RustDesk

Материал из support.qbpro.ru
Версия от 17:53, 24 декабря 2025; Vix (обсуждение | вклад) (Новая страница: «'''RustDesk Self-Host Guide: Complete Setup and Configuration''' =='''What is RustDesk?'''== RustDesk is an open-source remote desktop software written in Rust. It's a powerful alternative to TeamViewer that allows you to control computers remotely with your own self-hosted server, ensuring complete privacy and security over your remote connections. =='''RustDesk Interface'''== =='''Features of RustDesk'''== Cross-Platform Support Windows: Full support wi...»)
(разн.) ← Предыдущая версия | Текущая версия (разн.) | Следующая версия → (разн.)

RustDesk Self-Host Guide: Complete Setup and Configuration

What is RustDesk?

RustDesk is an open-source remote desktop software written in Rust. It's a powerful alternative to TeamViewer that allows you to control computers remotely with your own self-hosted server, ensuring complete privacy and security over your remote connections.

RustDesk Interface

Features of RustDesk

Cross-Platform Support Windows: Full support with all features macOS: Complete compatibility including clipboard sync Linux: Native support for all major distributions Android/iOS: Mobile apps for remote access on-the-go Web Browser: Browser-based client for quick access Advanced Remote Desktop Features High Performance: Hardware-accelerated encoding/decoding Low Latency: Optimized for real-time interaction Multi-Monitor: Support for multiple displays File Transfer: Secure file sharing between devices Clipboard Sync: Seamless copy-paste across devices Audio Forwarding: Stream audio from remote computer Security and Privacy End-to-End Encryption: All connections are encrypted 2FA Support: Two-factor authentication for enhanced security Access Control: Fine-grained permission management Session Logging: Comprehensive audit trails No Data Collection: Complete privacy with self-hosting Enterprise Features Address Book: Centralized device management User Groups: Organize users and devices Access Control: Role-based permissions Unattended Access: Connect without user intervention API Integration: Programmatic access for automation Why Self Host RustDesk? Self-hosting provides complete control and eliminates reliance on third-party services.

Benefits of Self-Hosting RustDesk Complete Privacy: No data passes through external servers Cost Savings: No per-user licensing fees Performance: Optimized for your network infrastructure Customization: Tailor configuration to your needs Compliance: Meet strict data governance requirements Reliability: No dependency on external service availability System Requirements Minimum Requirements CPU: 2 cores RAM: 2GB Storage: 10GB Network: Stable internet connection with public IP OS: Linux (Ubuntu 20.04+ recommended)

  • Recommended Requirements
CPU: 4+ cores
RAM: 4GB+
Storage: 50GB SSD
Network: High-speed connection with low latency
Firewall configured for RustDesk ports
SSL certificate for secure web access
Network Requirements
TCP Port 21115: Relay server
TCP Port 21116: ID server
TCP Port 21117: HTTP API (optional)
TCP Port 21118: Web console (optional)
UDP Port 21116: NAT type test

Installation Guide

Using Docker (Recommended) Create docker-compose.yml: 

version: '3.8'

services:
  rustdesk-server:
    image: rustdesk/rustdesk-server:latest
    container_name: rustdesk-server
    ports:
      - "21115:21115"
      - "21116:21116"
      - "21116:21116/udp"
      - "21117:21117"
      - "21118:21118"
    volumes:
      - ./data:/data
    environment:
      - RELAY_HOST=your-domain.com
      - API_HOST=your-domain.com
    restart: unless-stopped
    
  rustdesk-api:
    image: rustdesk/rustdesk-api:latest
    container_name: rustdesk-api
    ports:
      - "21114:21114"
    volumes:
      - ./api-data:/data
    environment:
      - DB_URL=sqlite:///data/db.sqlite3
      - API_SECRET=your-secret-key
    restart: unless-stopped
    depends_on:
      - rustdesk-server
Start the services:
docker-compose up -d
Generate server key:
docker exec rustdesk-server /usr/bin/rustdesk-utils genkey

Manual Installation

  • Download RustDesk server:
wget https://github.com/rustdesk/rustdesk-server/releases/latest/download/rustdesk-server-linux-amd64.tar.gz
tar -xzf rustdesk-server-linux-amd64.tar.gz
cd rustdesk-server-linux-amd64
  • Generate encryption keys:

./rustdesk-utils genkey 

# This creates id_ed25519 and id_ed25519.pub files
  • Create systemd service:
# /etc/systemd/system/rustdesk-relay.service
[Unit]
Description=RustDesk Relay Server
After=network.target

[Service]
Type=simple
User=rustdesk
WorkingDirectory=/opt/rustdesk
ExecStart=/opt/rustdesk/rustdesk-relay -k /opt/rustdesk/id_ed25519
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target
Create ID server service:
# /etc/systemd/system/rustdesk-signal.service
[Unit]
Description=RustDesk Signal Server
After=network.target 

[Service]
Type=simple
User=rustdesk
WorkingDirectory=/opt/rustdesk
ExecStart=/opt/rustdesk/rustdesk-signal -k /opt/rustdesk/id_ed25519
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target
Start services:
sudo systemctl enable --now rustdesk-relay
sudo systemctl enable --now rustdesk-signal
  • Using Pre-built Binaries
Install from GitHub releases:
# Download latest release
curl -s https://api.github.com/repos/rustdesk/rustdesk-server/releases/latest | grep "browser_download_url.*linux.*tar.gz" | cut -d '"' -f 4 | wget -i -
  • Extract and install
tar -xzf rustdesk-server-*.tar.gz
sudo cp rustdesk-server-*/rustdesk-* /usr/local/bin/
sudo chmod +x /usr/local/bin/rustdesk-*

Configuration

  • Server Configuration
# rustdesk.toml
[server]
# Server hostname or IP
host = "your-domain.com"
# Relay port
relay_port = 21115
# Signal port  
signal_port = 21116
# API port
api_port = 21117

[security]
# Enable encryption
encryption = true
# Key file path
key_file = "/opt/rustdesk/id_ed25519"
# Password protection
password = "your-server-password"

[logging]
# Log level: error, warn, info, debug, trace
level = "info"
# Log file path
file = "/var/log/rustdesk/server.log"

[api]
# Enable web API
enabled = true
# API secret key
secret = "your-api-secret"
# Admin user
admin_user = "admin"
admin_password = "admin-password"
  • Environment Variables
# Server Configuration
RUSTDESK_HOST=your-domain.com
RUSTDESK_RELAY_PORT=21115
RUSTDESK_SIGNAL_PORT=21116
RUSTDESK_API_PORT=21117

# Security
RUSTDESK_KEY_FILE=/data/id_ed25519
RUSTDESK_PASSWORD=your-server-password
RUSTDESK_ENCRYPTION=true

# Logging
RUSTDESK_LOG_LEVEL=info
RUSTDESK_LOG_FILE=/var/log/rustdesk.log

# API
RUSTDESK_API_ENABLED=true
RUSTDESK_API_SECRET=your-api-secret
RUSTDESK_ADMIN_USER=admin
RUSTDESK_ADMIN_PASSWORD=admin-password

# Database (if using API server)
DATABASE_URL=sqlite:///data/db.sqlite3

Nginx Reverse Proxy

# /etc/nginx/sites-available/rustdesk
server {
    listen 80;
    server_name your-domain.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name your-domain.com;
    
    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
    
    # API endpoint
    location /api/ {
        proxy_pass http://localhost:21117/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    
    # Web console
    location / {
        proxy_pass http://localhost:21118/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        
        # WebSocket support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

Client Setup

  • Desktop Client Configuration
Download RustDesk client:

Windows: Download from RustDesk website
Linux: Install via package manager or download binary
macOS: Download from website or use Homebrew
  • Configure server settings:
Open RustDesk client
Go to Settings → Network
Set ID Server: your-domain.com:21116
Set Relay Server: your-domain.com:21115
Set Key: (paste your public key content)
Import configuration automatically:
  • Create configuration file
cat > rustdesk.toml << EOF
[options]
relay-server = "your-domain.com:21115"
id-server = "your-domain.com:21116"
key = "your-public-key-here"
EOF
  • Import configuration
rustdesk --import-config rustdesk.toml
Mobile App Configuration
Install RustDesk mobile app:

Android: Google Play Store or F-Droid
iOS: App Store
  • Configure server:
Open app settings
Add custom server
Enter server details and key
  • Web Client Setup
    • Enable web console in server config:
[web]
enabled = true
port = 21118

Enter server credentials
Connect to remote devices
Security Configuration
  • SSL/TLS Setup
    • Generate SSL certificate:
# Using Let's Encrypt
sudo certbot certonly --standalone -d your-domain.com

# Or generate self-signed certificate
openssl req -x509 -newkey rsa:4096 -keyout rustdesk.key -out rustdesk.crt -days 365 -nodes
  • Configure SSL in RustDesk:
[ssl]
enabled = true
cert_file = "/etc/ssl/certs/rustdesk.crt"
key_file = "/etc/ssl/private/rustdesk.key"
  • Firewall Configuration
# UFW (Ubuntu)
sudo ufw allow 21115/tcp
sudo ufw allow 21116/tcp
sudo ufw allow 21116/udp
sudo ufw allow 21117/tcp
sudo ufw allow 21118/tcp

# iptables
iptables -A INPUT -p tcp --dport 21115 -j ACCEPT
iptables -A INPUT -p tcp --dport 21116 -j ACCEPT
iptables -A INPUT -p udp --dport 21116 -j ACCEPT
iptables -A INPUT -p tcp --dport 21117 -j ACCEPT
iptables -A INPUT -p tcp --dport 21118 -j ACCEPT
  • Access Control
[access]
# Whitelist specific IPs
allowed_ips = ["192.168.1.0/24", "10.0.0.0/8"]
# Blacklist IPs
blocked_ips = ["1.2.3.4"]
# Require password for connections
require_password = true
# Enable session logging
session_logging = true
Two-Factor Authentication
[2fa]
# Enable 2FA
enabled = true
# TOTP issuer name
issuer = "RustDesk Server"
# Require 2FA for all users
required = false

Backup and Maintenance

Backup Strategy
#!/bin/bash
# RustDesk backup script

BACKUP_DIR="/backup/rustdesk"
DATE=$(date +%Y%m%d_%H%M%S)

# Create backup directory
mkdir -p $BACKUP_DIR 

# Backup configuration files
tar -czf $BACKUP_DIR/config-$DATE.tar.gz /opt/rustdesk/*.toml /opt/rustdesk/id_ed25519*

# Backup database (if using API server)
if [ -f /data/db.sqlite3 ]; then
    cp /data/db.sqlite3 $BACKUP_DIR/db-$DATE.sqlite3
fi

# Backup logs
tar -czf $BACKUP_DIR/logs-$DATE.tar.gz /var/log/rustdesk/

# Cleanup old backups (keep 30 days)
find $BACKUP_DIR -name "*.tar.gz" -mtime +30 -delete
find $BACKUP_DIR -name "*.sqlite3" -mtime +30 -delete

echo "Backup completed: $DATE"

Update Process

  • Stop services:
sudo systemctl stop rustdesk-relay rustdesk-signal
  • Backup current installation:
cp -r /opt/rustdesk /opt/rustdesk-backup-$(date +%Y%m%d)
  • Download and install update:
wget https://github.com/rustdesk/rustdesk-server/releases/latest/download/rustdesk-server-linux-amd64.tar.gz
tar -xzf rustdesk-server-linux-amd64.tar.gz
sudo cp rustdesk-server-linux-amd64/* /opt/rustdesk/
  • Restart services:
sudo systemctl start rustdesk-relay rustdesk-signal
sudo systemctl status rustdesk-relay rustdesk-signal
  • Monitoring
#!/bin/bash
# Monitoring script

# Check service status
if ! systemctl is-active --quiet rustdesk-relay; then
    echo "RustDesk relay service is down!"
    # Send alert or restart service
fi

if ! systemctl is-active --quiet rustdesk-signal; then
    echo "RustDesk signal service is down!"
    # Send alert or restart service
fi

# Check port connectivity
if ! nc -z localhost 21115; then
    echo "Relay port 21115 is not accessible!"
fi

if ! nc -z localhost 21116; then
    echo "Signal port 21116 is not accessible!"
fi

# Check disk space
DISK_USAGE=$(df /opt/rustdesk | tail -1 | awk '{print $5}' | sed 's/%//')
if [ $DISK_USAGE -gt 80 ]; then
    echo "Disk usage is above 80%: ${DISK_USAGE}%"
fi

# Check memory usage
MEMORY_USAGE=$(free | grep Mem | awk '{printf "%.0f", $3/$2 * 100.0}')
if [ $MEMORY_USAGE -gt 90 ]; then
    echo "Memory usage is above 90%: ${MEMORY_USAGE}%"
fi

Troubleshooting

  • Common Issues
    • Connection Problems
# Test server connectivity
telnet your-domain.com 21115
telnet your-domain.com 21116

# Check firewall rules
sudo ufw status
sudo iptables -L

# Test DNS resolution
nslookup your-domain.com
dig your-domain.com
Service Issues
# Check service status
sudo systemctl status rustdesk-relay
sudo systemctl status rustdesk-signal

# View service logs
sudo journalctl -u rustdesk-relay -f
sudo journalctl -u rustdesk-signal -f

# Restart services
sudo systemctl restart rustdesk-relay rustdesk-signal
  • Performance Issues
  1. Monitor system resources
htop
iotop
netstat -tlnp

# Check network latency
ping your-domain.com
mtr your-domain.com

# Monitor RustDesk processes
ps aux | grep rustdesk
Key/Certificate Problems
# Regenerate server keys
./rustdesk-utils genkey

# Verify key permissions
ls -la /opt/rustdesk/id_ed25519*
sudo chmod 600 /opt/rustdesk/id_ed25519
sudo chmod 644 /opt/rustdesk/id_ed25519.pub

# Test SSL certificate
openssl s_client -connect your-domain.com:443
Log Analysis
# Server logs location
tail -f /var/log/rustdesk/server.log

# System logs
tail -f /var/log/syslog | grep rustdesk

# Docker logs
docker logs -f rustdesk-server
FAQ
How does RustDesk compare to TeamViewer?
RustDesk offers similar functionality to TeamViewer but with complete self-hosting capabilities, no licensing fees, and full 
data privacy.

Can I use RustDesk without a public IP?
Yes, you can use services like Cloudflare Tunnel or VPN to expose your RustDesk server without a public IP.

Is RustDesk secure for business use?
Yes, RustDesk uses end-to-end encryption and allows complete control over your infrastructure, making it suitable for business 
environments.

How do I migrate from TeamViewer to RustDesk?
Set up your RustDesk server
Install RustDesk clients on all devices
Configure clients to use your server
Export/import address books if needed
Train users on the new interface
Can I customize the RustDesk client?
Yes, RustDesk is open-source, allowing you to customize the client application for your specific needs.

What's the maximum number of concurrent connections?
The limit depends on your server resources. A typical server can handle hundreds of concurrent connections.

How do I set up automatic updates?
# Create update script
cat > /usr/local/bin/rustdesk-update.sh << 'EOF'
#!/bin/bash
# Auto-update script for RustDesk
# Add to crontab: 0 2 * * 0 /usr/local/bin/rustdesk-update.sh
EOF

chmod +x /usr/local/bin/rustdesk-update.sh
Can I use RustDesk with load balancing?
Yes, you can run multiple RustDesk servers behind a load balancer for high availability and scalability.
  • How do I enable session recording?
[recording]
enabled = true
path = "/var/log/rustdesk/sessions/"
format = "mp4"
quality = "high"

ИСТОЧНИКИ

* RustDesk Self-Host Guide: Complete Setup and Configuration
Источник — https://support.qbpro.ru/index.php?title=RustDesk&oldid=4572