Webhook Relay
Search…
Introduction
Quick Start - Forwarding
Quick Start - Tunnels
πŸ› 
Installation
Relay CLI
Containerized
Products
πŸ›°
Webhook Forwarding
⚑
Functions
πŸ”ƒ
Tunnels
πŸ“
Examples
Intro to examples
Webhooks
Functions
Tunnels
🏠
Home Automation
Platform
CLI Basics
Using CLI Behind Proxy
Self-hosting Server
Server deployment
Client configuration
Security & Tech
Powered By GitBook
Server deployment
Server is an all-in-one container that manages tunnels and forwarding configuration, client connections and performs the actual tunnelling.
To start using self-hosted Webhook Relay tunnelling server, follow this guide. Tunnelling server is called Transponder.
Transponder image can be found at https://hub.docker.com/r/webhookrelay/transponder.
Image name:webhookrelay/transponder:latest

Features

  • HTTP/HTTPS tunnels
  • Custom subdomains, domains
  • WebSocket support
  • TLS pass-through tunnels
  • Dashboard UI
  • Webhook Forwarding

Technical Requirements

Since the server can be routing from hundreds of webhooks to millions of webhooks per minute, it's important to choose a correct size for the server.
Minimal requirements:
  • 1 CPU
  • 128 MB RAM
  • 1GB Disk space
Recommended:
  • 4 CPU
  • 6 GB RAM
  • 1GB disk space

Getting a license

To get a license key for self-hosted Webhook Relay version (Transponder) please email [email protected]. Proof-of-Concept trial licenses are available free of charge.

Installation options

Terraform

Cloud agnostic examples

Various examples for deployment are available here: https://github.com/webhookrelay/transponder-deployment.

Using Docker-Compose

First, clone repository:
git clone https://github.com/webhookrelay/transponder-deployment.git
cd webhook-forwarding

Configuration

  1. 1.
    Create a new file .env
  2. 2.
    Copy & paste contents of .env.example file to .env and change the details such as admin username, password API key (key has to remain UUID format) and secret.

TLS Options

Option 1: No TLS (when your own firewall/load balancer does HTTPS termination)
If you don't need TLS in Transponder:
  • Ensure that environment variables CERT_PATH, CERT_KEY_PATH and MANAGED_DOMAINS aren't set. Either remove them from the .env file or edit the docker-compose.yaml to unset them.
  • Update healthcheck section in the docker-compose.yaml to use http:// instead of https://
  • Set RELAY_REQUIRE_TLS=false in the agent to disable TLS for GRPC connections.
Alternatively, if you do need encryption for the agent and you are doing TLS termination in front of the Transponder, you can use --ws flag when running forward command:
relay forward --ws -b my-bucket https://bin.webhookrelay.com/v1/webhooks/d1ea0a51-f317-4e8d-a641-067e96a46bc3
Option 2: TLS Configuration
For TLS configuration you can choose between self-signed certificates and the ones provided by Let's Encrypt.
For production instance, set CA_URL=https://acme-v02.api.letsencrypt.org/directory in your .env file. Although it's recommended to first try out your setup with staging CA so you don't hit Let's Encrypt rate limits.
Option 3: Let's Encrypt certificates (TLS-ALPN challenge)
TLS-ALPN challenge is nice to use with webhook forwarding because you don't need a wildcard cert and this method doesn't require 3rd credentials from a DNS provider. Transponder uses this method by default, so just set this environment variable:
MANAGED_DOMAINS=your-domain.com
Your server must be reachable from the Internet (by Let's Encrypt server).
Option 4: Using DNS challenge
It is recommended to use DNS challenge when you need a wildcard cert or your server is not reachable from the public Internet. Transponder supports Cloudflare as a DNS challenge provider. To use it instead of the TLS-ALPN challenge, set these additional variables:
CLOUDFLARE_EMAIL=your-cloudflare-account-email
CLOUDFLARE_API_KEY=your-cloudflare-api-key
This will ensure that during boot, Transponder will retrieve certificates for your server.
Option 5: Self-signed certificates
Get your certificates and place them into certs/ directory next to this docker-compose.yaml file. Then, set these environment variables in the .env file:
CERT_PATH=./certs/your-domain.pem
CERT_KEY_PATH=./certs/your-domain-key.pem

Starting the server

To start the server:
docker-compose up -d
You can view server logs here:
docker-compose logs

Accessing admin dashboard

By default, admin dashboard can be accessed on port 9300 (https://your-server-domain:9300).
​
Platform - Previous
Self-hosting Server
Next
Client configuration
Last modified 1yr ago
Copy link
On this page
Features
Technical Requirements
Getting a license
Installation options
Terraform
Cloud agnostic examples
Using Docker-Compose
Accessing admin dashboard