配置golang环境
下载ngrok源码
git clone https://github.com/inconshreveable/ngrok.git
编译安装
- 生成自签名证书
cd ngrok
NGROK_DOMAIN="tunnel.dw.io"
openssl genrsa -out base.key 2048
openssl req -new -x509 -nodes -key base.key -days 10000 -subj "/CN=$NGROK_DOMAIN" -out base.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr
openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 10000 -out server.crt
- 替换assets目录下的默认证书
cp base.pem assets/client/tls/ngrokroot.crt
cp server.crt assets/server/tls/snakeoil.crt
cp server.key assets/server/tls/snakeoil.key
- 编译服务端(centos环境)
make release-server
- 编译客户端(mac环境)
GOOS=darwin GOARCH=amd64 make release-client
并把./bin/darwin_amd64/ngrok生成的客户端拷贝到本地
配置&运行
- 设置开机自启动ngrokd服务
创建/etc/init.d/ngrok_start
#!/bin/bash
cd /home/dw/go/src/github.com/inconshreveable/ngrok
./bin/ngrokd -tlsKey=server.key -tlsCrt=server.crt -domain="tunnel.xiangqingou.cn" -httpAddr=":8091" -httpsAddr=":8092" > /dev/null 2>&1 &
- 修改防火墙加入8091和8092端口的tcp放行,并reload使其生效
- 修改nginx,使用客户端可以通过域名直接访问,不用在域名后再加:8091
upstream ngrok_pg {
server 127.0.0.1:8091;
keepalive 64;
}
server {
listen 80;
server_name *.tunnel.dw.io;
access_log /var/log/nginx/ngrok_access.log;
error_log /var/log/nginx/ngrok_error.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host:8091;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_pass http://ngrok_pg;
}
}
- 客户端配置
- 在ngrok同目录下创建ngrok.cfg文件
server_addr: "tunnel.dw.io:4443"
trust_host_root_certs: false
- 启动
./ngrok -subdomain pg -config=./ngrok.cfg 8090
此时就可以看到
ngrok (Ctrl+C to quit)
Tunnel Status online
Version 1.7/1.7
Forwarding http://pg.tunnel.dw.io:8091 -> 127.0.0.1:8090
Forwarding https://pg.tunnel.dw.io:8091 -> 127.0.0.1:8090
Web Interface 127.0.0.1:4040
# Conn 0
Avg Conn Time 0.00ms
有疑问加站长微信联系(非本文作者)