PS: Intranet penetration must have developed wechat friends are very understanding. Just to give you a little bit of a sense of what ngrok is, it allows your local server to be accessed by a public network server. Ngork has both a server and a client, so the server runs on the public network server, and the client runs on the local server. The ngrok server establishes HTTP and HTTPS services
A necessary condition for
- 1. Domain name: Used to generate the access domain name
- 2. Server: The server used to build nGROk must have a public IP address and can be accessed normally
Set up the NGROk process on the server
1. Install Git
# yum install gitCopy the code2, install GO language environment
# yum install golang # yum install golangCopy the code3, download ngrok source code
# github.com download ngrok source CD/usr/local/git clone https://github.com/inconshreveable/ngrok.gitCopy the code4. Generate a certificate
/usr/local/ngrok NGROK_DOMAIN=" your domain name "openssl genrsa -out rootca. key 2048 openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem openssl genrsa -out server.key 2048 openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 5000Copy the code5. Copy the certificate to override the original ngrok certificate
# process will let you enter y enter cp rootCA. Pem assets/client/TLS/ngrokroot CRT cp server. The CRT/assets/server/TLS snakeoil. CRT cp server. The key assets/server/tls/snakeoil.keyCopy the code6. Build the server
/usr/local/ngrok/goos = Linux GOARCH=amd64 make release-serverCopy the code7. Compile and generate the client
GOOS= Linux GOARCH=386 make release-client GOOS= Linux GOARCH=amd64 make release-client: GOOS= Darwin GOARCH= Darwin GOARCH= Darwin GOARCH= Darwin GOARCH= Darwin GOARCH= Darwin GOARCH= Darwin GOARCH= Darwin GOARCH GOOS= Darwin GOARCH=amd64 make release-client # /usr/local/ngrok/bin /usr/local/ngrok/binCopy the code8. Start the server
CD /usr/local/ngrok/bin. / ngrokd-domain ="xxx.com" -httpaddr =":800" -httpsaddr =":801" -tunnelAddr=":8443" # ./ngrokd -tlsKey="/path/to/tls.key" -tlsCrt="/path/to/tls.crt" -domain="xxx.com" -httpAddr=":800" -httpsAddr=":801" -tunnelAddr=":8443"Copy the code9. Client configuration file ngrok.yml
Ngrok.yml server_addr: xxx.com:8443 trust_host_root_certs: falseCopy the code10. Start the client locally
Then run ngrok with any of the following commands: Ngrok-config ngrok.yml 8080 ngrok-config ngrok.yml -subdomain wx 8080 # or specify the domain name wx.xxx.comCopy the code11. Ngrok joins the system service and starts up
Vi/usr/lib/systemd/system/ngrok. Service on CentOS 7 # using systemctl add custom system services [Unit] Description = ngrok After = network. The target [Service] Type=simple Restart=always RestartSec=1min ExecStart=/usr/local/ngrok/bin/ngrokd -domain=xqzgg.cn -httpAddr=:800 -httpsAddr=:801 -tunnelAddr=:8443 %i ExecStop=/usr/bin/killall ngrok PrivateTmp=true [Install] WantedBy=multi-user. Target Ngrok. service systemctl start ngrok.serviceCopy the codeCommon commands
Service: systemctl start ngrok.service: systemctl stop ngrok.service: systemctl stop ngrok.serviceCopy the codeThe nginx.conf configuration file comes with it
# ngrok upstream ngrok {server 127.0.0.1:800; keepalive 64; } # ngrok through server {listen 80; server_name *.xxx.com; location / { proxy_pass http://ngrok; proxy_redirect off; proxy_set_header Host $http_host:800; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 5s; }}Copy the code