Skip to content

deathline94/tt-installer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

11 Commits
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
installer.sh
installer.sh
Β 
Β 

Repository files navigation

TrustTunnel VPN Installer

TrustTunnel VPN Installer allows users to effortlessly set up the TrustTunnel VPN service. Use a simple command to initiate a secure and fast VPN connection on your system.

Features

  • πŸš€ Quick installation using a single command
  • πŸ”’ Secure connection setup with TLS certificates
  • πŸ–₯️ Supports multiple platforms (x86_64, aarch64)
  • πŸ”§ Built-in management menu for easy administration
  • πŸ‘₯ Multi-user support
  • βš™οΈ Advanced endpoint options (HTTP/1.1, HTTP/2, QUIC, SOCKS5 forwarding)
  • πŸŒ‰ Tunnel mode with one-role-per-host (foreign endpoint or mainland relay client)
  • πŸ”‘ Bundle token export/import for fast foreign->mainland pairing

Prerequisites

  • Supported Operating Systems: Linux
  • curl must be installed on your system
  • Internet connection
  • Root privileges

Installation

  1. Download and Run the Installer Script

    bash <(curl -fsSL https://raw.githubusercontent.com/deathline94/tt-installer/main/installer.sh)

Usage

On first run, choose one deployment mode:

  • Standalone VPN Service - regular endpoint installation
  • Tunnel Mode - choose one role per host:
    • Foreign Exit Server (endpoint)
    • Mainland Relay Client (TrustTunnel Client with authenticated SOCKS5)

After installation, a reusable manager script is created under /root. Run this command again to access the management menu:

bash /root/tt-installer.sh

Management Options

  • Start/Stop/Restart Service
  • View Logs
  • Edit Configuration
  • Add Users
  • Show Client Config
  • Reinstall/Uninstall

Certificate Options

The installer supports three certificate options:

Option Works With Notes
Self-signed CLI Client only Quick setup for testing, does not work with Flutter Client
Let's Encrypt All clients Requires a valid domain pointing to your server
Existing certificate All clients Use your own CA-signed certificate

⚠️ Note: Self-signed certificates only work with the TrustTunnel CLI client. The Flutter Client requires a valid CA-signed certificate (Let's Encrypt or your own).

In Tunnel Mode, set a TLS hostname that is domain-like (for example vpn.example.com or tt.local), not a raw IP.
The relay can still connect to an IP address via endpoint addresses, but TLS hostname/SNI should be a hostname.

For Existing certificate mode, the installer auto-scans common paths and shows valid choices by domain: /etc/letsencrypt/live/*, /root/.acme.sh/*, /root/cert/*, common web server SSL folders, and /etc/ssl/{certs,private}.

Credits

This installer is built for TrustTunnel - a secure VPN solution that provides encrypted tunneling for your network traffic.

About

πŸ” One-click TrustTunnel VPN installer & manager for Linux. Auto-setup with Let's Encrypt, self-signed, or custom certificates. Multi-user support with easy management menu.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

103 stars

Watchers

2 watching

Forks

15 forks
Report repository

Releases 2

V2.1 - removed tunnel func / code cleanup Latest
Feb 22, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages