如何自托管NGROK? [英] How to self host NGROK?

问题描述

将本地服务器公开到Internet非常繁琐.从静态IP到防火墙问题，都需要解决许多问题.

由于您是开发人员，因此很有可能在公共云中运行某种服务器.如果没有，您可以在数字海洋或vultr上租用一个这样的Linux实例.

我通过

7. 使用openssl生成密钥和证书

   cd ngrok

   NGROK_DOMAIN =" tunnel.mydomain.com"

   openssl genrsa -out rootCA.key 2048

   openssl req -x509 -new -nodes -key rootCA.key -subj"/CN = $ NGROK_DOMAIN";天5000次rootCA.pem

   openssl genrsa -out device.key 2048

   openssl req-新-key设备.key -subj"/CN = $ NGROK_DOMAIN"输出device.csr

   openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000

   cp rootCA.pem资产/客户端/tls/ngrokroot.crt

8. 构建服务器实例( ngrokd )

注意:ngrokd是服务器守护程序，而ngrok(即将出现)是客户端.

  make发布服务器 

9. 运行服务器实例

   bin/ngrokd -tlsKey = device.key -tlsCrt = device.crt -domain ="$ NGROK_DOMAIN";-httpAddr =:8000"；-httpsAddr =":8001"

10. 创建一个在服务器重启或该服务以任何其他方式中断时运行此服务的服务.

您需要允许端口8000 8001和4443通过防火墙.

---

客户

1. 生成客户端二进制文件.在ngrok文件夹中运行

Linux

  make release-client 

在ngrok的bin目录中创建客户端

MacOS

  make release-client GOOS ="darwin"；GOARCH ="amd64" 

客户端在bin/darwin_amd64下创建

2. 将此ngrok客户端下载到您的主机(要向Internet公开的计算机)

3. 在与ngrok客户端相同的文件夹中创建ngrok-config文件.

   server_addr:tunnel.mydomain:4443

   trust_host_root_certs:错误

4. 使用随机子域启动隧道

   ./ngrok -config = ngrok-config 80

   ./ngrok -config = ngrok-config --proto = tcp 22

5. 用于具有自定义子域的隧道

     ./ngrok -config = ngrok-config -subdomain = example --proto = tcp 22 

It is very tedious to expose a local server to the Internet. From Static IP to firewall issues there are numerous problems one needs to handle.

Ngrok is a great service to help you expose your localhost to the outside world. But the service is paid if you need to do something serious with it. It can cost $15/month/user for its business plan.

How can one self-host such a service for free or a very minimal cost?

解决方案

It is possible to self-host an instance of ngrok on your own server. Ngrok is a reverse proxy that creates a secure tunnel from a public endpoint to a locally running web service. Ngrok captures and analyzes all traffic over the tunnel for later inspection and replay.

Since you are a developer it is highly likely that you have some sort of server running in the public cloud. If not you may rent one such Linux instance on digital ocean or vultr.

I have used an instance of Centos 7 via vultr. The instance cost as low as $5 a month, which could be used to tunnel to multiple local hosts. I have tested on upto 10 hosts on a $5 centos instance.

The process is divided in two main steps - Server & Client

---

Publically Accessible Server

1. Spin up a linux server instance using your preferred cloud. I am using vultr, but a virtual machine on AWS, Azure, or GCP will work just as well.

2. Install necessary tools

   yum install git make automake autoconf gcc wget -y

note: use apt-get or apt or aptitude if you are on a debian release (ubuntu)

3. Install Go

   wget https://dl.google.com/go/go1.13.8.linux-amd64.tar.gz tar -C /usr/local -xzf go1.13.8.linux-amd64.tar.gz

4. Add Go to path

   export PATH=/usr/local/go/bin:$PATH

To be able to use this path in every session and terminal, open ~/.bashrc and append this path "export PATH=/usr/local/go/bin:$PATH" there

5. Clone ngrok repo to your home or a directory of your choice.

   git clone https://github.com/inconshreveable/ngrok.git

6. Add DNS records to your domain. You need to create 2 A records that point to the IP address of your cloud instance. Example: Point tunnel.mydomain.com & *.tunnel.mydomain.com to your IP.

7. Generate Keys and Certificates using openssl

   cd ngrok

   NGROK_DOMAIN="tunnel.mydomain.com"

   openssl genrsa -out rootCA.key 2048

   openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem

   openssl genrsa -out device.key 2048

   openssl req -new -key device.key -subj "/CN=$NGROK_DOMAIN" -out device.csr

   openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000

   cp rootCA.pem assets/client/tls/ngrokroot.crt

8. Build the server instance (ngrokd)

note: ngrokd is the server daemon while ngrok (coming-up) is the client.

make release-server

9. Run the server instance

   bin/ngrokd -tlsKey=device.key -tlsCrt=device.crt -domain="$NGROK_DOMAIN" -httpAddr=":8000" -httpsAddr=":8001"

10. Create a service that runs this whenever the server is restarted or if the service is interrupted in any other way.

You will need to allow port 8000 8001 and 4443 through your firewall.

---

Client

1. Generate client binary. From the ngrok folder run

Linux

make release-client

Client is created in bin directory of ngrok

MacOS

make release-client GOOS="darwin" GOARCH="amd64"

Client is created under bin/darwin_amd64

2. Download this ngrok client to your host (the machine you want to expose to the Internet)

3. Create ngrok-config file in the same folder as the ngrok client.

   server_addr: tunnel.mydomain:4443

   trust_host_root_certs: false

4. Start a tunnel with a random subdomain

   ./ngrok -config=ngrok-config 80

   ./ngrok -config=ngrok-config --proto=tcp 22

5. For a tunnel with custom subdomain

    ./ngrok -config=ngrok-config  -subdomain=example --proto=tcp 22
   

这篇关于如何自托管NGROK?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！