tunnelctl is the in-house tunneling daemon for Nubeo developers. Drop an encrypted public URL on top of any localhost service in under 200 ms — share with the team, hit it from a phone, get the QA crew unblocked. Zero accounts. Zero config. Free for the whole org.
tunnelctl deliberately ships less than ngrok. No paid plans, no feature creep — just the one job done well. Spin up an HTTPS tunnel against a localhost port, share the URL, ship the demo. Anything fancier we add only when an actual Nubeo project asks for it.
One command spins up a TLS-terminated tunnel pointing at any local port. No signup, no DNS, no waiting. Ship a working URL before your coffee finishes brewing.
Every tunnel gets a memorable, randomly-generated slug at <slug>.tunnelctl.eu — pin one with --name if you want a stable
URL across restarts.
TLS 1.3 with ChaCha20-Poly1305 between client and edge. Optional basic-auth gate or IP allowlist if you're exposing a staging build to a vendor.
One static binary. No Docker, no systemd hoops, no language runtime. macOS (Intel + Apple
Silicon), Linux x86_64 / arm64, Windows. Just drop it in your $PATH.
Install once. Authenticate against your Nubeo SSO once. Tunnel forever.
Single binary, zero deps. Available on Homebrew, apt, scoop, or direct from the Nubeo GitLab releases page.
SSO via Nubeo's identity provider. Browser device flow — no copy-pasting tokens, no editing TOML files in a panic.
Point at any port. Optionally pin the slug. The flag set is intentionally tiny — that's the whole point.
We're being upfront about scope. Below is what's in the box right now and what's on the backlog. If something on the right side blocks your work, file an issue in GitLab and we'll bump it.
<slug>.tunnelctl.eu--name*.tunnelctl.eu — no api.acme.dev yetDrop a public URL on top of localhost in the next 30 seconds. No credit card. No marketing email. No quota. Just a daemon and a glowing terminal — courtesy of Nubeo Engineering.