前面也写了一篇关于 Ngrok 搭建的文章:《树莓派上 Ngrok 的编译与使用》,但是看到《搭建 ngrok 服务实现外网访问局域网内的网站》这篇文章使用纯手工编译的步骤很详细,尤其是 go 语言的配置那部分内容,所以将文中的主要内容复制下来,以备不时之需。
事先的准备工作:添加 ngrok 服务域名的 DNS 解析。
选择支持泛解析的 DNS 服务商,如 Cloudns、DNSpod 国际版、zoneedit 等,分别添加 A 记录:
ngrok.chun.pro 记录值 1.2.3.4 *.ngrok.chun.pro 记录值 1.2.3.4
1.安装必要的工具和语言环境
sudo apt-get install build-essential golang mercurial git
2.升级 go 语言环境
# 看看是不是小于等于 1.2.1 go version # 卸载 sudo apt-get purge golang* #下载最新版并解压 https://golang.org/dl/ wget https://storage.googleapis.com/golang/go1.7.3.linux-386.tar.gz tar -C /usr/local -xzf go1.7.3.linux-386.tar.gz #创建目录 mkdir ~/.go # 设置环境变量 vi ~/.profile export GOROOT=/usr/local/go export GOPATH=~/.go export PATH=$PATH:$GOROOT/bin:$GOPATH/bin source .profile # 升级 sudo update-alternatives --install "/usr/bin/go" "go" "/usr/local/go/bin/go" 0 sudo update-alternatives --set go /usr/local/go/bin/go go version
3.下载 ngrok 源码并编译服务端
git clone https://github.com/tutumcloud/ngrok.git ngrok cd ngrok #生成并替换源码里默认的证书,注意域名要修改为你自己的,这里是一个虚拟的测试域名 NGROK_DOMAIN="ngrok.chun.pro" openssl genrsa -out base.key 2048 openssl req -new -x509 -nodes -key base.key -days 10000 -subj "/CN=$NGROK_DOMAIN" -out base.pem openssl genrsa -out server.key 2048 openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 10000 -out server.crt cp base.pem assets/client/tls/ngrokroot.crt cp server.crt assets/server/tls/snakeoil.crt cp server.key assets/server/tls/snakeoil.key #开始编译,服务端客户端会基于证书来加密通讯,保证了安全性 GOOS=linux GOARCH=amd64 make release-server release-client GOOS=linux GOARCH=386 make release-server release-client GOOS=linux GOARCH=arm make release-server release-client GOOS=linux GOARCH=arm64 make release-server release-client GOOS=linux GOARCH=ppc64 make release-server release-client GOOS=linux GOARCH=ppc64le make release-server release-client GOOS=linux GOARCH=mips64 make release-server release-client GOOS=linux GOARCH=mips64le make release-server release-client GOOS=windows GOARCH=amd64 make release-server release-client GOOS=windows GOARCH=386 make release-server release-client GOOS=darwin GOARCH=amd64 make release-server release-client GOOS=darwin GOARCH=386 make release-server release-client GOOS=darwin GOARCH=arm make release-server release-client GOOS=darwin GOARCH=arm64 make release-server release-client GOOS=android GOARCH=arm make release-server release-client GOOS=dragonfly GOARCH=amd64 make release-server release-client GOOS=freebsd GOARCH=amd64 make release-server release-client GOOS=freebsd GOARCH=386 make release-server release-client GOOS=freebsd GOARCH=arm make release-server release-client GOOS=netbsd GOARCH=amd64 make release-server release-client GOOS=netbsd GOARCH=386 make release-server release-client GOOS=netbsd GOARCH=arm make release-server release-client GOOS=openbsd GOARCH=amd64 make release-server release-client GOOS=openbsd GOARCH=386 make release-server release-client GOOS=openbsd GOARCH=arm make release-server release-client GOOS=plan9 GOARCH=amd64 make release-server release-client GOOS=plan9 GOARCH=386 make release-server release-client GOOS=solaris GOARCH=amd64 make release-server release-client
4.启动服务端
在服务器上运行下面的命令启动ngrok服务端
./bin/ngrokd -domain="ngrok.chun.pro" -httpAddr=":8081" -httpsAddr=":8082"
注意,这里 httpAddr 和 httpsAddr 是 ngrok 服务转发 http 和 https 请求的端口,为了避免和 Nginx/Apache 等的 80 端口冲突,使用了 8081 和 8082。
默认还会启动一个 4443 端口,用于跟活动的客户端进行通讯,如果需要更换端口,使用 -tunnelAddr=”:xxx”参数
现在你可以在浏览器里访问 http://ngrok.chun.pro:8081了,如果有一行提示,表示 ngrok 的服务端已经运行起来了
Tunnel ngrok.yourdomain.com:8081 not found
然后再访问 http://pi.ngrok.chun.pro:8081,如果有下面的提示,表示 A 记录也已经生效了。
Tunnel pi.ngrok.chun.pro:8081 not found
5.配置客户端参数
vi ngrok.cfg # 填写如下信息,server_addr 指定了服务端的域名和与客户端通信的端口 server_addr: ngrok.chun.pro:4443 trust_host_root_certs: false
6.启动客户端
./ngrok -config=./ngrok.cfg -subdomain pi 127.0.0.1:80
如果连接正常,会有提示:
ngrok (Ctrl+C to quit) Tunnel Status online Version 1.7/1.7 Forwarding http://pi.ngrok.chun.pro:8081 -> 127.0.0.1:80 Web Interface 127.0.0.1:4040 # Conn 5 Avg Conn Time 192.70ms
7.nginx 反向代理 8081 端口
server { listen 80; server_name ngrok.chun.pro; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host:8081; proxy_set_header X-Nginx-Proxy true; proxy_set_header Connection ""; proxy_pass http://127.0.0.1:8081; } }
现在可以直接在浏览器访问 pi.ngrok.chun.pro,而不需要加 :8081 端口号。
另外,使用 Docker 搭建 Ngrok 服务器可以参考这篇文章:https://hteen.cn/docker/docker-ngrok.html。
Recent Comments