How to Install RustDesk Remote Desktop Server on Rocky Linux 8
RustDesk is a free, open-source remote desktop application that supports multiple platforms like Windows, macOS, Linux, iOS, and Android. It offers high-performance remote control, secure end-to-end encryption, and easy setup without complex configurations. RustDesk also includes features like file transfer and a user-friendly interface, making it ideal for both personal and professional use.
Prerequisites
Before you begin, make sure you have the following:
- A deployed Rocky Linux Linux server.
- A subdomain A record pointing to your server.
- Docker Compose installed.
- SSH access to the server as a non-root sudo user.
Install Docker
First, ensure Docker is installed on your server. If not, you can install it using the following commands,
dnf update -y
dnf install -y yum-utils nano
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
dnf install -y docker-ce docker-ce-cli containerd.io
systemctl start docker
systemctl enable docker
Next, install Docker Compose,
dnf install curl -y
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose --version
Install RustDesk
Create Directory for RustDesk
Create a new directory to store RustDesk Docker files. This directory will hold the configuration files and any data needed by the RustDesk server.
mkdir -p /opt/rustdesk
Navigate to the newly created directory.
cd /opt/rustdesk
Create Docker Compose Configuration
Create a new Docker Compose file named rustdesk.yml
in the /opt/rustdesk
directory. This file will define the services required to run the RustDesk server.
nano rustdesk.yml
Add the following configurations to the rustdesk.yml
file. This configuration sets up two services: hbbs and hbbr, which are essential for RustDesk's server functionality.
version: '3'
networks:
rustdesk-net:
external: false
services:
hbbs:
container_name: hbbs
ports:
- 21115:21115
- 21116:21116
- 21116:21116/udp
- 21118:21118
image: rustdesk/rustdesk-server:latest
command: hbbs -r 127.0.0.1:21117 -k _
volumes:
- ./hbbs:/root
networks:
- rustdesk-net
depends_on:
- hbbr
restart: unless-stopped
hbbr:
container_name: hbbr
ports:
- 21117:21117
- 21119:21119
image: rustdesk/rustdesk-server:latest
command: hbbr -k _
volumes:
- ./hbbr:/root
networks:
- rustdesk-net
restart: unless-stopped
Save and close the file (Ctrl+O, Enter, Ctrl+X).
Start RustDesk Server Containers
Use Docker Compose to start the RustDesk server containers. The -d
flag runs the containers in detached mode, meaning they will run in the background.
docker-compose -f rustdesk.yml up -d
Verify that the RustDesk hbbs and hbbr containers are up and running. The following command lists all running Docker containers.
docker ps
Secure the Server with Nginx
Install Nginx
If Nginx is not already installed on your server, install it using the following command. Nginx will be used as a reverse proxy to route traffic to the RustDesk server.
dnf install -y nginx
Configure Firewall
Allow Nginx to communicate on HTTP port 80 by updating the firewall rules.
firewall-cmd --permanent --add-service=http
firewall-cmd --reload
Create Nginx Configuration for RustDesk
Create a new Nginx configuration file for RustDesk. This file will configure Nginx to forward requests from your subdomain to the RustDesk server.
nano /etc/nginx/conf.d/rust.domainhere.info
Add the following configuration to the file. Replace rust.domainhere.info with your actual subdomain.
server {
listen 80;
listen [::]:80;
server_name rust.domainhere.info;
location / {
proxy_pass http://127.0.0.1:21117;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Note: Replace the rust.domainhere.info with actual domain name
Save and close the file.
View RustDesk Server Encryption Keys
cat /opt/rustdesk/hbbs/id_ed25519.pub
The output should look similar to,
WfgvfV002mcFRevj205Fd+3vEEEWpeHlcL3xAXnAxJ4=
Securing Nginx with SSL Using Certbot
To ensure secure communication with your RustDesk server, you need to secure your Nginx reverse proxy with SSL. This can be easily achieved using Certbot, which provides free SSL certificates from Let's Encrypt.
Enable the EPEL Repository
First, enable the EPEL repository to install Certbot.
dnf install -y epel-release
Install Certbot and the Nginx plugin
dnf install -y certbot python3-certbot-nginx
Obtain and Install SSL Certificate
Use Certbot to obtain and install an SSL certificate for your domain. Replace rust1.domainhere.info
with your actual subdomain.
certbot --nginx -d rust1.domainhere.info
Follow the prompts to complete the process. You will need to provide an email address for important renewal and security notices and agree to the terms of service.
Verify SSL Configuration
After Certbot completes the installation, verify that Nginx is correctly configured and running with SSL.
nginx -t
systemctl reload nginx
Setting Up the RustDesk Client
- Download the Client: Head to the RustDesk website and download the client application compatible with your system.
- Install RustDesk: Follow the installation process to get RustDesk up and running on your client machine.
- Launch the Application: Open RustDesk once the installation is complete.
- Open Settings: Click the settings icon located next to your connection ID.
- Configure the Server:
- Select "ID/Relay Server" from the settings menu.
- In the "ID Server" field, enter your server's domain name.
- Paste the server’s public key into the "Key" field.
- Save and Connect: Click "OK" to save your settings and connect to your RustDesk server.
Testing Your RustDesk Server
- Install RustDesk Locally: Download and install the RustDesk client on your local computer.
- Open and Configure RustDesk:
- Navigate to the "ID/Relay Server" section in the app.
- Enter the domain name of your RustDesk server in the "ID Server" field.
- Input the server's public key in the "Key" field.
- Apply Settings: Click "OK" to save your configuration.
- Establish a Connection:
- Enter the remote machine’s ID in the "Enter Remote ID" field.
- Click "Connect" to establish a secure and efficient connection through your private RustDesk server.
By following these steps, you will ensure a secure and swift connection to your remote desktop via your dedicated RustDesk server, providing a reliable and encrypted remote access solution.