搭建ngrok服务器
apt-get install build-essential golang mercurial git 安装git 和Golang
git clone https://github.com/tutumcloud/ngrok.git ngrok
生成签名或申请SSL证书
cd ngrok
NGROK_DOMAIN=”ngrok.xxx.com”
openssl genrsa -out base.key 2048
openssl req -new -x509 -nodes -key base.key -days 10000 -subj “/CN=$NGROK_DOMAIN” -out base.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj “/CN=$NGROK_DOMAIN” -out server.csr
openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 10000 -out server.crt
替换证书
cp base.pem assets/client/tls/ngrokroot.crt
cp server.crt assets/server/tls/snakeoil.crt
cp server.key assets/server/tls/snakeoil.key
编译
make release-server release-client
编译成功后会在bin目录下找到ngrokd和ngrok这两个文件。其中ngrokd 就是服务端程序。
启动服务端
./bin/ngrokd -tlsKey=server.key -tlsCrt=server.crt -domain=“ngrok.xxx.com” -httpAddr=“:880” -httpsAddr=“:8443”
httpAddr、httpsAddr 分别是 ngrok 用来转发 http、https 服务的端口,可以随意指定。ngrokd 还会开一个 4443 端口用来跟客户端通讯(可通过 -tunnelAddr=”:xxx” 指定)。
服务端配置
设置为系统程序,并后台运行,在/etc/systemd/system/目录下创建服务ngrok.service,内容为
[Unit]
Description=ngrok server
After=network.target
[Service]
Type=simple
ExecStart=/opt/ngrok/ngrok/bin/ngrokd -tlsKey=/myweb/ngrok/server.key -tlsCrt=/myweb/ngrok/server.crt -domain=”ngrok.xxx.com” -httpAddr=”:80″ -httpsAddr=”:443″ -log "/var/log/ngrokd.log"
Restart=on-failure
[Install]
WantedBy=multi-user.target
systemctl start ngrok.service启动服务
使用服务
sudo systemctl enable ngrokd
sudo systemctl start ngrokd
sudo systemctl status ngrokd
编译客户端
(1)windows
GOOS=windows GOARCH=amd64 make release-client
(2)mac
GOOS=darwin GOARCH=amd64 make release-client
#linux客户端
GOOS=linux GOARCH=amd64(386) make release-client
#linux服务端 GOOS=linux GOARCH=386 make release-server
客户端配置
执行对应的命令会在bin目录下生成相对应的windows、mac目录,ngrok.exe就存放在对应目录下。将对应的ngrok.exe下载到本地。
在同级目录下新建一个配置文件ngrok.cfg
server_addr: “ngrok.xxx.com:4443”
trust_host_root_certs: false
同级目录下新建一个启动脚本startup.bat
@echo on
cd %cd%
#ngrok -proto=tcp 22
#ngrok start web
ngrok -config=ngrok.cfg -log=ngrok.log -subdomain=yjc 8080
客户端服务添加到 systemd 自启动服务中,保存下面内容到文件 /lib/systemd/system/ngrok.service
[Unit]
Description=ngrok client
After=network.target
[Service]
Type=simple
ExecStart=/opt/ngrok/ngrok -config "/opt/ngrok/ngrok.yml" -log "/var/log/ngrok.log" start transmission ssh
Restart=on-failure
[Install]
WantedBy=multi-user.target
ExecStart 加载了配置文件 /opt/ngrok/ngrok.ymserver_addr: ngrok.xxx.com:4443
trust_host_root_certs: false
tunnels:
transmission:
remote_port: 9091
proto:
tcp: 9091
ssh:
remote_port: 23333
proto:
tcp: 22FYI:
Can’t load /root/.rnd into RNG
cd /root
openssl rand -writerand .rnd
ping ngrok.xxx.com 提示找不到 host, 直接把域名和 IP 写到内服务器的 /etc/hosts 文件上