分享
自已动手搭建ngrok内网穿透环境
风雨无阻 · · 1851 次点击 · · 开始浏览这是一个创建于 的文章,其中的信息可能已经有所发展或是发生改变。
配置golang环境
下载ngrok源码
git clone https://github.com/inconshreveable/ngrok.git
编译安装
- 生成自签名证书
cd ngrok
NGROK_DOMAIN="tunnel.dw.io"
openssl genrsa -out base.key 2048
openssl req -new -x509 -nodes -key base.key -days 10000 -subj "/CN=$NGROK_DOMAIN" -out base.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr
openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 10000 -out server.crt
- 替换assets目录下的默认证书
cp base.pem assets/client/tls/ngrokroot.crt
cp server.crt assets/server/tls/snakeoil.crt
cp server.key assets/server/tls/snakeoil.key
- 编译服务端(centos环境)
make release-server
- 编译客户端(mac环境)
GOOS=darwin GOARCH=amd64 make release-client
并把./bin/darwin_amd64/ngrok生成的客户端拷贝到本地
配置&运行
- 设置开机自启动ngrokd服务
创建/etc/init.d/ngrok_start
#!/bin/bash
cd /home/dw/go/src/github.com/inconshreveable/ngrok
./bin/ngrokd -tlsKey=server.key -tlsCrt=server.crt -domain="tunnel.xiangqingou.cn" -httpAddr=":8091" -httpsAddr=":8092" > /dev/null 2>&1 &
- 修改防火墙加入8091和8092端口的tcp放行,并reload使其生效
- 修改nginx,使用客户端可以通过域名直接访问,不用在域名后再加:8091
upstream ngrok_pg {
server 127.0.0.1:8091;
keepalive 64;
}
server {
listen 80;
server_name *.tunnel.dw.io;
access_log /var/log/nginx/ngrok_access.log;
error_log /var/log/nginx/ngrok_error.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host:8091;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_pass http://ngrok_pg;
}
}
- 客户端配置
- 在ngrok同目录下创建ngrok.cfg文件
server_addr: "tunnel.dw.io:4443"
trust_host_root_certs: false
- 启动
./ngrok -subdomain pg -config=./ngrok.cfg 8090
此时就可以看到
ngrok (Ctrl+C to quit)
Tunnel Status online
Version 1.7/1.7
Forwarding http://pg.tunnel.dw.io:8091 -> 127.0.0.1:8090
Forwarding https://pg.tunnel.dw.io:8091 -> 127.0.0.1:8090
Web Interface 127.0.0.1:4040
# Conn 0
Avg Conn Time 0.00ms
有疑问加站长微信联系(非本文作者)
入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889
关注微信1851 次点击
添加一条新回复
(您需要 后才能回复 没有账号 ?)
- 请尽量让自己的回复能够对别人有帮助
- 支持 Markdown 格式, **粗体**、~~删除线~~、
`单行代码` - 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
- 图片支持拖拽、截图粘贴等方式上传
收入到我管理的专栏 新建专栏
配置golang环境
下载ngrok源码
git clone https://github.com/inconshreveable/ngrok.git
编译安装
- 生成自签名证书
cd ngrok
NGROK_DOMAIN="tunnel.dw.io"
openssl genrsa -out base.key 2048
openssl req -new -x509 -nodes -key base.key -days 10000 -subj "/CN=$NGROK_DOMAIN" -out base.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr
openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 10000 -out server.crt
- 替换assets目录下的默认证书
cp base.pem assets/client/tls/ngrokroot.crt
cp server.crt assets/server/tls/snakeoil.crt
cp server.key assets/server/tls/snakeoil.key
- 编译服务端(centos环境)
make release-server
- 编译客户端(mac环境)
GOOS=darwin GOARCH=amd64 make release-client
并把./bin/darwin_amd64/ngrok生成的客户端拷贝到本地
配置&运行
- 设置开机自启动ngrokd服务
创建/etc/init.d/ngrok_start
#!/bin/bash
cd /home/dw/go/src/github.com/inconshreveable/ngrok
./bin/ngrokd -tlsKey=server.key -tlsCrt=server.crt -domain="tunnel.xiangqingou.cn" -httpAddr=":8091" -httpsAddr=":8092" > /dev/null 2>&1 &
- 修改防火墙加入8091和8092端口的tcp放行,并reload使其生效
- 修改nginx,使用客户端可以通过域名直接访问,不用在域名后再加:8091
upstream ngrok_pg {
server 127.0.0.1:8091;
keepalive 64;
}
server {
listen 80;
server_name *.tunnel.dw.io;
access_log /var/log/nginx/ngrok_access.log;
error_log /var/log/nginx/ngrok_error.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host:8091;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_pass http://ngrok_pg;
}
}
- 客户端配置
- 在ngrok同目录下创建ngrok.cfg文件
server_addr: "tunnel.dw.io:4443"
trust_host_root_certs: false
- 启动
./ngrok -subdomain pg -config=./ngrok.cfg 8090
此时就可以看到
ngrok (Ctrl+C to quit)
Tunnel Status online
Version 1.7/1.7
Forwarding http://pg.tunnel.dw.io:8091 -> 127.0.0.1:8090
Forwarding https://pg.tunnel.dw.io:8091 -> 127.0.0.1:8090
Web Interface 127.0.0.1:4040
# Conn 0
Avg Conn Time 0.00ms