No configuration because EXPOSE automatically retrieves data from your SSH client and GitHub account.How many tunnels can I create simultaneously?
You can create up to 10 simultaneous tunnels. Slots 1-3 use your username, slots 4-5 use your username + random chars.What's the session time limit?
Each session lasts up to 2 hours, but you can reconnect unlimited times.I see "Cannot connect to your local application" in the browser
Ensure your local application is running and accessible at `http://localhost:port`.I see "connect_to localhost port failed" in terminal
Verify your local service is running on the specified port by testing `http://localhost:port` in your browser.Does EXPOSE support other protocols?
EXPOSE supports HTTP, HTTPS, and WebSocket protocols.Where can I get help?
Open an issue on this repository or send an email to [email protected].This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/.