Fading Coder

One Final Commit for the Last Sprint

Home > Tech > Content

Deploying Local Ollama-Chat Service via FRP Reverse Proxy

Tech 1

The core challenge is exposing a locally running large model service (openui-backend-go) to the public internet through a low-spec cloud server, enabling external access via a custom domain.

Technical Architecture

FRP (Fast Reverse Proxy) is used for reverse proxy tunneling. The setup involves a public FRP server (FRPS) on the cloud instence and a local FRP client (FRPC) that forwards traffic.

Service Overview:

Service Location Port Protocol Notes
Open-webUI Frontend Cloudflare Pages - HTTPS Accessible at https://openui-svelte-build.pages.dev
FRP Server (FRPS) Aliyun ECS 8443 HTTPS Handles incoming public traffic.
FRP Client (FRPC) Local Machine 8443 HTTPS Forwards traffic to local service.
openui-backend-go API Local Machine 8443 HTTPS Served locally via nginx.

FRP Server (FRPS) Deployment

docker-compose.yaml

version: '3'
services:
  frps:
    image: eilinge/frps
    ports:
      - "7000:7000"
      - "8080:8080"
      - "17500:17500"
      - "8443:8443"
    volumes:
      - ./frps.ini:/etc/frp/frps.ini
      - /etc/ssl/certs:/etc/ssl/certs
    container_name: frps

frps.ini Configuration

[common]
bind_port = 7000

token = [YOUR_SECURE_TOKEN]
vhost_http_port = 8080
dashboard_port = 17500
vhost_https_port = 8443
dashboard_user = [DASHBOARD_USER]
dashboard_pwd = [DASHBOARD_PASSWORD]
tcp_mux = true
max_pool_count = 10
ssl_enable = true
ssl_cert_file = /etc/nginx/etc/cert/gpt-oai.icu.pem
ssl_key_file = /etc/nginx/etc/cert/gpt-oai.icu.key

FRP Client (FRPC) Deployment

docker-compose.yaml

version: '3'
services:
  frpc:
    image: eilinge/frpc
    volumes:
      - ./frpc.ini:/etc/frp/frpc.ini
    container_name: frpc
    network_mode: host

frpc.ini Configuration

[common]
server_addr = "[YOUR_ALIYUN_SERVER_IP]"
server_port = 7000
token = [YOUR_SECURE_TOKEN]

[service1]
type = https
local_ip = "[YOUR_LOCAL_MACHINE_IP]"
local_port = 8443
remote_port = 8443
custom_domains = chat.gpt-oai.icu

Prerequisites and Considerations

  • Cloud Security Groups: Ensure the cloud server's security group rules allow traffic on ports 7000, 8443, 8080, and 17500.
  • SSL Certificates: Valid SSL certificates require domain registration and filing (e.g., ICP filing in China) before application.
  • DNS Configuration: The domain (chat.gpt-oai.icu) must have its DNS A record pointing to the cloud server's public IP address.
  • Service Verification: Monitor the FRP dashboard and logs to confirm the tunnel is active and correctly forwardnig traffic.
Tags: FRPReverse Proxyollamainternal network penetrationdocker
Back to List

Prev: Orchestrating Dynamic Thread Pools via Nacos in Spring Cloud Applications

Next: Transaction Propagation Behaviors and Programmatic Transactions in Spring @Transactional

Related Articles

Understanding Strong and Weak References in Java

Strong References Strong reference are the most prevalent type of object referencing in Java. When an object has a strong reference pointing to it, the garbage collector will not reclaim its memory. F...

Comprehensive Guide to SSTI Explained with Payload Bypass Techniques

Introduction Server-Side Template Injection (SSTI) is a vulnerability in web applications where user input is improper handled within the template engine and executed on the server. This exploit can r...

Implement Image Upload Functionality for Django Integrated TinyMCE Editor

Django’s Admin panel is highly user-friendly, and pairing it with TinyMCE, an effective rich text editor, simplifies content management significantly. Combining the two is particular useful for bloggi...

Leave a Comment

Anonymous

◎Feel free to join the discussion and share your thoughts.

Copyright © fadingcoder.top