Skip to content

Latest commit

 

History

History
69 lines (44 loc) · 2.56 KB

README.md

File metadata and controls

69 lines (44 loc) · 2.56 KB

Tabby Web

This is the exact code that runs at https://tabby.sh. In fact, it's being deployed straight out of this repository.

You can use this to deploy your own copy or to make improvements - pull requests are welcome!

How it works

Tabby Web serves the Tabby Terminal as a web application while managing multiple config files, authentication, and providing TCP connections via a separate gateway service.

Requirements

  • Python 3.7+
  • A database server supported by Django (MariaDB, Postgres, SQLite, etc.)
  • Storage for distribution files - local, S3, GCS or others supported by fsspec

Quickstart (using docker-compose)

You'll need:

  • OAuth credentials from GitHub, GitLab, Google or Microsoft for authentication.
  • For SSH and Telnet: a tabby-connection-gateway to forward traffic.
    docker-compose up -e SOCIAL_AUTH_GITHUB_KEY=xxx -e SOCIAL_AUTH_GITHUB_SECRET=yyy

will start Tabby Web on port 9090 with MariaDB as a storage backend.

For SSH and Telnet, once logged in, enter your connection gateway address and auth token in the settings.

Environment variables

  • DATABASE_URL (required).
  • APP_DIST_STORAGE: a file://, s3://, or gcs:// URL to store app distros in.
  • SOCIAL_AUTH_*_KEY & SOCIAL_AUTH_*_SECRET: social login credentials, supported providers are GITHUB, GITLAB, MICROSOFT_GRAPH and GOOGLE_OAUTH2.

Adding Tabby app versions

  • docker-compose run tabby /manage.sh add_version 1.0.163

Development setup

Put your environment vars (DATABASE_URL, etc.) in the .env file in the root of the repo.

For the frontend:

cd frontend
yarn
yarn run build # or yarn run watch

For the backend:

cd backend
poetry install
./manage.py migrate # set up the database
./manage.py add_version 1.0.156-nightly.2 # install an app distribution
PORT=9000 poetry run gunicorn # optionally with --reload

Security

  • When using Tabby Web for SSH/Telnet connectivity, your traffic will pass through a hosted gateway service. It's encrypted in transit (HTTPS) and the gateway servers authenticate themselves with a certificate before connections are made. However there's a non-zero risk of a MITM if a gateway service is compromised and the attacker gains access to the service's private key.
  • You can alleviate this risk by hosting your own gateway service, or your own copy of Tabby Web altogether.