Skip to content

AutoCookies/ZetaFlow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
assets
assets
 
 
cmd
cmd
 
 
configs
configs
 
 
internal
internal
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 

Repository files navigation

ZetaFlow Logo

ZetaFlow

Go Discord License

Self-hosted, single-tenant zero-trust tunnel (controller + agents + relay fallback).

Self-host quickstart

make build
./cmd/zetaflow-controller/zetaflow-controller configs/controller.yaml
./cmd/zetaflow-relay/zetaflow-relay
./cmd/zetaflow-agent/zetaflow-agent configs/agent-target.yaml
./cmd/zetaflow-agent/zetaflow-agent configs/agent-client.yaml

Controller endpoints:

  • POST /v1/register
  • POST /v1/agents/heartbeat
  • POST /v1/sessions/request
  • POST /v1/sessions/revoke
  • GET /v1/sessions/status?session_id=...
  • GET /metrics

Two machine topology

  • Machine A (laptop): run client agent with outbound HTTPS to controller + outbound TCP to relay.
  • Machine B (office host): run target agent with outbound HTTPS to controller + outbound TCP to relay.
  • Controller/relay can run on VPS with public IP.

Config examples

configs/controller.yaml must include:

  • admin_token
  • relay_addr
  • relay_ticket_secret

Agent config supports dataplane flags:

  • dataplane.enable_udp
  • dataplane.enable_relay
  • dataplane.udp_listen_addr
  • dataplane.relay_addr

Troubleshooting checklist

  • Open controller TLS port and relay TCP port in firewall.
  • Ensure agents can reach controller URL and relay address.
  • Check /metrics on controller and relay for counters.
  • If direct path fails, verify relay fallback enabled.

Build and test

make lint
make build
make test

About

ZetaFlow a zerotrust remote tunnel

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

ZetaFlow V1.0.0 Latest
Feb 20, 2026

Packages

 
 
 

Contributors

Languages