klipitkas/tunnl.gg — reverse-engineered prompt

Build me a simple self hosted service like tunnl.gg that lets someone expose a local app to the internet with one SSH command.

I want a user to run something like ssh -t -R 80:localhost:8080 mydomain.com and then the server gives them a public HTTPS URL on a random memorable subdomain. Traffic to that URL should proxy back through the SSH tunnel to their local app. It should support normal web traffic and WebSockets.

Please include automatic HTTPS support using existing cert files, HTTP to HTTPS redirect, basic abuse protection, rate limits, tunnel limits per IP, request size limits, idle timeouts, and a small local stats endpoint that shows active tunnels and request counts. Add a simple browser warning page before forwarding traffic, with a header option to skip it for scripts.

Make it easy to run with Docker Compose and also build as a small Go binary. Include sensible config through environment variables and clear README instructions for DNS, certificates, deployment, and usage.