Skip to content
Klutch.sh Docs

Deploying a RustdeskServer App

Introduction

RustdeskServer hosts the RustDesk rendezvous (hbbs) and relay (hbbr) services, enabling self-hosted remote desktop sessions. Deploying RustdeskServer with a Dockerfile on Klutch.sh provides reproducible builds, managed secrets, and persistent storage—all configured from klutch.sh/app. Because Klutch.sh routes one port per app, you will run hbbs and hbbr as separate apps.

Prerequisites

  • A Klutch.sh account (sign up)
  • A GitHub repository containing your RustdeskServer Dockerfile (GitHub is the only supported git source)
  • Domains/subdomains for hbbs (ID server) and hbbr (relay), each mapped to its own Klutch.sh app

For onboarding, see the Quick Start.

Architecture and ports

  • Klutch.sh allows one port per app. Create two apps:
    • hbbs (ID server): TCP traffic, internal port 21115 (RustDesk’s rendezvous). Clients set this as the ID/Key server and connect to https://example-app.klutch.sh via TCP on external 8000.
    • hbbr (relay): TCP traffic, internal port 21114 (relay). Clients set this as the relay server at https://example-app.klutch.sh via TCP on external 8000.
  • UDP is not available; this setup uses TCP-only relay/rendezvous.

Repository layout

rustdeskserver/
├── Dockerfile              # Must be at repo root for auto-detection
└── README.md

Keep secrets out of Git; store them in Klutch.sh environment variables.

Installation (local) and starter commands

Test locally with both services in one container (for verification only):

Terminal window
docker build -t rustdeskserver-local .
docker run -p 21115:21115 -p 21114:21114 \
  -e KEY_PRIV= \
  -e KEY_PUB= \
  rustdeskserver-local

Generate keys if you want custom ones: docker run --rm rustdesk/rustdesk-server hbbs -g.

Dockerfile for RustdeskServer (production-ready)

Place this at the repo root; Klutch.sh auto-detects Dockerfiles.

FROM rustdesk/rustdesk-server:latest


ENV HBBS_PORT=21115
ENV HBBR_PORT=21114


EXPOSE 21115 21114
CMD ["/entrypoint.sh"]

Notes:

  • Pin to a specific tag (e.g., rustdesk/rustdesk-server:1.1.11) for stability.
  • /entrypoint.sh launches both hbbs and hbbr; Klutch.sh will run each app with only one exposed port, so you will deploy hbbs and hbbr separately.

Environment variables (Klutch.sh)

Set these for both apps (hbbs and hbbr):

  • HBBS_PORT=21115 (hbbs app) or HBBR_PORT=21114 (hbbr app)
  • KEY_PRIV=<private-key> (optional if you pre-generate keys)
  • KEY_PUB=<public-key> (optional)
  • Optional relay tuning: ENCRYPTED_ONLY=1 to force encrypted relay

If deploying without the Dockerfile and relying on Nixpacks:

  • NIXPACKS_START_CMD=/entrypoint.sh

Attach persistent volumes

Add storage in Klutch.sh (path and size only):

  • /root/.config/rustdesk-server — keys, logs, and server state.

Ensure the path is writable inside the container.

Deploy RustdeskServer on Klutch.sh (split-port workflow)

  1. Push your repository—with the Dockerfile at the root—to GitHub.
  2. Create the hbbs app: choose TCP traffic, set the internal port to 21115, add the environment variables, and attach the volume at /root/.config/rustdesk-server.
  3. Deploy hbbs. Its external endpoint will be example-app.klutch.sh on port 8000 (Klutch TCP).
  4. Create the hbbr app: choose TCP traffic, set the internal port to 21114, reuse the same repo/env/volume settings.
  5. Deploy hbbr. Its external endpoint will be example-app.klutch.sh on port 8000 (Klutch TCP).
  6. In RustDesk clients, set the ID server to your hbbs app domain and the relay server to your hbbr app domain, both on port 8000.

Sample checks

Verify ports (replace with your hbbs/hbbr domains):

Terminal window
nc -vz hbbs.example-app.klutch.sh 8000
nc -vz hbbr.example-app.klutch.sh 8000

Health checks and production tips

  • Monitor logs in /root/.config/rustdesk-server; keep the volume sized for logs/keys.
  • Keep keys in Klutch.sh secrets; rotate if compromised.
  • Pin image versions and test upgrades in staging before production.
  • TCP-only relay is supported here; if peers are behind strict NATs, ensure clients use TCP relay on port 8000.

RustdeskServer on Klutch.sh delivers reproducible Docker builds, managed secrets, and persistent keys—without extra YAML or CI steps. Configure the two TCP apps (hbbs and hbbr), attach storage for keys, and point clients to your endpoints to enable remote access.