ngrok icon indicating copy to clipboard operation
ngrok copied to clipboard

Published 20 hours ago verified publisher icon inconshreveable

Selfhosting: Provide Let's Encrypt usage?

Open IngwiePhoenix opened this issue 6 years ago • 11 comments

Hey!

I'd like to host ngrok from my own server, which is currently using Let's Encrypt certs (/etc/letsencrypt/live/$domain/{privkey,chain,fullchain,cert}.pem).

I am unsure which file goes where, and would like to suggest adding a suggestion to SELFHOSTING.md for other users, since Let's Encrypt is widely used.

Thanks and kind regards, Ingwie

IngwiePhoenix avatar Apr 27 '19 13:04 IngwiePhoenix

I have the same quesstion.

fishfree avatar Apr 28 '19 12:04 fishfree

Hey!

I'd like to host ngrok from my own server, which is currently using Let's Encrypt certs (/etc/letsencrypt/live/$domain/{privkey,chain,fullchain,cert}.pem).

I am unsure which file goes where, and would like to suggest adding a suggestion to SELFHOSTING.md for other users, since Let's Encrypt is widely used.

Thanks and kind regards, Ingwie

/etc/letsencrypt/live/$domain/privkey.pem is your private key, rename it to private.key。 /etc/letsencrypt/live/$domain/fullchain.pem is certificate file,rename it to xxx.crt。 Adding -tlskey and -tlsCrt parameter when running ngrokd。 -tlskey=private.key, -tlsCrt=xxx.crt I hope to help you ^_^

AaronChun avatar May 04 '19 14:05 AaronChun

Would someone be able to link a tutorial for self hosted ngrok using letsencrypt for ssl?

danwetherald avatar Jul 01 '19 07:07 danwetherald

I think I got it working! I hope to write a blog about it, but these are the general steps:

NOTE: The ngrok cli you download is version 2. When compiling, you are working with version 1. They are incompatible for this effort

  • Install Certbot
  • Generate and install Wildcard certificate. (Wildcard is needed to support custom hostnames, e.g. blah.ngrok.example.com).
    • My DNS registrar isn't supported, so this was a manual process and took me a while to get right. sudo certbot certonly -d '*.ngrok.example.com' --manual
  • Compile (requires golang). make release-server release-client
  • sudo bin/ngrokd -tlsKey="/etc/letsencrypt/live/ngrok.example.com/privkey.pem" -tlsCrt="/etc/letsencrypt/live/ngrok.example.com/fullchain.pem" -domain="ngrok.example.com"
  • Create a config: echo -e "server_addr: ngrok.example.com:4443\ntrust_host_root_certs: true" > ngrok-config
  • Run client: ./ngrok -config=ngrok-notify.yaml 80

A few gotchas:

  • The Wildcard cert is important, and took me a while to get right.
  • You will need to compile client and server

I'm sure there's a lot more steps required, but after fighting with this for hours, I wanted to detail my steps so far.

lastcoolnameleft avatar Jul 15 '19 20:07 lastcoolnameleft

Notice Here echo -e "server_addr: *.ngrok.example.com:4443\ntrust_host_root_certs: true" > ngrok-config ./ngrok -config=ngrok-config.yaml 80

trylovetom avatar May 28 '20 13:05 trylovetom

See tutorial: https://medium.com/@shivanshvij/a-self-hosted-ngrok-45bcec06d0cf

ricardojlrufino avatar Oct 09 '20 00:10 ricardojlrufino

https://gist.github.com/lyoshenka/002b7fbd801d0fd21f2f

ricardojlrufino avatar Oct 09 '20 00:10 ricardojlrufino

I think I got it working! I hope to write a blog about it, but these are the general steps:

NOTE: The ngrok cli you download is version 2. When compiling, you are working with version 1. They are incompatible for this effort

  • Install Certbot

  • Generate and install Wildcard certificate. (Wildcard is needed to support custom hostnames, e.g. blah.ngrok.example.com).

    • My DNS registrar isn't supported, so this was a manual process and took me a while to get right. sudo certbot certonly -d '*.ngrok.example.com' --manual

  • Compile (requires golang). make release-server release-client

  • sudo bin/ngrokd -tlsKey="/etc/letsencrypt/live/ngrok.example.com/privkey.pem" -tlsCrt="/etc/letsencrypt/live/ngrok.example.com/fullchain.pem" -domain="ngrok.example.com"

  • Create a config: echo -e "server_addr: ngrok.example.com:4443\ntrust_host_root_certs: true" > ngrok-config

  • Run client: ./ngrok -config=ngrok-notify.yaml 80

A few gotchas:

  • The Wildcard cert is important, and took me a while to get right.
  • You will need to compile client and server

I'm sure there's a lot more steps required, but after fighting with this for hours, I wanted to detail my steps so far.

Before step

  • Compile (requires golang). make release-server release-client

You should copy the pem to client tls:

sudo cp /etc/letsencrypt/live/ngrok.example.com/fullchain.pem assets/client/tls/ngrokroot.crt

then compile it

# Linux
make release-server release-client
# mac
$ GOOS=darwin GOARCH=amd64 make release-client
# windows
$ GOOS=windows GOARCH=amd64 make release-client

ajaxsys avatar Mar 03 '21 04:03 ajaxsys

@ajaxsys Congrats! I'd be very interested in your blog. I've tried implementing this a few other options, but hit different walls. If you've got a blog/full documentation for it, I'd be very interested.

lastcoolnameleft avatar Mar 12 '21 03:03 lastcoolnameleft

@lastcoolnameleft

I am now moved to

https://github.com/fatedier/frp

It's very simple to use, NO compile, just download & config & run.

For ssl support, just make nginx(http server, which can easily integrate with Let's encrypt) proxy pass to frp

ajaxsys avatar Mar 12 '21 04:03 ajaxsys

Thanks for sharing! FRP seems to be just what I was looking for.

lastcoolnameleft avatar Mar 14 '21 20:03 lastcoolnameleft

Thank you for opening this issue! As of April 2016, the ngrok service has permanently moved to https://ngrok.com/. To join the community and file bug reports or feature enhancements for the ngrok agent, please go to https://github.com/ngrok/ngrok.

This repository is no longer actively maintained and will be archived soon to reduce confusion with the latest ngrok versions. We thank you for the continued support of ngrok and look forward to seeing you over at ngrok.com and the ngrok Community Repo.

russorat avatar May 09 '24 19:05 russorat