vi /www/server/docker/ngrok/.env
# ngrok域名
NGROK_DOMAIN=demo.dayspick.com
# ngrok监听的http端口
NGROK_HTTP_PORT=16880
# ngrok监听的https端口
NGROK_HTTPS_PORT=16844
# ngrok隧道端口
NGROK_TUNNEL_PORT=4443
# docker映射端口范围,tcp转发时可使用此范围内的端口
NGROK_PORT_RANGE=23001-23009
# ssl证书路径(可不设置)
NGROK_TLS_CRT=/ssl/server.crt
# ssl证书密钥路径(可不设置)
NGROK_TLS_KEY=/ssl/server.key
# ssl证书CA路径(可不设置)
NGROK_TLS_CA=/ssl/rootCA.pem
mkdir /www/server/docker/ngrok/ssl
cp /etc/letsencrypt/live/demo.dayspick.com/chain.pem /www/server/docker/ngrok/ssl/rootCA.pem
cp /etc/letsencrypt/live/demo.dayspick.com/cert.pem /www/server/docker/ngrok/ssl/server.crt
cp /etc/letsencrypt/live/demo.dayspick.com/privkey.pem /www/server/docker/ngrok/ssl/server.key
vi /www/server/docker/ngrok/ssl/rootCA.pem
## 保留第一段----BEGIN CERTIFICATE---—
服务器ngrok安装路径
/www/server/docker/ngrok/
泛解析域名目录
certbot certificates
cd /etc/letsencrypt/live/demo.dayspick.com/
nginx目录 /www/server/panel/vhost/nginx
cd /www/server/panel/vhost/nginx
vi demo.dayspick.com.conf
server {
listen 443 ssl;
server_name *.demo.dayspick.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host:16844;
proxy_set_header X-Nginx-Proxy true;
proxy_set_header Connection "";
proxy_pass <https://127.0.0.1:16844>;
}
ssl_certificate /www/server/docker/ngrok/ssl/server.crt;
ssl_certificate_key /www/server/docker/ngrok/ssl/server.key;
ssl_session_timeout 5m;
}
/www/server/nginx/sbin/nginx -s reload
本机配置
server_addr: "x.demo.dayspick.com:4443"
trust_host_root_certs: true
tunnels:
api_lzj:
proto:
https: 8099
subdomain: a