hngopher.com

       [HN Gopher] Roll your own Ngrok with Nginx, Letsencrypt, and SSH...
       ___________________________________________________________________
        
       Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse
       tunnelling
        
       Author : lioeters
       Score  : 52 points
       Date   : 2022-04-02 20:41 UTC (2 hours ago)
        
 (HTM) web link (jerrington.me)
 (TXT) w3m dump (jerrington.me)
        
       | ugjka wrote:
       | for tunnelling better use autossh
        
         | smw wrote:
         | tailscale!
        
         | dspillett wrote:
         | Or a VPN such as wireshark or OpenVPN, though that is a little
         | extra setup usually.
         | 
         | (or one of the many public VPNs - though I'm wary of those, if
         | I want a VPN I want to set it up myself and not have my traffic
         | pass through someone else's control)
        
       | paskozdilar wrote:
       | > Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse
       | tunnelling
       | 
       | And "a server in the public cloud".
        
       | priyadarshy wrote:
       | I've used ngrok every single day for ~8 years for work and didn't
       | have the slightest clue how it worked. I'll still be paying for
       | it but I learned a lot reading this.
        
       | dashesyan wrote:
       | This doesn't duplicate one of the best features of Ngrok: the
       | local web server that lets you inspect _and replay_ recent
       | requests. This feature makes writing webhook code so much easier,
       | because if your code doesn't work right, you can inspect the
       | request, fix your code, and have Ngrok replay the request until
       | it's all working properly. That's even in the free version! And
       | the paid version is also pretty cheap, and you don't have to
       | maintain, nor pay for, a cloud instance
        
         | wussboy wrote:
         | Sometimes I feel like most of my headache is in just getting
         | that first request to hit ngrok. Then I'll replay it dozens of
         | times as I figure out the functionally.
        
       | grishka wrote:
       | The coolest thing about ngrok is that it has a request log in its
       | web UI. And, it allows replaying requests! This is extremely
       | handy for debugging webhooks without having to trigger them at
       | the source every time you change something.
        
       | mbreese wrote:
       | You can also do this with ssh and Unix sockets if you'd like to
       | not leave ports open and accessible from the proxy server. It's a
       | little more work, but both openssh and nginx support this. I'm
       | doing that on a remote server to run code server (vscode w/o the
       | MS specific code) on a multi user system. I'd rather not have my
       | code editor available for anyone else on the system. So, node is
       | getting served on a socket, and that is the forwarded to a web
       | reverse proxy.
       | 
       | There is extra authentication/authorization as part of the web
       | server itself, but it is nice that I don't have open IP ports on
       | the shared server.
       | 
       | That said, for the use case from the article, if you have a more
       | permanent setup, using something like wireguard would be more
       | robust than an ssh reverse tunnel. But the ssh tunnel is great
       | for more ephemeral connections.
        
       ___________________________________________________________________
       (page generated 2022-04-02 23:00 UTC)