Expose any local web service to the public internet via Cloudflare Tunnel — no router config, no port forwarding, mobile-friendly URL with QR code.
localhost:3000 ──► cloudflared ──► https://*.trycloudflare.com ──► any browser, any device
- Desktop GUI (Electron) — point at a port, get a public URL + QR code for mobile
- CLI —
shre-tunnel --port 3000for terminal users - Docker — runner image to expose host services, or sidecar template for containerized apps
- Two tunnel modes:
- Quick Tunnel — zero config, ephemeral
*.trycloudflare.comURL - Named Tunnel — persistent URL on your own Cloudflare domain
- Quick Tunnel — zero config, ephemeral
- Optional auth gate (
--auth shre) — wrap the public URL with a login screen backed by~/.shre/vault/users.jsonso only authorized users can reach your local service. Compatible with the rest of the shreai ecosystem. - Auto-update — packaged desktop builds check GitHub releases on launch and download/install new versions in the background (via
electron-updater).
- Install — download the installer for your OS from the Releases page (
.dmgon macOS,.exeon Windows,.AppImage/.debon Linux). The packaged app bundleselectron-updaterso subsequent versions arrive automatically. - Configure — first launch: if you don't have
cloudflaredon PATH, shre-tunnel auto-downloads it into~/.cache/shre-tunnel/bin/. If you tick "Protect public URL with shre-auth login" and don't have a vault user yet, a first-run wizard collects username + password and writes them to~/.shre/vault/users.json. - Go live — enter the port your service runs on, click Start tunnel, scan the QR code with your phone.
npm install
npm run build:core
npm run dev:desktopnpm install
npm run build
npm run cli -- --port 3000# Run a tunnel against a service on your host's port 3000
docker run --rm \
--add-host=host.docker.internal:host-gateway \
-e TARGET=http://host.docker.internal:3000 \
ghcr.io/yourname/shre-tunnel-runner:latestSee docs/ for full architecture, Cloudflare setup, Docker usage, and dev workflow.
shre-tunnel/
├── packages/
│ ├── core/ # @shre-tunnel/core — cloudflared wrapper, tunnel manager
│ ├── auth-proxy/ # @shre-tunnel/auth-proxy — JWT reverse proxy (shre-auth compatible)
│ ├── cli/ # @shre-tunnel/cli — thin CLI over core
│ └── desktop/ # @shre-tunnel/desktop — Electron + React GUI (tray, auto-update)
├── docker/
│ ├── runner/ # Tunnel-only Docker image
│ └── compose/ # docker-compose sidecar template
├── .github/workflows/ # CI: build, publish runner image, release desktop installers
└── docs/
# CLI: create a user, then go live with auth
shre-tunnel users add nirpat3
shre-tunnel --port 3000 --auth shreThe public URL hits a login screen first; only credentials in ~/.shre/vault/users.json get through. See docs/auth.md for the full design.
MIT