Ngrok---内网穿透程序

在微信开发中,需要将开发者服务器和微信服务器连接起来,但是如果每次修改了代码就要发布到公网,然后再调试,这无疑会大大降低开发速度。所以需要使用Ngrok将本地程序代理到公网,本来一直在使用 sunny-ngrok,一块钱1G流量,而且微信因为是测试开发者账号,所以没有要求域名备案,但是今天申请的服务号下来了,需要备案域名,所以sunny-ngrok就没法使用了。所以还是自己搭建Ngrok服务器咯。

我的配置

说说我的服务器,阿里云ECS,CentOS.64位。

Go

下载

Go下载地址

安装
1
2
3
4
5
tar -C /usr/local -xzf go1.8.linux-amd64.tar.gz
# 将以下内容写到 ~/.bash_profile中
export PATH=$PATH:/usr/local/go/bin
# 别忘了让 .bash_profile生效
source ~/.bash_profile
测试
1
2
[root@iZ94pjjvvshZ src]# go version
输出:go version go1.8 linux/amd64

以上内容在Go的下载页面都有说明。

Ngrok

下载
1
git clone https://github.com/inconshreveable/ngrok.git
生成自签名证书并替换默认证书

ngrok需要一个域名作为base域名,ngrok会为客户端分配base域名的子域名。例如:ngrok的base域名为tunnel.mydomain.com,客户端即可被分配子域名test.tunnel.mydomain.com。使用ngrok官方服务时,base域名是ngrok.com,并且使用默认的SSL证书。现在自建ngrok服务器,所以需要重新为自己的base域名生成证书。

我的base domain是dev-heaven.com,打算分配一个子域名wechat.dev-heaven.com给客户端。

1
2
3
4
5
6
7
cd ngrok
# 为base域名tunnel.mydomain.com生成证书
openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=tunnel.mydomain.com" -days 5000 -out rootCA.pem
openssl genrsa -out device.key 2048
openssl req -new -key device.key -subj "/CN=tunnel.mydomain.com" -out device.csr
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 5000

执行完上述命令,正常情况下,该目录会多出device.crt、device.csr、device.key、rootCA.key、rootCA.pem、rootCA.srl六个文件,用它们来替换默认的证书文件即可。默认的证书文件在“./assets/client/tls”和“./assets/server/tls/”目录中

1
2
3
4
# 替换默认的证书文件
cp rootCA.pem assets/client/tls/ngrokroot.crt
cp device.crt assets/server/tls/snakeoil.crt
cp device.key assets/server/tls/snakeoil.key
编译生成服务器端
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
make release-server release-client
输出:GOOS="" GOARCH="" go get github.com/jteeuwen/go-bindata/go-bindata
bin/go-bindata -nomemcopy -pkg=assets -tags=release \
-debug=false \
-o=src/ngrok/client/assets/assets_release.go \
assets/client/...
bin/go-bindata -nomemcopy -pkg=assets -tags=release \
-debug=false \
-o=src/ngrok/server/assets/assets_release.go \
assets/server/...
go get -tags 'release' -d -v ngrok/...
github.com/inconshreveable/mousetrap (download)
github.com/rcrowley/go-metrics (download)
Fetching https://gopkg.in/inconshreveable/go-update.v0?go-get=1
Parsing meta tags from https://gopkg.in/inconshreveable/go-update.v0?go-get=1 (status code 200)
get "gopkg.in/inconshreveable/go-update.v0": found meta tag main.metaImport{Prefix:"gopkg.in/inconshreveable/go-update.v0", VCS:"git", RepoRoot:"https://gopkg.in/inconshreveable/go-update.v0"} at https://gopkg.in/inconshreveable/go-update.v0?go-get=1
gopkg.in/inconshreveable/go-update.v0 (download)
github.com/kardianos/osext (download)
github.com/kr/binarydist (download)
Fetching https://gopkg.in/inconshreveable/go-update.v0/check?go-get=1
Parsing meta tags from https://gopkg.in/inconshreveable/go-update.v0/check?go-get=1 (status code 200)
get "gopkg.in/inconshreveable/go-update.v0/check": found meta tag main.metaImport{Prefix:"gopkg.in/inconshreveable/go-update.v0", VCS:"git", RepoRoot:"https://gopkg.in/inconshreveable/go-update.v0"} at https://gopkg.in/inconshreveable/go-update.v0/check?go-get=1
get "gopkg.in/inconshreveable/go-update.v0/check": verifying non-authoritative meta tag
Fetching https://gopkg.in/inconshreveable/go-update.v0?go-get=1
Parsing meta tags from https://gopkg.in/inconshreveable/go-update.v0?go-get=1 (status code 200)
Fetching https://gopkg.in/yaml.v1?go-get=1
Parsing meta tags from https://gopkg.in/yaml.v1?go-get=1 (status code 200)
get "gopkg.in/yaml.v1": found meta tag main.metaImport{Prefix:"gopkg.in/yaml.v1", VCS:"git", RepoRoot:"https://gopkg.in/yaml.v1"} at https://gopkg.in/yaml.v1?go-get=1
gopkg.in/yaml.v1 (download)
github.com/inconshreveable/go-vhost (download)
github.com/alecthomas/log4go (download)
github.com/nsf/termbox-go (download)
github.com/mattn/go-runewidth (download)
github.com/gorilla/websocket (download)
go install -tags 'release' ngrok/main/ngrokd

出现以上表示编译成功。

运行服务端ngrok
1
2
./bin/ngrokd -domain="tunnel.mydomain.com" -httpAddr=":8080" -httpsAddr=":4000"
默认的https端口和http端口是44380,但是这两个端口已经被Nginx占了,所以换成90004000

出现以下内容,即为成功

1
2
3
4
[21:30:55 CST 2017/03/09] [INFO] (ngrok/log.(*PrefixLogger).Info:83) [registry] [tun] No affinity cache specified
[21:30:55 CST 2017/03/09] [INFO] (ngrok/log.Info:112) Listening for public http connections on [::]:9000
[21:30:55 CST 2017/03/09] [INFO] (ngrok/log.Info:112) Listening for public https connections on [::]:4000
[21:30:55 CST 2017/03/09] [INFO] (ngrok/log.Info:112) Listening for control and proxy connections on [::]:4443

可以使用nohup后台运行。

1
nohup ./bin/ngrokd -domain="tunnel.mydomain.com" -httpAddr=":8080" -httpsAddr=":4000" &
编译客户端
Mac
1
GOOS=darwin GOARCH=amd64 make release-client
Windows
1
2
GOOS=windows GOARCH=amd64 make release-client
#以上GOARCH=amd64指的是编译为64位版本,如需32位改成GOARCH=386即可

以上编译成功后可以在./bin目录下找到对应的可执行程序,下载即可。

我知道是不会有人点的,但万一有人想不开呢!