lfr-tunnel
Lightweight reverse-tunneling agent to securely expose local Liferay DXP instances.
3.5K
lfr-tunnel is a lightweight, secure reverse-tunneling agent built specifically for Liferay developers. It securely exposes local Liferay DXP or Portal instances running inside private networks to external webhooks, remote testing tools, or third-party client extensions without requiring complex firewall modifications or public IP routing.
By establishing an outbound connection to a remote gateway, lfr-tunnel opens a secure public endpoint that routes incoming HTTP traffic directly back to your local development container or workspace.
Standard tunneling utilities often choke on Liferay's sophisticated multi-site architectures, deep session management, and virtual host lookups. When a remote webhook hits a standard tunnel, the absolute URLs, redirected login sequences, or session cookie constraints frequently break down.
lfr-tunnel tackles this directly by automatically normalising headers and ensuring cookie structures stay intact between the public entrypoint and your local Tomcat instance.
To spin up the tunnel agent and connect it immediately to a running Liferay container on your machine:
docker run -d \
--name lfr-tunnel \
--network liferay-network \
-p 4040:4040 \
-e LFT_CLIENT_SERVER="https://tunnel.lfr-demo.se" \
-e LFT_CLIENT_TOKEN="your-secure-access-token" \
-e LFT_CLIENT_SUBDOMAIN="your-subdomain" \
-e LFT_TARGET_HOST="liferay-dxp" \
-e LFT_CLIENT_PORTS="8080" \
peterjrichards/lfr-tunnel:latest
Integrate the tunnel directly into your existing local development stack:
version: '3.8'
services:
liferay:
image: liferay/portal:7.4.3.112-ga112
container_name: liferay-dxp
ports:
- "8080:8080"
networks:
- lfr-dev
tunnel:
image: peterjrichards/lfr-tunnel:latest
container_name: lfr-tunnel-agent
depends_on:
- liferay
environment:
- LFT_CLIENT_SERVER=https://tunnel.lfr-demo.se
- LFT_CLIENT_TOKEN=your-secure-access-token
- LFT_CLIENT_SUBDOMAIN=your-subdomain
- LFT_TARGET_HOST=liferay-dxp
- LFT_CLIENT_PORTS=8080
networks:
- lfr-dev
networks:
lfr-dev:
driver: bridge
Configure the runtime execution using these environment variables:
| Environment Variable | Canonical | Fallbacks | Description | Default / Example |
|---|---|---|---|---|
| Server URL | LFT_CLIENT_SERVER | LFT_SERVER_URL, LFT_SERVER | The public-facing gateway server managing the external entrypoint. | Required (e.g., https://tunnel.lfr-demo.se) |
| Auth Token | LFT_CLIENT_TOKEN | LFT_TOKEN | The authentication secret used to register the secure connection with the gateway. | Required (e.g., lfr_pat_...) |
| Subdomain | LFT_CLIENT_SUBDOMAIN | LFT_SUBDOMAIN | Custom subdomain prefix for your public endpoint. | your-subdomain |
| Target Host | LFT_TARGET_HOST | ā | The internal address/IP of your target Liferay instance (e.g., localhost or container_name). | localhost |
| Ports | LFT_CLIENT_PORTS | ā | Comma-separated list of ports to route. | 8080 (or 8080,3000) |
| Inspector Bind | LFT_INSPECTOR_BIND | ā | Binding address for local inspector dashboard. | 0.0.0.0 or 127.0.0.1 |
The code for this agent is open source. You can view the implementation, report bugs, or request features at the official repository:
Content type
Image
Digest
sha256:90c00f65fā¦
Size
8.4 MB
Last updated
2 days ago
docker pull peterjrichards/lfr-tunnel