Architecture

Caution: This document contains wishful thinking. Not everything is true yet.

The Tere server is written in Rust. It does not run as root or need CAP_ADMIN.

It uses systemd socket activation (1, 2) to serve HTTPS1. TLS termination may be done by a proxy in front of the service, if wanted.

The browser client uses hterm, at least for now2. User sessions are transported over a WebSocket connection. Sessions survive TCP connection loss and IP address changes.

User authentication is done with WebAuthn. This means user must have suitable hardware, for example a YubiKey.

Sessions are run via systemd, with the same mechanism as machinectl shell.

1

For testing, localhost connections can use HTTP. WebAuthn prevents us from allowing plaintext in production, and this is a good thing.

2

We might switch to WASM, one day.