[HN Gopher] Ngrok Alternatives
___________________________________________________________________
Ngrok Alternatives
Author : tosh
Score : 103 points
Date : 2022-02-23 17:32 UTC (5 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| ithrow wrote:
| Have anyone run ngrok on ubiquiti routers, how did it go?
| moonchrome wrote:
| Ngrok was really cool since I never thought about reverse
| proxying my localhost before l tried it.
|
| But for the price of ngrok I'm paying for a domain and a 2gb
| ram/2 CPU VM on hetzner and using SSH tunnels to nginx reverse
| proxy.
|
| And setting up a shared server for a team with subdomains is just
| 10 mins of config changes per user - no way they can justify the
| cost for me.
|
| If it was some symbolic price like 20$/year then I wouldn't
| bother, otherwise I'll take the VM I can load other random dev
| crap to when I need it.
|
| And you're using standard web tech to set this up - if you aren't
| familiar with something required to set this up you will be
| better off learning it in the long run (if you're the target
| audience for ngrok) : VM setup, nginx, reverse proxy, SSH
| tunneling, let's encrypt, domain management/DNS - all valuable
| fundamental skills to acquire on a small project.
| anderspitman wrote:
| For developers, I largely agree with you, though even in that
| demographic often it's nice to not have to fiddle with the
| details yourself, even if you know how.
|
| But I'm interested in a different demographic. Someone who
| wants to run their own blog, or run a Nextcloud server for
| their family, or host albums from their photography work
| shouldn't need to understand DNS, TLS certs, IP addresses,
| ports, etc. They should be able to install an app on their
| laptop (or old Android phone, or Raspberry Pi), go through a
| quick OAuth flow to tunnel out of their home network, and have
| their content available to the rest of the web.
|
| Obviously there are UX and security concerns, but these are
| solvable problems.
| bauerd wrote:
| Servers require maintenance. Time is money
| bredren wrote:
| Longtime ngrok customer.
|
| It seems like ngrok went from kind of a humble presentation to a
| more splashy look and maybe larger feature set.
|
| The company is also actively recruiting sr swe's right now.
|
| Was the product bought or did the company take capital relatively
| recently?
|
| It was such an understated thing for so long.
| anderspitman wrote:
| Personally I think they might be feeling the heat from
| Cloudflare Tunnel. To quote myself from a couple weeks ago[0]
| (note that an ngrok employee responded to some of my concerns):
|
| > _As much as it pains me to say it, Cloudflare seems well
| positioned to eat ngrok 's lunch. AFAIK they offer everything
| ngrok does plus auto TLS certs, CDN, domain name registration,
| and tons of other features. They also have way more edge
| servers for terminating tunnels close to the origin devices.
| And they can afford to do all this for free as a loss leader
| product. It's the AWS bundling effect. Oh and the client source
| code is available._
|
| > _I don 't want to see Cloudflare completely take over this
| space, but Cloudflare Tunnel is tough to compete with._
|
| > _One knob ngrok could still turn is adding auto TLS certs
| which are managed on the client side. Then you can offer e2ee
| which is something Cloudflare will probably never do._
|
| [0]: https://news.ycombinator.com/item?id=30260530
| samhw wrote:
| I'm amazed even to hear the words "an Ngrok employee", like
| it were Google or something. The last time I remember reading
| about Ngrok, it was just one guy's repo on GitHub. That
| doesn't even feel that long ago. I'm stunned and perplexed to
| hear all of this.
| evanelias wrote:
| Ngrok is a high-quality, well-engineered, bootstrapped
| product. Honest question, why be stunned and perplexed that
| it is successful enough to build a company around? Plenty
| of software companies start this way. And there's a huge
| spectrum between "having employees" and "being Google".
| wenholz wrote:
| Greetings! Director of Eng here at ngrok. Figured I should say
| something (more of a lurker than I care to admit) since someone
| mentioned the recruiting side of things ;)
|
| We haven't been bought and haven't taken any capital, but we
| have made some massive investments into our product: new ways
| of connecting, new ways of securing, reliability, etc. There
| are a couple announcements coming soon I don't want to spoil.
| We've been a quiet crew for a while!
|
| On the recruiting side, we've got tons of openings in product
| engineering (junior, senior, management, PMs) and across the
| rest of the company. Please don't hesitate to reach out if you
| have an interest in working with us.
| johnmarcus wrote:
| i'll need to open a pull request for
| [tolocal](https://github.com/nelsonenzo/tolocal) :). It's clunky
| because it requires node and terraform and AWS, but all your
| stuff is self hosted and can be e2e encrypted, costs almost
| nothing, can be used with real domain names, etc. I would like to
| make it all JS at some point (the actual terraform is minimal),
| but it's hard to see why when Cloudflare Tunnel is a thing now.
| systemvoltage wrote:
| We use Cloudflare Tunnels. It is the easiest and has an excellent
| client (open source under Apache license).
| anderspitman wrote:
| Cloudflare Tunnel is what I (maintainer of OP list) currently
| recommend for most people. It's an excellent free service. Main
| downsides are:
|
| * You can't do end-to-end encryption, ie Cloudflare terminates
| TLS for all requests and can see your data.
|
| * Cloudflare's ToS specifically says you can only use the free
| tier for HTML websites. Anything else (ie video streaming,
| photo albums, etc) is technically grounds for suspension,
| although that seems to be rare in practice.
|
| * Not open source. You can't self-host the server. (EDIT:
| Client is Apache licensed now) Client source code is available
| but not FOSS.
| systemvoltage wrote:
| > Client source code is available but not FOSS.
|
| They recently changed that, may be I am missing something?: h
| ttps://github.com/cloudflare/cloudflared/blob/master/LICENS..
| .
| anderspitman wrote:
| Ah you're right. I forget they said[0] a couple weeks ago
| that they would be changing that. Great news!
|
| [0]: https://news.ycombinator.com/item?id=30285051
| qbasic_forever wrote:
| Tor/onion hidden services are under-appreciated here and a good
| fit for potentially replacing ngrok:
| https://community.torproject.org/onion-services/setup/
|
| You need to run a tor daemon on the server side and then a tor
| browser or tor on the client side, but other than that there is
| no other setup or intermediary service/server necessary. This
| solves a lot of pain that many ngrok alternatives still require
| you to run (or pay for using) some central hub server, have a
| public IP & DNS, etc.
| anderspitman wrote:
| I've been meaning to add Tor to the list. PRs welcome.
| madacol wrote:
| I made a little write up on how to setup onion services for
| ssh https://github.com/madacol/knowledge/blob/master/Ssh%20se
| rve...
|
| Just follow the first part, and change the port to whatever
| you are using
|
| You always need a compatible client on the other side
| tomjen3 wrote:
| A simple alternative: I have a new asus router with built in
| support for their DynDNS clone. I can then buy a cheap domain,
| cname it to the asus domain and have Caddy proxy forward a
| subdomain to my laptop.
|
| It will be lots cheaper per month than Ngrok, of course, but it
| will take more setup.
| anderspitman wrote:
| This will work as long as your laptop stays on that network,
| and as long as you don't mind your IP address being public.
| jwr wrote:
| I really like ngrok, but I keep bumping into a limitation: if I
| leave a development tunnel open from one machine, there is no way
| to shut it down remotely and open it elsewhere.
|
| I am hoping this will be added one day, because it blocked me a
| number of times already.
| anderspitman wrote:
| Maintainer of the list here. Take a look at my boringproxy
| project. Once you have the clients running on each machine, all
| the tunnels can be managed through a web UI on the server. With
| a little elbow grease[0], you can also SSH into any of the
| clients (as long as they have sshd running).
|
| [0]: https://forum.indiebits.io/t/how-to-forward-ssh-port-
| example...
| erikschoster wrote:
| That would be a handy thing to do. A workaround could be to
| have a raspberry pi or similar as your ssh access point to a
| local network via ngrok, with your main ngrok service running
| on another machine on the local network in screen or tmux. Then
| just ssh into the raspberry pi, connect to the machine running
| the main ngrok service, drop into the session and reconfigure
| as you like?
| itsananderson wrote:
| I feel like half of Ngrok's value prop is being undervalued here.
| Namely the fact that it captures requests for inspection and
| replay. That feature is an absolute game-changer for developing
| things like Webhooks.
|
| First, it lets you easily see what the Webhooks payload looks
| like in real life. Second, it lets you hit your endpoint
| repeatedly with the same payload (while iterating on your code),
| without having to trigger the 3rd party event again.
| anderspitman wrote:
| That is a great feature, but a dev-centric one. If your focus
| is instead on self-hosting from behind a NAT, things like end-
| to-end encryption become more important. There are always
| tradeoffs.
| francislavoie wrote:
| Ngrok isn't the only one of those that do that though. It's not
| a unique feature. Hence why there's alternatives listed.
| ChicagoBoy11 wrote:
| I have to say ngrok was one of the services I've used in life
| that truly made me go "ohh holy shit." This was several years
| ago, but it was such a pain point sharing local dev things with
| other folks, and this made it absolutely so trivial. It felt a
| bit like when I used prettier for the first time in my code --
| instantly I knew I couldn't live without having it in my life. I
| hope him/they are making good money from the project!
| granshaw wrote:
| I'm old enough to remember a time where carrier grade NAT
| wasn't freaking everywhere and everyone actually had a static
| dedicated IP address
|
| You could start a multiplayer game of StarCraft just by putting
| in your friends IP. It was wonderful and how the internet was
| meant to be
| patricklorio wrote:
| I'll need to make a PR to add https://playit.gg :). Been working
| on it for the past two years. Offers UDP support, ability to
| tunnel a range of ports, and provides a fixed IP and port. I
| recently purchased a /24 and moved the entire service to an
| anycast network. An entire datacenter can go down and connections
| will keep going .
| anderspitman wrote:
| UDP and Anycast are great features. Can you tunnel anything or
| just game servers?
|
| Also, I would love to hear about your experience buying a /24
| if you've written about it somewhere.
___________________________________________________________________
(page generated 2022-02-23 23:00 UTC)