Skip to content

The Hoody Tunnel kit exposes a multiplexed WebSocket control plane that brokers EXPOSE and PULL port bindings between local development processes and remote environments. These endpoints let you inspect active sessions, audit bindings, scrape Prometheus metrics, and administratively terminate sessions.

All endpoints are unauthenticated and intended for local kit control. Use them for debugging, dashboards, and operator tooling.

Returns the kit’s runtime health snapshot. No authentication required.

Terminal window
curl http://localhost:8080/api/v1/tunnel/health

Returns Prometheus text-format metrics for the kit, including active sessions, active bindings, and FD permits.

Terminal window
curl http://localhost:8080/api/v1/tunnel/metrics

WebSocket upgrade endpoint for the multiplexed tunnel session. Clients MUST request subprotocol hoody-tunnel.v1 or hoody-tunnel.v2 and send a HELLO frame as the first binary message. See the kit README for the wire protocol.

This endpoint takes no parameters.

Terminal window
curl --include \
--no-buffer \
--header "Connection: Upgrade" \
--header "Upgrade: websocket" \
--header "Sec-WebSocket-Version: 13" \
--header "Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==" \
--header "Sec-WebSocket-Protocol: hoody-tunnel.v2" \
http://localhost:8080/api/v1/tunnel/connect

Returns all active tunnel sessions with their bindings, stream counts, and protocol version.

This endpoint takes no parameters.

Terminal window
curl http://localhost:8080/api/v1/tunnel/sessions

Returns all active EXPOSE and PULL bindings with their owning session, port, kind, mode, and bind ID.

This endpoint takes no parameters.

Terminal window
curl http://localhost:8080/api/v1/tunnel/bindings

Returns a unified view of all active tunnel sessions with their expose and pull bindings, stream counts, orphan count, and FD budget status.

This endpoint takes no parameters.

Terminal window
curl http://localhost:8080/api/v1/tunnel/tunnels

DELETE /api/v1/tunnel/sessions/{session_id}

Section titled “DELETE /api/v1/tunnel/sessions/{session_id}”

Signals the tunnel kit to close the named session. Live sessions receive a GOAWAY(0x0001, "closed by admin") sent directly on the WebSocket and are force-closed after grace_ms. Admin kills are non-resumable (orphan parking is skipped).

NameInTypeRequiredDescription
session_idpathstringYesSession ID as returned by GET /sessions
grace_msqueryintegerNoGOAWAY drain budget in ms (0–5000, default 50)
Terminal window
curl -X DELETE \
"http://localhost:8080/api/v1/tunnel/sessions/sess_01HMZ3R5K4QX8YJ0N7T2VABCD?grace_ms=250"