安装go
//下载go安装包
wget https://dl.google.com/go/go1.10.1.linux-amd64.tar.gz
//解压go安装包
tar -C /usr/local -xzf go1.10.1.linux-amd64.tar.gz
//编辑环境变量文件
nano /etc/profile
//最后添加环境变量
export PATH=$PATH:/usr/local/go/bin
//应用环境变量
source /etc/profile
安装ngrok
- 下载ngrok源码
cd /usr/local
git clone https://github.com/inconshreveable/ngrok.git
cd ngrok
- 生成证书
在自生成证书时需要一个解析到服务器上的主域名,以xxx.com为例。
//临时变量
export NGROK_DOMAIN="xxx.com"
//生成证书
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 5000 -out rootCA.pem
openssl genrsa -out device.key 2048
openssl req -new -key device.key -subj "/CN=$NGROK_DOMAIN" -out device.csr
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000
//将新生成的证书,替换掉assets/client/tls下的证书
cp rootCA.pem assets/client/tls/ngrokroot.crt
cp device.crt assets/server/tls/snakeoil.crt
cp device.key assets/server/tls/snakeoil.key
- 编译生成 ngrokd 服务端
这里是交叉编译,linux系统GOOS=linux,64位系统GOARCH=amd64,32位系统GOARCH=386
#当前系统可用go env查看
GOOS=linux GOARCH=amd64
make release-server
- 可能遇到的问题
- 问题1:
GOOS="" GOARCH="" go get github.com/jteeuwen/go-bindata/go-bindata
bin/go-bindata -nomemcopy -pkg=assets -tags=release \
-debug=false \
-o=src/ngrok/client/assets/assets_release.go \
assets/client/...
make: bin/go-bindata: Command not found
make: *** [client-assets] Error 127
解决方法:前往go安装目录的bin目录下找到go-bindata,将他移动到ngrok/bin下 (没有bin,可新建一个)
- 问题2:
package code.google.com/p/log4go: Get https://code.google.com/p/log4go/source/checkout?repo=: dial tcp 216.58.197.110:443: i/o timeout
因为google被墙,如果服务器不在墙外或者没有FQ则无法访问到code.google.com.
解决方法:在 ngrok/src/ngrok/log 目录下找到 logger.go 文件,修改其中第4或5行的:
log "code.google.com/p/log4go”为
log "github.com/keepeye/log4go"
3.问题3:
GOOS="" GOARCH="" go get github.com/jteeuwen/go-bindata/go-bindata
# github.com/jteeuwen/go-bindata
src/github.com/jteeuwen/go-bindata/toc.go:47: function ends without a return statement
make: *** [bin/go-bindata] Error 2
解决办法: https://github.com/inconshreveable/ngrok/issues/237
ngrok自启动脚本
#!/bin/sh
### BEGIN INIT INFO
# Provides: ngrokd
# Required-Start: $local_fs $remote_fs $network
# Required-Stop: $local_fs $remote_fs $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ngrokd
# Description:
#
### END INIT INFO
NAME=ngrokd
DAEMON=/usr/local/ngrok/bin/$NAME
KEY=/usr/local/ngrok/assets/server/tls/snakeoil.key
CRT=/usr/local/ngrok/assets/server/tls/snakeoil.crt
DOMAIN="xxx.com"
HTTPADDR=":80"
HTTPSADDR=":443"
TUNNELADDR=":4443"
case "$1" in
start)
echo "Starting $NAME..."
nohup $DAEMON -tlsKey=$KEY -tlsCrt=$CRT -domain=$DOMAIN -httpAddr=$HTTPADDR -httpsAddr=$HTTPSADDR -tunnelAddr=$TUNNELADDR >/dev/null 2>&1 &
;;
stop)
echo "Stopping $NAME..."
sudo ps -ef|grep $NAME|grep -v grep|cut -c 9-15|xargs kill -9
;;
restart)
$0 stop && sleep 2 && $0 start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
;;
esac
exit 0
编译生成 ngrok 客户端
#这里是交叉编译,linux系统GOOS=linux,64位系统GOARCH=amd64,32位系统GOARCH=386
#当前系统可用go env查看
Linux 32位 linux 386
Linux 64位 linux amd64
Windows 32位 windows 386
Windows 64位 windows amd64
Mac OS 32位 darwin 386
Mac OS 64位 darwin amd64
Linux ARM linux arm
GOOS=windows GOARCH=amd64 make release-client
添加iptable规则(4443),如果需要。
iptables -I INPUT -p tcp --dport 4443 -j ACCEPT
/etc/init.d/iptables save
service iptables restart
启动ngrok客户端
//ngrok.cfg
server_addr: "xxx.com:4443"
trust_host_root_certs: false
tunnels:
http:
subdomain: "www"
proto:
http: "8090"
https:
subdomain: "www"
proto:
https: "8090"
ssh:
remote_port: 2222
proto:
tcp: "22"
//run
ngrok -config ngrok.cfg start http https ssh
评论 (0)