Simple build ngrok server to achieve intranet penetration

Why build ngrok server

When doing web development, we need to expose a local web site to external network access (for example, when I am doing local development of WeChat).

ngrok is a reverse proxy tool, we can directly download the client of the official website to use, but because the official website server is abroad, it is relatively slow, and the free version does not support binding second-level domain names.

what to prepare

• Public network linux server (preferably centos7, one step through)
• independent domain name

---

If you are familiar with docker, you can directly run the image of the ngrok server I made to start https://github.com/jueying/docker-ngrok-server

step

1. Install git, golang and openssl

yum install -y git golang openssl

The git version and golang version cannot be too old. Centos7 installs git1.8.3 and go1.8.3 by default.

2. clone ngrok project to local

git clone https://github.com/inconshreveable/ngrok.git /usr/local/ngrok

3. Generate a certificate

# 这里替换为自己的独立域名
export NGROK_DOMAIN="huahongbin.cn"

#进入到ngrok目录生成证书
cd /usr/local/ngrok

# 下面的命令用于生成证书
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem
openssl genrsa -out device.key 2048
openssl req -new -key device.key -subj "/CN=$NGROK_DOMAIN" -out device.csr
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000

# 将我们生成的证书替换ngrok默认的证书
cp rootCA.pem assets/client/tls/ngrokroot.crt
cp device.crt assets/server/tls/snakeoil.crt
cp device.key assets/server/tls/snakeoil.key

4. Compile the server and client for different platforms

# 编译64位linux平台服务端
GOOS=linux GOARCH=amd64 make release-server
# 编译64位windows客户端
GOOS=windows GOARCH=amd64 make release-server
# 如果是mac系统，GOOS=darwin。如果是32位，GOARCH=386

After execution, you will see the server ngrokdand client in the ngrok/bin directory and its subdirectories ngrok.exe.

5. Start the server

# 指定我们刚才设置的域名，指定http, https, tcp端口号，端口号不要跟其他程序冲突
./bin/ngrokd -domain="$NGROK_DOMAIN" -httpAddr=":80" -httpsAddr=":8082" -tunnelAddr=":443"

6. Start the client

Copy ngrok.exe to a local folder (winscp can be used), and create a new configuration file ngrok.cfg in the folder with the following contents:

server_addr: "huahongbin.cn:443"
trust_host_root_certs: false

Replace the domain name with your own independent domain name, and replace the port with the tunnel port set to start the ngrok server.

Then use the following command in cmd to start:

ngrok.exe -subdomain=jueying -config=ngrok.cfg 80

80 is the local port you want to proxy

Enter http://127.0.0.1:4040 in the browser to see the specific request information.

common problem

• When compiling, it is stuck in the following steps. go get gopkg.in/yaml.v1This is because the Git version is too low. Please upgrade the server Git version to 1.7.9.5 or higher.

• Because ngrok needs to download some dependencies from foreign websites when it is first compiled. May be slow or even timeout. Try it a few times, or you know.