如何自托管NGROK? [英] How to self host NGROK?
问题描述
将本地服务器公开到Internet非常繁琐.从静态IP到防火墙问题,都需要解决许多问题.
由于您是开发人员,因此很有可能在公共云中运行某种服务器.如果没有,您可以在数字海洋或vultr上租用一个这样的Linux实例.
我通过
-
使用openssl生成密钥和证书
cd ngrok
NGROK_DOMAIN =" tunnel.mydomain.com"
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj"/CN = $ NGROK_DOMAIN";天5000次rootCA.pem
openssl genrsa -out device.key 2048
openssl req-新-key设备.key -subj"/CN = $ NGROK_DOMAIN"输出device.csr
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000
cp rootCA.pem资产/客户端/tls/ngrokroot.crt
-
构建服务器实例( ngrokd )
注意:ngrokd是服务器守护程序,而ngrok(即将出现)是客户端.
make发布服务器
-
运行服务器实例
bin/ngrokd -tlsKey = device.key -tlsCrt = device.crt -domain ="$ NGROK_DOMAIN";-httpAddr =:8000";-httpsAddr =":8001"
- 创建一个在服务器重启或该服务以任何其他方式中断时运行此服务的服务.
您需要允许端口8000 8001和4443通过防火墙.
客户
- 生成客户端二进制文件.在ngrok文件夹中运行
Linux
make release-client
在ngrok的bin目录中创建客户端
MacOS
make release-client GOOS ="darwin";GOARCH ="amd64"
客户端在bin/darwin_amd64下创建
-
将此ngrok客户端下载到您的主机(要向Internet公开的计算机)
-
在与ngrok客户端相同的文件夹中创建ngrok-config文件.
server_addr:tunnel.mydomain:4443
trust_host_root_certs:错误
-
使用随机子域启动隧道
./ngrok -config = ngrok-config 80
./ngrok -config = ngrok-config --proto = tcp 22
-
用于具有自定义子域的隧道
./ngrok -config = ngrok-config -subdomain = example --proto = tcp 22
It is very tedious to expose a local server to the Internet. From Static IP to firewall issues there are numerous problems one needs to handle.
Ngrok is a great service to help you expose your localhost to the outside world. But the service is paid if you need to do something serious with it. It can cost $15/month/user for its business plan.
How can one self-host such a service for free or a very minimal cost?
It is possible to self-host an instance of ngrok on your own server. Ngrok is a reverse proxy that creates a secure tunnel from a public endpoint to a locally running web service. Ngrok captures and analyzes all traffic over the tunnel for later inspection and replay.
Since you are a developer it is highly likely that you have some sort of server running in the public cloud. If not you may rent one such Linux instance on digital ocean or vultr.
I have used an instance of Centos 7 via vultr. The instance cost as low as $5 a month, which could be used to tunnel to multiple local hosts. I have tested on upto 10 hosts on a $5 centos instance.
The process is divided in two main steps - Server & Client
Publically Accessible Server
Spin up a linux server instance using your preferred cloud. I am using vultr, but a virtual machine on AWS, Azure, or GCP will work just as well.
Install necessary tools
yum install git make automake autoconf gcc wget -y
note: use apt-get or apt or aptitude if you are on a debian release (ubuntu)
Install Go
wget https://dl.google.com/go/go1.13.8.linux-amd64.tar.gz tar -C /usr/local -xzf go1.13.8.linux-amd64.tar.gz
Add Go to path
export PATH=/usr/local/go/bin:$PATH
To be able to use this path in every session and terminal, open ~/.bashrc and append this path "export PATH=/usr/local/go/bin:$PATH" there
Clone ngrok repo to your home or a directory of your choice.
Add DNS records to your domain. You need to create 2 A records that point to the IP address of your cloud instance. Example: Point tunnel.mydomain.com & *.tunnel.mydomain.com to your IP.
Generate Keys and Certificates using openssl
cd ngrok
NGROK_DOMAIN="tunnel.mydomain.com"
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem
openssl genrsa -out device.key 2048
openssl req -new -key device.key -subj "/CN=$NGROK_DOMAIN" -out device.csr
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000
cp rootCA.pem assets/client/tls/ngrokroot.crt
Build the server instance (ngrokd)
note: ngrokd is the server daemon while ngrok (coming-up) is the client.
make release-server
Run the server instance
bin/ngrokd -tlsKey=device.key -tlsCrt=device.crt -domain="$NGROK_DOMAIN" -httpAddr=":8000" -httpsAddr=":8001"
- Create a service that runs this whenever the server is restarted or if the service is interrupted in any other way.
You will need to allow port 8000 8001 and 4443 through your firewall.
Client
- Generate client binary. From the ngrok folder run
Linux
make release-client
Client is created in bin directory of ngrok
MacOS
make release-client GOOS="darwin" GOARCH="amd64"
Client is created under bin/darwin_amd64
Download this ngrok client to your host (the machine you want to expose to the Internet)
Create ngrok-config file in the same folder as the ngrok client.
server_addr: tunnel.mydomain:4443
trust_host_root_certs: false
Start a tunnel with a random subdomain
./ngrok -config=ngrok-config 80
./ngrok -config=ngrok-config --proto=tcp 22
For a tunnel with custom subdomain
./ngrok -config=ngrok-config -subdomain=example --proto=tcp 22
这篇关于如何自托管NGROK?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!