Install Realm (Binary)

1. Install Basic Tools

apt update
apt install -y curl jq tar

2. Determine System Architecture & Match Official Binary Package Name

ARCH_DEB="$(dpkg --print-architecture)"
case "$ARCH_DEB" in
  amd64)  PKGARCH="x86_64-unknown-linux-gnu" ;;
  arm64)  PKGARCH="aarch64-unknown-linux-gnu" ;;
  *)
    echo "Unsupported CPU architecture: $ARCH_DEB (You can browse the releases to find a suitable package)"
    exit 1
  ;;
esac

Alternatively, you can visit the GitHub releases page to select the appropriate package file for your Linux system: https://github.com/zhboner/realm/releases

3. Get the Latest Tag and Download URL (from Official Releases)

TAG=$(curl -s https://api.github.com/repos/zhboner/realm/releases/latest | jq -r .tag_name)
URL=$(curl -s https://api.github.com/repos/zhboner/realm/releases/latest \
  | jq -r --arg A "$PKGARCH" '.assets[] | select(.name|test($A) and test("gnu\\.tar\\.gz$")) | .browser_download_url' | head -n1)

4. Download and Install to /usr/local/bin

mkdir -p /usr/local/src/realm && cd /usr/local/src/realm
curl -L "$URL" -o realm.tgz
tar -xzf realm.tgz
install -m 0755 realm /usr/local/bin/realm

5. Check Version and Help (to Confirm Successful Installation)

realm -v
realm -h | sed -n '1,20p'

Create a TOML Configuration File (/etc/realm/config.toml)

First, create the directory and the file:

mkdir -p /etc/realm
nano /etc/realm/config.toml

Here is a minimal, usable example with two forwarding rules (works for both TCP and UDP):

[log]
level  = "info"          
output = "stdout"        

[network]
no_tcp   = false         # Allow TCP
use_udp  = true          # Allow UDP

# Example 1: Forward local port 0.0.0.0:5000 to 1.1.1.1:443
[[endpoints]]
listen = "0.0.0.0:5000"
remote = "1.1.1.1:443"

# Example 2: Forward local port 0.0.0.0:10000 to the domain www.google.com:443
[[endpoints]]
listen = "0.0.0.0:10000"
remote = "www.google.com:443"

Of course, you can also enable some advanced options:

1) Load Balancing with Multiple Backends:

# Forward a single listening port to multiple backends in a round-robin fashion
[[endpoints]]
listen        = "0.0.0.0:443"
remote        = "a.example.com:443"
extra_remotes = ["b.example.com:443", "c.example.com:443"]
balance       = "roundrobin: 4, 2, 1"   # The weights for a, b, and c are 4, 2, and 1, respectively

2) Transport Layer (WebSocket/TLS/WSS)

The released binary includes the transport feature by default. You can configure it directly using string options for listen_transport / remote_transport, for example:

# Use WebSocket on the listening end and TLS on the remote end (example)
[[endpoints]]
listen            = "0.0.0.0:18080"
remote            = "upstream.example.com:443"
listen_transport  = "ws;path=/ws;host=cdn.example.com"
remote_transport  = "tls;sni=upstream.example.com"

3) MPTCP (Multipath TCP)

[network]
send_mptcp   = true      # Use MPTCP for outbound connections
accept_mptcp = false     # Whether to accept inbound MPTCP connections

MPTCP requires a kernel version > 5.6 and net.mptcp.enabled=1. Use the send_mptcp and accept_mptcp fields to configure it.

Create a systemd Unit File (/etc/systemd/system/realm.service)

[Unit]
Description=Realm high-performance relay
Documentation=https://github.com/zhboner/realm
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
# If you have multiple config files, you can specify a directory: ExecStart=/usr/local/bin/realm -c /etc/realm/
ExecStart=/usr/local/bin/realm -c /etc/realm/config.toml
WorkingDirectory=/etc/realm
Restart=on-failure
RestartSec=2s
LimitNOFILE=1048576
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target

Enable the service and view logs:

systemctl daemon-reload
systemctl enable --now realm
systemctl status realm
journalctl -u realm -e

References

https://github.com/zhboner/realm

https://github.com/zhboner/realm/releases

If you run into any issues, it’s recommended to first search on Google and consult the official README.