Server & admin
Deployment
How the control plane runs in the cluster — configuration, probes, and persistence.
The server is shipped as a small distroless container image and deployed to the K3S cluster via GitLab CI, the same way the rest of tunnelctl is.
Runtime shape
- Image — chiseled/distroless .NET runtime, non-root, read-only root filesystem.
- Port — listens on
8080(HTTP) inside the cluster; TLS is terminated at the edge. - Health probes —
GET /health/live(process alive) andGET /health/ready(database reachable and ready to serve). - Persistence — PostgreSQL in the cluster; EF Core migrations applied at startup.
Configuration
Configuration is read from environment variables (prefixed TUNNELCTLSERVER__) or
appsettings. The main groups are:
| Group | What it sets |
|---|---|
OIDC | Identity provider authority, audience, and provider type. |
ApiKey | RSA signing key path and default key expiry for issued API keys. |
Db | Database provider and connection settings. |
Plugin:Frp | Shared secret for the edge plugin and the public domain for slugs. |
Tunnels:Lifecycle | TTLs for reserved/inactive tunnels and the sweep interval. |
Environments
| Environment | Hostname |
|---|---|
| Test | tunnelctl-server.test.svc.piblade.net |
| Live | tunnelctl-server.live.svc.piblade.net |
Operator-focused
This page is a high-level orientation. The authoritative configuration reference lives with the server source; this documentation site mirrors the parts integrators need.