背景:
公司没有公网,公司在二级路由下面(就是服务商没有给独立IP,也无法动态获取公网IP),然而公司在开发程序的时候,如对接微信等需要返回数据,或者需要别人能访问我们网址,一般我们就只能购买花生壳内网穿透,但是在使用中发现速度慢,经常掉。所以搭建自己的ngrok服务器来保证内网穿透。
环境:
1.一台公网服务器,如阿里云,腾讯云 centos系统。。。
2.一个全新域名或者二级域名泛解析到公网服务器
搭建:
我的域名是ngrok.iyunw.cn,以后解析的子域名是*.ngrok.iyunw.cn
1.域名解析,这里我用的百度的解析,其他公司域名解析一样
2.安装ngrok服务端,由于太繁琐,需要go环境等,这里已经打包脚本,centos系统,其他没有测试,注意ngrok默认需要监听80 443 4443
Shell
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 | #!/bin/bash # -*- coding: UTF-8 -*- ############################################# #作者网名:Tommy # #作者博客:www.iyunw.cn # #作者QQ:351937287 # ############################################# # 获取当前脚本执行路径 SELFPATH=$(cd "$(dirname "$0")"; pwd) echo '请输入你的域名' read DOMAIN install_yilai(){ yum -y install zlib-devel openssl-devel perl hg cpio expat-devel gettext-devel curl curl-devel perl-ExtUtils-MakeMaker hg wget gcc gcc-c++ unzip }
# 安装git install_git(){ unstall_git if [ ! -f $SELFPATH/git-2.6.0.tar.gz ];then wget http://img.iyunw.cn/git-2.6.0.tar.gz fi tar zxvf git-2.6.0.tar.gz cd git-2.6.0 ./configure --prefix=/usr/local/git make make install ln -s /usr/local/git/bin/* /usr/bin/ rm -rf $SELFPATH/git-2.6.0 }
# 卸载git unstall_git(){ rm -rf /usr/local/git rm -rf /usr/local/git/bin/git rm -rf /usr/local/git/bin/git-cvsserver rm -rf /usr/local/git/bin/gitk rm -rf /usr/local/git/bin/git-receive-pack rm -rf /usr/local/git/bin/git-shell rm -rf /usr/local/git/bin/git-upload-archive rm -rf /usr/local/git/bin/git-upload-pack }
# 安装go install_go(){ cd $SELFPATH uninstall_go # 动态链接库,用于下面的判断条件生效 ldconfig # 判断操作系统位数下载不同的安装包 if [ $(getconf WORD_BIT) = '32' ] && [ $(getconf LONG_BIT) = '64' ];then # 判断文件是否已经存在 if [ ! -f $SELFPATH/go1.7.6.linux-amd64.tar.gz ];then wget http://img.iyunw.cn/go1.7.6.linux-amd64.tar.gz fi tar zxvf go1.7.6.linux-amd64.tar.gz else if [ ! -f $SELFPATH/go1.7.6.linux-386.tar.gz ];then wget http://img.iyunw.cn/go1.7.6.linux-386.tar.gz fi tar zxvf go1.7.6.linux-386.tar.gz fi mv go /usr/local/ ln -s /usr/local/go/bin/* /usr/bin/ }
# 卸载go uninstall_go(){ rm -rf /usr/local/go rm -rf /usr/bin/go rm -rf /usr/bin/godoc rm -rf /usr/bin/gofmt }
# 安装ngrok install_ngrok(){ echo '请输入你的域名' read DOMAIN GOOS=`go env | grep GOOS | awk -F\" '{print $2}'` GOARCH=`go env | grep GOARCH | awk -F\" '{print $2}'` uninstall_ngrok cd /usr/local if [ ! -f /usr/local/ngrok.zip ];then cd /usr/local/ wget http://img.iyunw.cn/ngrok.zip fi unzip ngrok.zip export GOPATH=/usr/local/ngrok/ export NGROK_DOMAIN=$DOMAIN cd ngrok openssl genrsa -out rootCA.key 2048 openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem openssl genrsa -out server.key 2048 openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 5000 cp rootCA.pem assets/client/tls/ngrokroot.crt cp server.crt assets/server/tls/snakeoil.crt cp server.key assets/server/tls/snakeoil.key # 替换下载源地址 sed -i 's#code.google.com/p/log4go#github.com/keepeye/log4go#' /usr/local/ngrok/src/ngrok/log/logger.go cd /usr/local/go/src GOOS=$GOOS GOARCH=$GOARCH ./make.bash cd /usr/local/ngrok GOOS=$GOOS GOARCH=$GOARCH make release-server echo "install done" /usr/local/ngrok/bin/ngrokd -domain=$NGROK_DOMAIN -httpAddr=":80" & echo "/usr/local/ngrok/bin/ngrokd -domain=$NGROK_DOMAIN -httpAddr=':80' &" >>/etc/rc.local }
# 卸载ngrok uninstall_ngrok(){ rm -rf /usr/local/ngrok }
# 编译客户端 compile_client(){
GOOS=`go env | grep GOOS | awk -F\" '{print $2}'` GOARCH=`go env | grep GOARCH | awk -F\" '{print $2}'` cd /usr/local/go/src GOOS=$1 GOARCH=$2 ./make.bash cd /usr/local/ngrok/ GOOS=$1 GOARCH=$2 make release-client }
# 生成客户端 client(){ echo '请输入你的域名' read DOMAIN echo "1、Linux 32位" echo "2、Linux 64位" echo "3、Windows 32位" echo "4、Windows 64位" echo "5、Mac OS 32位" echo "6、Mac OS 64位" echo "7、Linux ARM"
read num case "$num" in [1] ) compile_client linux 386 ;; [2] ) compile_client linux amd64 ;; [3] ) compile_client windows 386 ;; [4] ) compile_client windows amd64 ;; [5] ) compile_client darwin 386 ;; [6] ) compile_client darwin amd64 ;; [7] ) compile_client linux arm ;; *) echo "选择错误,退出";; esac
}
echo "请输入下面数字进行选择" echo "------------------------" echo "1、全新安装" echo "2、安装依赖" echo "3、安装git" echo "4、安装go环境" echo "5、安装ngrok" echo "6、生成客户端" echo "7、卸载" echo "8、启动服务" echo "9、查看配置文件" echo "------------------------" read num case "$num" in [1] ) install_yilai install_git install_go install_ngrok ;; [2] ) install_yilai ;; [3] ) install_git ;; [4] ) install_go ;; [5] ) install_ngrok ;; [6] ) client ;; [7] ) unstall_git uninstall_go uninstall_ngrok ;; [8] ) echo "输入启动域名" read domain echo "启动端口" read port /usr/local/ngrok/bin/ngrokd -domain=$domain -httpAddr=":$port" ;; [9] ) echo "输入启动域名" read domain echo server_addr: '"'$domain:4443'"' echo "trust_host_root_certs: false" ;; *) echo "";; esac |
选择1安装完成后,如下图代表已经启动
以后服务端单独启动命令
Shell
1 | /usr/local/ngrok/bin/ngrokd -domain=ngrok.iyunw.cn -httpAddr=':80' & #ngrok.iyunw.cn是你的ngrok的域名 |
2.运行脚本生成客户端,根据你自己的客户端系统的平台选择
生成后在/usr/local/ngrok/bin/下面对应平台的目录下面,如我是windows 64 位,/usr/local/ngrok/bin/windows_amd64/ngrok.exe拷贝到客户机上的一个目录文件夹下
在客户机ngrok.exe该目录下写入配置文件ngrok.cfg,内容是
Shell
1 2 3 4 5 6 7 | server_addr: "ngrok.iyunw.cn:4443" trust_host_root_certs: false tunnels: manager: subdomain: "www" proto: http: "80" |
说明:
server_addr:你域名的地址:隧道端口
subdomain:域名前缀
proto:
http: "80" :客户端需要映射的端口
tcp配置文件
Shell
1 2 3 4 5 6 7 8 |
server_addr: "ngrok.iyunw.cn:4443" trust_host_root_certs: false tunnels: ssh: remote_port: 10086 proto: tcp: 22 |
在客户机ngrok.exe该目录下写入启动文件ngrok.bat,内容是
Shell
1 | ngrok.exe -config ngrok.cfg start manager |
其他机器访问
http://www.ngrok.iyunw.cn/ 就可以访问了
脚本下载: