A production-ready toolkit for provisioning and operating secure network tunnels on Linux hosts.
- 🎯 Unified Control Panel - Install, inspect, and remove tunnelling services
- 💻 CLI Interface - Colorful status output and command groups per service
- 🌐 Web Dashboard - AIOHTTP + Jinja2 powered dashboard with login
- 🔒 HTTPS Ready - Optional Let's Encrypt provisioning during install
- 📦 Packaged Templates - Reproducible deployments without network fetches
- 📚 PyPI Ready - Complete packaging with entry points and documentation
- 🐧 Linux host with
systemdandiptables - 🐍 Python 3.9+ (CPython recommended)
- 🔐 Root/sudo privileges for system services and firewall rules
curl -fsSL https://raw.githubusercontent.com/zZedix/Shifter/main/scripts/install.sh -o install.sh
chmod +x install.sh
sudo ./install.sh# First-time credentials (run after installer finishes)
sudo SHIFTER_AUTH_FILE='/root/Shifter/config/auth.json' shifter-toolkit reset-credentials --generategit clone https://github.com/zZedix/Shifter.git
cd Shifter
pip install -e .# 📋 Review available commands
sudo shifter-toolkit --help
# 🔐 Create or update WebUI credentials
sudo SHIFTER_AUTH_FILE='/root/Shifter/config/auth.json' shifter-toolkit reset-credentials --generate
# 📄 Inspect the stored credential hash (optional)
sudo cat /root/Shifter/config/auth.json
# 🔍 Inspect the health of all managed services
sudo shifter-toolkit status
⚠️ Note: Each sub-command validates that it is executed with root privileges before touching the system. 💡 Installer tip: The installer writes a unique path slug to~/Shifter/shifter-webui.basepath. After the install, runsudo SHIFTER_AUTH_FILE='/root/Shifter/config/auth.json' shifter-toolkit reset-credentials --generateto create your login and store the hash in~/Shifter/config/auth.json. Combine the base path with your host/port (e.g.,https://server:2063$(cat ~/Shifter/shifter-webui.basepath)) to reach the dashboard.
| 🎯 Group | 💻 Example | 📝 Description |
|---|---|---|
serve |
sudo shifter-toolkit serve --host 0.0.0.0 --port 2063 --base-path /admin-panel |
Launch the AIOHTTP dashboard |
status |
sudo shifter-toolkit status haproxy |
Show active/enabled state plus parsed configuration details |
gost |
sudo shifter-toolkit gost install --domain example.com --port 8080 |
Manage GOST tunnel deployment and forwarding rules |
haproxy |
sudo shifter-toolkit haproxy add --relay-port 8081 --main-server-ip 1.2.3.4 --main-server-port 443 |
Configure HAProxy frontends/backends |
xray |
sudo shifter-toolkit xray add --address example.com --port 8443 |
Maintain Xray Dokodemo-door inbounds |
iptables |
sudo shifter-toolkit iptables install --main-server-ip 203.0.113.10 --ports 80,443 |
Persist and inspect port-forwarding firewall rules |
Run sudo shifter-toolkit <group> --help for all arguments on a specific command family.
Shifter ships with a lightweight dashboard that mirrors the CLI capabilities.
- 📁 Templates live inside the package (
shifter/web/templates) so deployments don't rely on external assets - 🔐 Generate credentials with
sudo SHIFTER_AUTH_FILE='/root/Shifter/config/auth.json' shifter-toolkit reset-credentials --generateafter installing (hash stored securely in~/Shifter/config/auth.json) - 🔑 Reset credentials any time with
sudo SHIFTER_AUTH_FILE='/root/Shifter/config/auth.json' shifter-toolkit reset-credentials(supports prompts or random generation) - 🧁 Sessions are backed by encrypted cookies—set
AIOHTTP_SECRET_KEYto persist the cookie key across restarts - 🔒 Optional HTTPS provisioning via Let's Encrypt when the installer runs (interactive prompt or
SHIFTER_ENABLE_HTTPS,SHIFTER_DOMAIN,SHIFTER_CONTACT_EMAIL)
Installer commands render configuration templates that are bundled with the package:
- 🔧
gost.servicefor systemd - ⚙️
haproxy.cfgwith placeholder tokens - 📄
config.jsonbase configuration for Xray
Use importlib.resources helpers in shifter.services.config if you need custom automation that reuses these bundled files.
# 📦 Install runtime dependencies
python -m pip install --upgrade pip setuptools wheel
python -m pip install -r requirements.txt
# 🔧 Install the project in editable mode
python -m pip install -e .
# 🚀 Optional: run the CLI locally
sudo python -m shifter statusWe recommend developing inside a virtual environment to isolate dependencies.
Extended guides are available under docs/, covering deployment patterns, CLI details, and release workflows.
Shifter Toolkit is released under the MIT License.
If you find Shifter Toolkit useful and want to support its development, consider making a donation:
- Bitcoin (BTC):
bc1q637gahjssmv9g3903j88tn6uyy0w2pwuvsp5k0 - Ethereum (ETH):
0x5B2eE8970E3B233F79D8c765E75f0705278098a0 - Tron (TRX):
TSAsosG9oHMAjAr3JxPQStj32uAgAUmMp3 - USDT (BEP20):
0x5B2eE8970E3B233F79D8c765E75f0705278098a0 - TON:
UQA-95WAUn_8pig7rsA9mqnuM5juEswKONSlu-jkbUBUhku6
- ⭐ Star the repository if you find it useful
- 🐛 Report bugs and suggest improvements
- 📖 Improve documentation and translations
- 🔗 Share with others who might benefit