Article directory
foreword
uhttpd is a web server written by OpenWrt/LuCI developers from scratch. The purpose is to become an excellent and stable HTTP server suitable for lightweight tasks on embedded devices, and it is well integrated with the OpenWrt configuration framework. It is the default web server that manages OpenWrt and provides all the functionality of a modern web server.
Next, we will deploy uhttpd on openwrt to build a web server, and use cpolar to expose its security to the public network, so that public network users can also normally access the web server under openwrt.
1. Check uhttpd installation
In the normal version, if you can access the openWRT web console interface in the browser, it means that uhttpd has been installed. Similarly, we can see a directory named under the root directory, which means that uhttpd has been www
installed.
2. Deploy the web site
Now that uhttpd has been installed, we can use it directly, we just need to copy our site into the www
folder. Next, we mainly introduce html website deployment, using a free site for demonstration
Go to the www folder
cd /www
Use wget to download the site, ftp upload files can also
wget https://www.cpolar.com/static/downloads/meditation-app-master.tar.gz
Unzip after downloading
tar xzf meditation-app-master.tar.gz
After decompression, we can see a meditation-app-master
folder named , here we can also see a cgi-bin
folder named , this is the location of the openWRT web console interface.
/meditation-app-master/index.html
At this time, we can see the site we downloaded and deployed by using the openWRT LAN ip address plus the resource path in the external browser . If the resource path is not added, it will jump to the openWRT web interface by default. At this time, our static site has been configured.
Next, we install cpolar intranet penetration to realize remote access to this web site in the public network environment.
3. Install cpolar intranet penetration
Operate openwrt through ssh connection, download the public key:
wget -O cpolar-public.key http://openwrt.cpolar.com/releases/public.key
Add the public key after the download is complete
opkg-key add cpolar-public.key
Add cpolar's opkg repository source
echo "src/gz cpolar_packages http://openwrt.cpolar.com/releases/packages/$(. /etc/openwrt_release ; echo $DISTRIB_ARCH)" >> /etc/opkg/customfeeds.conf
update warehouse
opkg update
Then start to install cpolar, and execute the following three installation commands to install three packages:
opkg install cpolar
opkg install luci-app-cpolar
opkg install luci-i18n-cpolar-zh-cn
After the installation is complete, open the openwrt web management interface, we can see a service, after clicking, we can see our cpolar intranet penetration
After clicking in, you can see the cpolar interface, and then configure the cpolar Authtoken
Log in to the official website of cpolar, if you have not registered an account, you can register an account first, and then click on the left 验证
to view your authentication token,
cpolar official website: https://www.cpolar.com
Then copy the token viewed on the official website to the Auth Token on the openwrt cpolar service interface, and click save after setting
After saving successfully, click in the interface 打开Web-UI界面
to see the cpolar web ui interface
Use the account registered on our official website to log in. After logging in, you can manage the tunnel and the installation is complete.
4. Configure the remote access address
隧道管理
In the cpolar web ui management interface, we click —— on the left dashboard 创建隧道
. Since uhttpd is deployed on the openWRT web management interface, SSL is set, so the port uses 443, so we need to create an entry http隧道
pointing to 443端口
:
- Tunnel name: customizable, be careful not to repeat
- protocol: http
- Local address: 443
- Domain Type: Choose a random domain name
- Region: Select China VIP
click创建
After the creation is successful, open the online tunnel list, and you can see the address accessed by the public network. There are two ways to access the public network address, one is http, the other is https
Then we use one of the http public network addresses, and add the resource path: when /meditation-app-master/index.html
you visit in the browser, you can see our site interface, so that the remote access is configured.
5. Configure a fixed remote address
When we created the tunnel earlier, we used a free random temporary address. The public network address it generates will change within 24 hours. In order to facilitate long-term and stable connection, we can fix the access address, which is called a fixed second-level subdomain name in cpolar, or You can also configure to use your own domain name to access. Here we take the cpolar subdomain name as an example
You need to upgrade to the basic package or above to support the configuration of second-level subdomains
Log in to the background of the cpolar official website , click on the dashboard on the left 预留
, find 保留二级子域名
, and reserve a second-level subdomain name for the http tunnel.
- Region: Select the server region
- Name: Fill in the second-level subdomain name you want to keep (customizable)
- Description: Remarks, which can be customized
This example reserves a websitewrt
second-level subdomain named . After the subdomain name is successfully reserved, we copy the subdomain name, and then we need to configure it in the tunnel.
Open the cpolar web ui management interface. 隧道管理
Click —— on the left dashboard 隧道列表
, find the tunnel that needs to configure the second-level subdomain name, and click on the right编辑
Modify the tunnel information and configure the second-level subdomain name into the tunnel:
- Domain Type: Select instead
二级子域名
- *Sub Domain: Fill in the second-level subdomain name we just reserved
After the modification is complete, click更新
状态
After the tunnel is successfully updated, click —— on the left dashboard 在线隧道列表
, and you can see the public network address of the tunnel, which has been updated to a second-level subdomain name.
Then we use one of the http address to visit in the browser, we can see our site interface, such a fixed remote access personal site is configured