Wedgetail is a web-based MU* client designed around the socket.io
websocket library. Major advantages include:
- No user configuration. All important settings are handled in a
server-side configuration file.
- No plugins. Many existing clients require Java or Flash to connect
directly to the MU* server; by using a server-side shim, Wedgetail
can use HTML5 websockets instead.
- Fault-tolerance. The modern Internet doesn't do very well at
keeping TCP connections open for a long period of time, leading to
all kinds of finicky anti-idle and keepalive setups. Wedgetail
can seamlessly re-establish sessions after brief connection losses
and even IP changes.
- Proxy compatibility. If the user's proxy allows them to access the
client web page, they will be able to connect to your MU*, since
the same channel is used. (For best proxy support, you should
use port 443, the default HTTPS port, if possible. If there's
an existing web server on port 443, you can reverse-proxy
Wedgetail through it; see the section PROXYING VIA APACHE.)
- Privacy. Even if your MU* server doesn't support TLS, you can
still encrypt the client-to-server connection using Wedgetail.
Wedgetail has two components; the client, which is pure Javascript
and runs in the user's browser; and the server, which is also
Javascript and runs under node.js. The server's job is to track
client sessions, and act as a shim between Wedgetail's
websocket-based protocol and the MU* server's telnet protocol. It
also directly serves the client via a built-in HTTPS server, making
it entirely self-contained.
The server has been tested on Linux, FreeBSD and Windows.
Prerequisites:
- node.js
- npm (the Node Package Manager)
- a valid TLS certificate
Installation instructions:
1. Run "npm install" in this directory. This will install the node.js
dependencies needed by Wedgetail. Depending on your OS this may take
a little while.
2. Copy server.ini.sample to server.ini, and edit it for your site. In
particular, you will need to edit the [destination] section to point
to your MU* server and the tlsCert and tlsKey variables to point to
your certificates.
WARNING: Do NOT use Wedgetail on a public-facing site with TLS disabled.
It relies on TLS for protection against password sniffing and
session hijacking. If you need an inexpensive browser-
compatible certificate, free ones are available from
letsencrypt.org.
3. Start the server by running "node server.js" (or "nodejs server.js" on
some Linux distributions.) You may want to write a startup script to
automate this on your system -- or check the startup-scripts directory
to see if one already exists.
4. Point your web browser at the hostname and port where Wedgetail is
running and try it out, e.g. https://example.com:8090/
You can optionally customize the look of the client by editing
public/index.html.
SIGNALS
SIGHUP - reload server.ini
SIGINT - disconnect all clients and exit
SIGTERM - same as SIGINT (included for init compatibility)
SIGUSR1 - list currently connected clients
PROXYING VIA APACHE
If there's an existing Apache web server on the host system, you can proxy
Wedgetail through it, allowing both to use the same port.
Apache prerequisites:
- mod_rewrite
- mod_proxy
- mod_proxy_http
- mod_proxy_wstunnel (optional but recommended)
Add the following to your SSL virtual host entry, changing "wedge" to the URL
you want for your client and "8090" to the port your Wedgetail server is on.
Commented lines are for Apache 2.2.
---
ProxyRequests off
SSLProxyEngine on
SSLProxyCheckPeerName off
SSLProxyCheckPeerCN off
Require all granted
#Order deny,allow
#Allow from all
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/wedge/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /wedge/(.*) wss://localhost:8090/$1 [P,L]
RewriteEngine on
RewriteRule /wedge$ /wedge/
ProxyPass https://localhost:8090/
ProxyPassReverse https://localhost:8090/