mirror of
https://github.com/vimagick/dockerfiles.git
synced 2025-01-22 05:09:09 +02:00
ngrokd
ngrok is a reverse proxy that creates a secure tunnel from a public endpoint to a locally running web service. ngrok captures and analyzes all traffic over the tunnel for later inspection and replay.
docker-compose.yml
data:
build: .
entrypoint: /bin/true
service:
image: debian:jessie
command: >
./ngrokd
-domain=ngrok.easypi.info
-httpAddr=:2080
-httpsAddr=:2443
-tunnelAddr=:4443
-tlsCrt=snakeoil.crt
-tlsKey=snakeoil.key
-log-level=INFO
ports:
- "2080:2080"
- "2443:2443"
- "4443:4443"
volumes:
- ./ngrok:/ngrok
working_dir: /ngrok
restart: always
up and running
$ mkdir -p ~/fig/ngrokd/
$ cd ~/fig/ngrokd/
$ wget https://github.com/vimagick/dockerfiles/raw/master/ngrokd/docker-compose.yml
$ wget https://github.com/vimagick/dockerfiles/raw/master/ngrokd/Dockerfile
$ vim Dockerfile
$ docker-compose build data
$ docker-compose up -d data
$ docker cp ngrokd_data_1:/ngrok .
$ docker-compose rm -v data
$ docker rmi ngrokd_data
$ docker-compose up -d service
$ docker-compose logs service
important notes
- vimagick/ngrokd should not be used directly
- Change
NGROK_BASE_DOMAIN
in Dockerfile - Nerver push it to public repo
raspberry pi
/etc/ngrok/
├── conf.d/
│ ├── router.json
│ └── webcam.json
└── ngrok.yml
{
"name": "router",
"proto": "http",
"addr": "192.168.1.1:80",
"bind_tls": true,
"inspect": false,
"auth": "user:pass"
}
# /etc/ngrok/ngrok.yml
authtoken: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
console_ui: false
region: ap
web_addr: 0.0.0.0:4040
tunnels:
ssh:
proto: tcp
addr: 22
web:
proto: http
addr: 4040
bind_tls: true
inspect: false
auth: "user:pass"
# /etc/systemd/system/ngrok.service
[Unit]
Description=Secure Tunnels To Localhost
Documentation=https://ngrok.com/docs
After=network.target
[Service]
ExecStart=/usr/bin/ngrok start --config /etc/ngrok/ngrok.yml --log stdout --all
RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.target
# /etc/systemd/system/ngrok@.service
[Unit]
Description=Ngrok Instance Daemon
Requires=ngrok.service
After=ngrok.service
[Service]
ExecStart=/usr/bin/curl -sS -X POST \
-H 'Content-Type: application/json' \
-d @/etc/ngrok/conf.d/%I.json \
http://127.0.0.1:4040/api/tunnels
ExecStop=/usr/bin/curl -sS -X DELETE http://127.0.0.1:4040/api/tunnels/%I
Restart=on-failure
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
$ systemctl daemon-reload
$ systemctl start ngrok
$ systemctl enable ngrok
$ curl http://127.0.0.1:4040/api/tunnels/ssh
{"public_url": "tcp://0.tcp.ap.ngrok.io:19136"}
$ ssh -p 19136 root@0.tcp.ap.ngrok.io
$ systemctl start ngrok@router
$ curl http://127.0.0.1:4040/api/tunnels/router
{"public_url":"https://db45322c.ap.ngrok.io"}
$ w3m https://db45322c.ap.ngrok.io
$ systemctl status ngrok@*
openwrt
#!/bin/sh /etc/rc.common
START=90
STOP=10
USE_PROCD=1
start_service() {
procd_open_instance
procd_set_param command /usr/bin/ngrok start --config /etc/ngrok.yml --all
procd_set_param respawn 3600 5 0
procd_close_instance
}