centos下架设ngrok服务器(nginx代理共存80端口) 有更新!

  Bob

准备工作:

1、一台公网可以访问到得linux服务器(centos,阿里云记得配置安全组)或vps

2、把需要做的域名解析到服务器上面

解析到云服务器或vps的ip (如: myngrok.com)
因为以下测试启动了子域名自动部署,需要域名做泛解析, CNAME填写"*"解析到云服务器的ip

在自己的域名管理中添加解析A记录,如下所示:

 

将*.ngrok与ngrok都指向您的主机IP。置环境变量,ngrok域名

 

软件:

1、GO的下载地址:http://www.golangtc.com/download

2、GIT下载地址:http://git-scm.com/downloads 绝对下载地址:https://www.kernel.org/pub/software/scm/git/git-2.6.0.tar.gz

3、ngrok克隆地址:https://github.com/inconshreveable/ngrok.git

一、安装git

1、安装git所用到依赖包

yum -y install zlib-devel openssl-devel perl hg cpio expat-devel gettext-devel curl curl-devel perl-ExtUtils-MakeMaker hg wget gcc gcc-c++

2、下载git

wget https://www.kernel.org/pub/software/scm/git/git-2.6.0.tar.gz

3、解压git

tar zxvf git-2.6.0.tar.gz

4、编译git

cd git-2.6.0

./configure –prefix=/usr/local/git

make

make install

5、创建git的软连接

ln -s /usr/local/git/bin/* /usr/bin/

二、安装go环境

因为我是64位的centos,所以下载64位的包,还有一定要下载1.4版本的go环境,好像1.4以后的版本就不是用C语言编写的,会编译错误。

1、下载go环境

wget http://bob.kim:50000/static/tools/go1.4.1.linux-amd64.tar.gz

2、解压

tar zxvf go1.4.2.linux-amd64.tar.gz

mv go /usr/local

3、创建软连接

ln -s /usr/local/go/bin/* /usr/bin

4、编译ngrok

cd /usr/local/

git clone https://github.com/inconshreveable/ngrok.git

export GOPATH=/usr/local/ngrok/

export NGROK_DOMAIN=”你得域名”

cd ngrok

三、生成域名证书并拷贝到指定位置

openssl genrsa -out rootCA.key 2048

openssl req -x509 -new -nodes -key rootCA.key -subj “/CN=$NGROK_DOMAIN” -days 5000 -out rootCA.pem

openssl genrsa -out server.key 2048

openssl req -new -key server.key -subj “/CN=$NGROK_DOMAIN” -out server.csr

openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 5000

cp rootCA.pem assets/client/tls/ngrokroot.crt

cp server.crt assets/server/tls/snakeoil.crt

cp server.key assets/server/tls/snakeoil.key

如果是在天朝的服务器需要改,香港或者国外的服务器不需要

vim /usr/local/ngrok/src/ngrok/log/logger.go
log “github.com/keepeye/log4go”

四、编译服务端和客户端

指定编译环境变量,如何确认GOOS和GOARCH,可以通过go env来查看

1、编译服务端

cd /usr/local/go/src

GOOS=linux GOARCH=amd64 ./make.bash

cd /usr/local/ngrok/

GOOS=linux GOARCH=amd64 make release-server

2、由于我是mac os x操作系统,所以我使用下面的编译客户端

cd /usr/local/go/src

GOOS=darwin GOARCH=amd64 ./make.bash

cd /usr/local/ngrok/

GOOS=darwin GOARCH=amd64 make release-client

Windows的客户端编译(64位,32位的把GOARCH的值改为386)

cd /usr/local/go/src

GOOS=windows GOARCH=amd64 ./make.bash

cd /usr/local/ngrok/

GOOS=windows GOARCH=amd64 make release-client

3、启动服务端

/usr/local/ngrok/bin/ngrokd -domain=”$NGROK_DOMAIN” -httpAddr=”:80”

五、客户端的使用及其配制文件

客户端配置文件(ngrok.cfg)

server_addr: “你得域名:4443”

trust_host_root_certs: false

 

客户端使用

简单配置ngrok.cfg

server_addr: "myngrok.com:8083"
trust_host_root_certs: false

使用链接测试

ngrok -config=ngrok.cfg -subdomain=test 80

//出现以下内容表示成功链接:
ngrok

Tunnel Status                 online
Version                       1.7/1.7
Forwarding                    http://test.myngrok.com:8081 -> 127.0.0.1:80
Forwarding                    https://test.myngrok.com:8081 -> 127.0.0.1:80
Web Interface                 127.0.0.1:4040
# Conn                        0
Avg Conn Time                 0.00ms

复杂配置ngrok.cfg

server_addr: "myngrok.com:8083"
trust_host_root_certs: false

tunnels:
  http:
    subdomain: "www"
    proto:
      http: "8081"
      
  https:
    subdomain: "www"
    proto:
      https: "8082"
      
  web:
    proto:
      http: "8050"
  tcp:
    proto:
      tcp: "8001"
    remote_port: 5555
 
  ssh:
    remote_port: 2222
    proto:
      tcp: "22"

启动服务

ngrok -config=ngrok.cfg start web  #启动web服务
ngrok -config=ngrok.cfg start tcp  #启动tcp服务

ngrok -config=ngrok.cfg start web tcp  #同时启动两个服务
ngrok -config=ngrok.cfg start-all  #启动所有服务

//出现以下内容表示成功链接:
ngrok

Tunnel Status                 online
Version                       1.7/1.7
Forwarding                    http://web.myngrok.com:8081 -> 127.0.0.1:8050
Forwarding                    tcp://myngrok.com:5555 -> 127.0.0.1:8001
Web Interface                 127.0.0.1:4040
# Conn                        0
Avg Conn Time                 0.00ms

附上一个bat,可以部署不同自动启动子域名

@echo OFF
color 0a
Title ngrok启动
Mode con cols=109 lines=30
:START
ECHO.
Echo.
echo.
echo.
:TUNNEL
Echo               输入需要启动的域名前缀,如“test” ,即分配给你的穿透域名为:“test.myngrok.com”
ECHO.
ECHO.
ECHO.
set /p clientid=   请输入:
echo.
ngrok -config=ngrok.cfg -subdomain=%clientid% 80
PAUSE
goto TUNNEL

附录

在编译过程中有可能出现如下情况: 

问题1:

    GOOS="" GOARCH="" go get github.com/jteeuwen/go-bindata/go-bindata

      bin/go-bindata -nomemcopy -pkg=assets -tags=release \

 
               -debug=false \

               -o=src/ngrok/client/assets/assets_release.go \

               assets/client/...

    make: bin/go-bindata: Command not found

   make: * [client-assets] Error 127

   解决方法:前往go安装目录的bin目录下找到go-bindata,将他移动到ngrok/bin下 (没有bin,可新建一个)

 
     问题2:

     package code.google.com/p/log4go: Get https://code.google.com/p/log4go/source/checkout?repo=: dial tcp 216.58.197.110:443: i/o timeout

     因为google被墙,如果服务器不在墙外或者没有FQ则无法访问到code.google.com.

     解决方法:在 ngrok/src/ngrok/log 目录下找到 logger.go 文件,修改其中第45行的:

        log "code.google.com/p/log4go”为

        log "github.com/keepeye/log4go"  
 
    问题3:

      GOOS="" GOARCH="" go get github.com/jteeuwen/go-bindata/go-bindata
     # github.com/jteeuwen/go-bindata
        src/github.com/jteeuwen/go-bindata/toc.go:47: function ends without a return statement
        make: *** [bin/go-bindata] Error 2
     解决办法: https://github.com/inconshreveable/ngrok/issues/237 


nginx代理ngrok共存80端口

要完美的解决这个端口的问题,就需要让 ngrokd 直接监听 80 端口。

通常来说 VPS 都是双网卡的(一内一外),让 ngrokd 监听外网的 80 实在有些浪费,这个端口还是留给 nginx 比较合理。所以比较理想的方式是:nginx 监听外网 80,ngrokd 监听内网 80,让 nginx 将对应的请求转发到内网 80 上来。

如:

  • 内网 ip: 10.160.xx.xx
  • 外网 ip: 112.124.xx.xx

启动 ngrokd:

nohup /usr/local/ngrok/bin/ngrokd -domain=yii.im -httpAddr=10.160.xx.xx:80 -httpsAddr=10.160.xx.xx:443

配置 nginx:

# ngrokd.conf
server {
    listen      112.124.xx.xx:80;
    server_name *.yii.im;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_redirect  off;
        proxy_pass      http://10.160.xx.xx:80;
    }
}

# the_others_need_80.conf
server {
    listen      112.124.xx.xx:80;
    #...
}

如果你是单网卡,那么也可以手动添加ip,然后将nginx和ngrok分别绑定到两个ip的80端口,然后通过nginx转发到ngrok上的80端口

nohup /usr/local/ngrok/bin/ngrokd -domain=ngrok.bob.kim -httpAddr=172.31.81.229:80 -httpsAddr=172.31.81.229:443 -tunnelAddr=:4443  &

[root@nginx conf]# ifconfig eth0:0 172.31.81.229/24 up  
[root@nginx conf]# ifconfig -a

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.31.81.228 netmask 255.255.240.0 broadcast 172.31.95.255
ether 00:16:3e:00:ef:c2 txqueuelen 1000 (Ethernet)
RX packets 4627823 bytes 3298947455 (3.0 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3098710 bytes 2121669713 (1.9 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.31.81.229 netmask 255.255.255.0 broadcast 172.31.81.255
ether 00:16:3e:00:ef:c2 txqueuelen 1000 (Ethernet)

 

server {
listen 172.31.81.228:80;
server_name *.ngrok.bob.kim;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
client_max_body_size 50m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 6 128k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_redirect off;
proxy_pass http://172.31.81.229:80;

}
}

 

使用配置文件启动,格式为然后启动命令为ngrok -config=ngrok.cfg start db ssh 就可以

配置文件示例:

server_addr: "域名:4443"
trust_host_root_certs: false
tunnels:
自己定名字ssh:
remote_port: 158
proto:
tcp: 22
db:
remote_port: 34685
proto:
tcp: 1521
dd:
remote_port: 9208
proto:
tcp: 8888
www:
subdomain: 231
proto:
http: 80



 

[ngrok客户端windows 64版_bob.rar]

如有疑问或同行交流欢迎加群讨论:铂金信息技术交流群 151258054