## 内网穿透 ngrok+nginx docker容器/docker-compose - fork github 上的ngrok [https://github.com/inconshreveable/ngrok.git](https://github.com/inconshreveable/ngrok.git) #### 制作Docker镜像 Dockerfile ``` Dockerfile FROM golang:1.13 WORKDIR /ngrok COPY . /ngrok RUN apt-get update && apt-get upgrade -y && apt-get install supervisor socat -y && \ cd /ngrok && mkdir cert ENV GODEBUG="x509ignoreCN=0" ENV email adddge@aliyun.com ENV DOMAIN ng.adong.wiki ENV HTTP 80 ENV HTTPS 443 ENV SDOMAIN test CMD ["sh", "-c", "/ngrok/start.sh $DOMAIN $HTTP $HTTPS"] ``` #### 编写运行文件 /ngrok/start.sh ``` Bash #!/usr/bin/env bash echo "ngrok run $1 $2 $3 $4 $5" device_crt="/ngrok/cert/device.crt" if [ ! -f "$device_crt" ];then cd /ngrok/cert openssl genrsa -out rootCA.key 2048 openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$1" -days 5000 -out rootCA.pem openssl genrsa -out device.key 2048 openssl req -new -key device.key -subj "/CN=$1" -out device.csr openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000 cp rootCA.pem /ngrok/assets/client/tls/ngrokroot.crt cp device.crt /ngrok/assets/server/tls/snakeoil.crt cp device.key /ngrok/assets/server/tls/snakeoil.key cd /ngrok/ GOOS=linux GOARCH=amd64 make release-server GOOS=darwin GOARCH=amd64 make release-client GOOS=windows GOARCH=amd64 make release-client fi ./bin/ngrokd -domain="$1" -httpAddr=":$2" -httpsAddr=":$3" ``` #### 服务端 创建镜像 运行容器 ``` Bash # build docker image docker build -t adddge/ngrok:1.0 . # run docker container docker run -it --name ngrok --restart=always -p 80:80 -p 443:443 -p 4443:4443 -e domain=ng.adong.wiki -e http=80 -e https=443 adddge/ngrok:1.0 ``` 浏览器中输入配置的域名显示 Tunnel xxx.com:8080 not found 说明ngrok服务器启动 - [https://hub.docker.com/r/adddge/ngrok](https://hub.docker.com/r/adddge/ngrok) #### 服务端 和nginx 配合使用 ``` yaml version: "3.6" services: nginx: image: nginx:alpine container_name: ngrok_nginx volumes: - "./docker/nginx/conf.d:/etc/nginx/conf.d" - "./docker/webroot:/opt/html" environment: TZ: "Asia/Shanghai" ports: - "80:80" - "443:443" restart: unless-stopped networks: - ngrok-network ngrok: build: context: . container_name: ngrok_ngrok restart: always volumes: - "./docker/webroot:/opt/html" environment: TZ: "Asia/Shanghai" DOMAIN: 'ng.adong.wiki' HTTPS: 8443 HTTP: 8080 ports: - "4443:4443" - "15672:8080" networks: - ngrok-network networks: ngrok-network: name: ngrok_network ipam: config: - subnet: 172.10.0.0/16 ``` #### nginx 配置文件 ``` nginx server { listen 80; server_name ng.adong.wiki *.ng.adong.wiki; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host:8080; proxy_set_header X-Nginx-Proxy true; proxy_set_header Connection ""; proxy_pass http://ngrok_ngrok:8080; } } ... # 执行 启动 docker-compose up ``` #### 客户端文件 ``` Bash # 启动成功后，容器中复制客户端运行文件到宿主机，再执行下载到自己电脑 # macos docker cp ngrok:/ngrok/bin/darwin_amd64/ngrok /home/ngrok # windows docker cp ngrok:/ngrok/bin/windows_amd64/ngrok.exe /home/ngrok.exe ``` #### 本地电脑中运行客户端 ``` Bash # ngrok.cfg server_addr: "ng.adong.wiki:4443" trust_host_root_certs: false # 启动客户端 ./ngrok -config=ngrok.cfg -log=ngrok.log -subdomain test 8000 # 浏览器输入 http://test.ng.adong.wiki ``` - github [https://github.com/adongge/ngrok.git](https://github.com/adongge/ngrok.git)