[HN Gopher] Ngrok Alternatives ___________________________________________________________________ Ngrok Alternatives Author : tosh Score : 103 points Date : 2022-02-23 17:32 UTC (5 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | ithrow wrote: | Have anyone run ngrok on ubiquiti routers, how did it go? | moonchrome wrote: | Ngrok was really cool since I never thought about reverse | proxying my localhost before l tried it. | | But for the price of ngrok I'm paying for a domain and a 2gb | ram/2 CPU VM on hetzner and using SSH tunnels to nginx reverse | proxy. | | And setting up a shared server for a team with subdomains is just | 10 mins of config changes per user - no way they can justify the | cost for me. | | If it was some symbolic price like 20$/year then I wouldn't | bother, otherwise I'll take the VM I can load other random dev | crap to when I need it. | | And you're using standard web tech to set this up - if you aren't | familiar with something required to set this up you will be | better off learning it in the long run (if you're the target | audience for ngrok) : VM setup, nginx, reverse proxy, SSH | tunneling, let's encrypt, domain management/DNS - all valuable | fundamental skills to acquire on a small project. | anderspitman wrote: | For developers, I largely agree with you, though even in that | demographic often it's nice to not have to fiddle with the | details yourself, even if you know how. | | But I'm interested in a different demographic. Someone who | wants to run their own blog, or run a Nextcloud server for | their family, or host albums from their photography work | shouldn't need to understand DNS, TLS certs, IP addresses, | ports, etc. They should be able to install an app on their | laptop (or old Android phone, or Raspberry Pi), go through a | quick OAuth flow to tunnel out of their home network, and have | their content available to the rest of the web. | | Obviously there are UX and security concerns, but these are | solvable problems. | bauerd wrote: | Servers require maintenance. Time is money | bredren wrote: | Longtime ngrok customer. | | It seems like ngrok went from kind of a humble presentation to a | more splashy look and maybe larger feature set. | | The company is also actively recruiting sr swe's right now. | | Was the product bought or did the company take capital relatively | recently? | | It was such an understated thing for so long. | anderspitman wrote: | Personally I think they might be feeling the heat from | Cloudflare Tunnel. To quote myself from a couple weeks ago[0] | (note that an ngrok employee responded to some of my concerns): | | > _As much as it pains me to say it, Cloudflare seems well | positioned to eat ngrok 's lunch. AFAIK they offer everything | ngrok does plus auto TLS certs, CDN, domain name registration, | and tons of other features. They also have way more edge | servers for terminating tunnels close to the origin devices. | And they can afford to do all this for free as a loss leader | product. It's the AWS bundling effect. Oh and the client source | code is available._ | | > _I don 't want to see Cloudflare completely take over this | space, but Cloudflare Tunnel is tough to compete with._ | | > _One knob ngrok could still turn is adding auto TLS certs | which are managed on the client side. Then you can offer e2ee | which is something Cloudflare will probably never do._ | | [0]: https://news.ycombinator.com/item?id=30260530 | samhw wrote: | I'm amazed even to hear the words "an Ngrok employee", like | it were Google or something. The last time I remember reading | about Ngrok, it was just one guy's repo on GitHub. That | doesn't even feel that long ago. I'm stunned and perplexed to | hear all of this. | evanelias wrote: | Ngrok is a high-quality, well-engineered, bootstrapped | product. Honest question, why be stunned and perplexed that | it is successful enough to build a company around? Plenty | of software companies start this way. And there's a huge | spectrum between "having employees" and "being Google". | wenholz wrote: | Greetings! Director of Eng here at ngrok. Figured I should say | something (more of a lurker than I care to admit) since someone | mentioned the recruiting side of things ;) | | We haven't been bought and haven't taken any capital, but we | have made some massive investments into our product: new ways | of connecting, new ways of securing, reliability, etc. There | are a couple announcements coming soon I don't want to spoil. | We've been a quiet crew for a while! | | On the recruiting side, we've got tons of openings in product | engineering (junior, senior, management, PMs) and across the | rest of the company. Please don't hesitate to reach out if you | have an interest in working with us. | johnmarcus wrote: | i'll need to open a pull request for | [tolocal](https://github.com/nelsonenzo/tolocal) :). It's clunky | because it requires node and terraform and AWS, but all your | stuff is self hosted and can be e2e encrypted, costs almost | nothing, can be used with real domain names, etc. I would like to | make it all JS at some point (the actual terraform is minimal), | but it's hard to see why when Cloudflare Tunnel is a thing now. | systemvoltage wrote: | We use Cloudflare Tunnels. It is the easiest and has an excellent | client (open source under Apache license). | anderspitman wrote: | Cloudflare Tunnel is what I (maintainer of OP list) currently | recommend for most people. It's an excellent free service. Main | downsides are: | | * You can't do end-to-end encryption, ie Cloudflare terminates | TLS for all requests and can see your data. | | * Cloudflare's ToS specifically says you can only use the free | tier for HTML websites. Anything else (ie video streaming, | photo albums, etc) is technically grounds for suspension, | although that seems to be rare in practice. | | * Not open source. You can't self-host the server. (EDIT: | Client is Apache licensed now) Client source code is available | but not FOSS. | systemvoltage wrote: | > Client source code is available but not FOSS. | | They recently changed that, may be I am missing something?: h | ttps://github.com/cloudflare/cloudflared/blob/master/LICENS.. | . | anderspitman wrote: | Ah you're right. I forget they said[0] a couple weeks ago | that they would be changing that. Great news! | | [0]: https://news.ycombinator.com/item?id=30285051 | qbasic_forever wrote: | Tor/onion hidden services are under-appreciated here and a good | fit for potentially replacing ngrok: | https://community.torproject.org/onion-services/setup/ | | You need to run a tor daemon on the server side and then a tor | browser or tor on the client side, but other than that there is | no other setup or intermediary service/server necessary. This | solves a lot of pain that many ngrok alternatives still require | you to run (or pay for using) some central hub server, have a | public IP & DNS, etc. | anderspitman wrote: | I've been meaning to add Tor to the list. PRs welcome. | madacol wrote: | I made a little write up on how to setup onion services for | ssh https://github.com/madacol/knowledge/blob/master/Ssh%20se | rve... | | Just follow the first part, and change the port to whatever | you are using | | You always need a compatible client on the other side | tomjen3 wrote: | A simple alternative: I have a new asus router with built in | support for their DynDNS clone. I can then buy a cheap domain, | cname it to the asus domain and have Caddy proxy forward a | subdomain to my laptop. | | It will be lots cheaper per month than Ngrok, of course, but it | will take more setup. | anderspitman wrote: | This will work as long as your laptop stays on that network, | and as long as you don't mind your IP address being public. | jwr wrote: | I really like ngrok, but I keep bumping into a limitation: if I | leave a development tunnel open from one machine, there is no way | to shut it down remotely and open it elsewhere. | | I am hoping this will be added one day, because it blocked me a | number of times already. | anderspitman wrote: | Maintainer of the list here. Take a look at my boringproxy | project. Once you have the clients running on each machine, all | the tunnels can be managed through a web UI on the server. With | a little elbow grease[0], you can also SSH into any of the | clients (as long as they have sshd running). | | [0]: https://forum.indiebits.io/t/how-to-forward-ssh-port- | example... | erikschoster wrote: | That would be a handy thing to do. A workaround could be to | have a raspberry pi or similar as your ssh access point to a | local network via ngrok, with your main ngrok service running | on another machine on the local network in screen or tmux. Then | just ssh into the raspberry pi, connect to the machine running | the main ngrok service, drop into the session and reconfigure | as you like? | itsananderson wrote: | I feel like half of Ngrok's value prop is being undervalued here. | Namely the fact that it captures requests for inspection and | replay. That feature is an absolute game-changer for developing | things like Webhooks. | | First, it lets you easily see what the Webhooks payload looks | like in real life. Second, it lets you hit your endpoint | repeatedly with the same payload (while iterating on your code), | without having to trigger the 3rd party event again. | anderspitman wrote: | That is a great feature, but a dev-centric one. If your focus | is instead on self-hosting from behind a NAT, things like end- | to-end encryption become more important. There are always | tradeoffs. | francislavoie wrote: | Ngrok isn't the only one of those that do that though. It's not | a unique feature. Hence why there's alternatives listed. | ChicagoBoy11 wrote: | I have to say ngrok was one of the services I've used in life | that truly made me go "ohh holy shit." This was several years | ago, but it was such a pain point sharing local dev things with | other folks, and this made it absolutely so trivial. It felt a | bit like when I used prettier for the first time in my code -- | instantly I knew I couldn't live without having it in my life. I | hope him/they are making good money from the project! | granshaw wrote: | I'm old enough to remember a time where carrier grade NAT | wasn't freaking everywhere and everyone actually had a static | dedicated IP address | | You could start a multiplayer game of StarCraft just by putting | in your friends IP. It was wonderful and how the internet was | meant to be | patricklorio wrote: | I'll need to make a PR to add https://playit.gg :). Been working | on it for the past two years. Offers UDP support, ability to | tunnel a range of ports, and provides a fixed IP and port. I | recently purchased a /24 and moved the entire service to an | anycast network. An entire datacenter can go down and connections | will keep going . | anderspitman wrote: | UDP and Anycast are great features. Can you tunnel anything or | just game servers? | | Also, I would love to hear about your experience buying a /24 | if you've written about it somewhere. ___________________________________________________________________ (page generated 2022-02-23 23:00 UTC)