Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Setting Up a Self-Hosted Ngrok Server on CentOS 7.6

Tech 1

Prerequisites

  • A registered domain name (e.g., example.com) with an A record pointing to your server's public IP.
  • A VPS with a public IP (recommend 4 Mbps bandwidth or higher).
  • A file transfer tool like FileZilla or SCP.
  • Root access to the server.

Step 1: Install Dependencies

First, update the system packages and install Go and Git:

yum update -y
yum install -y go git
go version
git --version

If Go is not found in the default repositories, you can download it manually from the official website and install it by extracting the tarball to /usr/local.

Step 2: Clone Ngrok Source and Generate Certificates

Clone the ngrok source code (using a Gitee mirror for faster access):

cd /root
git clone https://gitee.com/marchocode/ngrok.git
cd ngrok
mkdir ssl
cd ssl

Create a configuration file for the SAN certificate (replace ngrok.example.com with your domain):

echo "subjectAltName = DNS:ngrok.example.com" > extfile.cnf

Export the domain as an environment variable and generate the certificates:

export NGROK_DOMAIN="ngrok.example.com"
openssl genrsa -out base.key 2048
openssl req -new -x509 -nodes -key base.key -days 5000 -subj "/CN=$NGROK_DOMAIN" -out base.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csr
openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 5000 -out server.crt -extfile extfile.cnf

Copy the generated certificates to the ngrok assets directories:

cp base.pem ../assets/client/tls/ngrokroot.crt
cp server.crt ../assets/server/tls/snakeoil.crt
cp server.key ../assets/server/tls/snakeoil.key

Step 3: Compile the Server and Client Binaries

Go back to the ngrok root directory and compile the server binary:

cd /root/ngrok
GOOS=linux GOARCH=amd64 make release-server

If you encounter a make: *** [deps] Error 1, ensure you are in the correct directory and that all dependencies are installed. You may need to install make, gcc, and mercurial.

Compile the Windows client (64-bit):

GOOS=windows GOARCH=amd64 make release-client

After compilation, the server binary will be at /root/ngrok/bin/ngrokd, and the client binary will be at /root/ngrok/bin/windows_amd64/ngrok.exe.

Step 4: Configure the Client

Create a configuration file named ngrok.cfg on the Windows machine where the client will run. Place it in the same directory as ngrok.exe.

server_addr: ngrok.example.com:4443
trust_host_root_certs: false

tunnels:
  mstsc:
    remote_port: 3378
    proto:
      tcp: "127.0.0.1:3389"

Note: Replace ngrok.example.com with you're actual domain. The port 4443 is used for the tunnel control connection. The remote port 3378 should be allowed in the server's firewall.

Step 5: Configure Firewall and Start the Server

On the server, open the required ports:

firewall-cmd --zone=public --add-port=4443/tcp --permanent
firewall-cmd --zone=public --add-port=3378/tcp --permanent
firewall-cmd --zone=public --add-port=3378/udp --permanent
firewall-cmd --reload

Start the ngrok server:

cd /root/ngrok
./bin/ngrokd -domain="ngrok.example.com" -httpAddr=:80 -httpsAddr=:443 -tunnelAddr=:4443

The server will display logs indicating it is listening on the respective ports.

Step 6: Connect the Client

On the Windows machine, open a Command Prompt, navigate to the folder containing ngrok.exe and ngrok.cfg, and run:

ngrok.exe -log=stdout -config=ngrok.cfg start mstsc

If successful, you will see a green online status with no errors.

Step 7: Connect via Remote Desktop

On any external Windows machine, open the Remote Desktop Connection app, enter ngrok.example.com:3378, and provide the credentials of the controlled Windows machine. You should connect successfully.

Running the Server in the Background with Screen

To keep the server running after you log out of SSH, use screen:

yum install -y screen
screen -S ngrokd
cd /root/ngrok
./bin/ngrokd -domain="ngrok.example.com" -httpAddr=:80 -httpsAddr=:443 -tunnelAddr=:4443

Detach from the screen session with Ctrl+A, then D. To reattach, use screen -r ngrokd.

Running the Client Hidden in Windows

Create a batch file (e.g., ngrok.bat) with the following content:

ngrok.exe -config=ngrok.cfg start mstsc

Then run the following PowerShell command to start it in a hidden window:

Start-Process -WindowStyle hidden -FilePath "ngrok.bat"

This will keep the client running without a visible console window.

Troubleshooting Commands

  • Kill a stuck ngrokd process: ps -ef | grep ngrokd, then kill <PID>.
  • List active screen sessions: screen -ls.
  • Remove a screen session: screen -S <session_name> -X quit.
Tags: ngrokcentosvpsremote-desktoptunnel
Back to List

Prev: Palindrome Date Calculation

Next: Implementing YOLOv8 for Object Detection with PyTorch

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top