• 创建自有证书，并编译服务端和客户端的bin文件。 编译的时候需要go环境，请参考 go环境搭建

NGROK_DOMAIN="your_domain_name"
[ ! -d /opt/ssl ] && mkdir -p /opt/ssl
cd /opt && git clone https://github.com/inconshreveable/ngrok.git
cd /opt/ssl
openssl genrsa -out base.key 2048
openssl req -new -x509 -nodes -key base.key -days 3650 -subj "/CN=${NGROK_DOMAIN}" -out base.pem
openssl genrsa -out server.key 2048
openssl req -new -key server.key -subj "/CN=${NGROK_DOMAIN}" -out server.csr
openssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 3650 -out server.crt
cp base.pem /opt/ngrok/assets/client/tls/ngrokroot.crt
cd /opt/ngrok
make release-server release-client

• ngrokd 会开一个 4443 端口用来跟客户端通讯（可通过 -tunnelAddr=”:xxx” 指定）,这儿使用的是8899

/opt/ngrok/bin/ngrokd -tlsKey=/opt/ssl/server.key -tlsCrt=/opt/ssl/server.crt -domain="your_domain_name" -httpAddr=":80" -httpsAddr=":443" -tunnelAddr=":8899"

• 客户端的一个示例配置文件(ngrok.cfg)

server_addr: "your_domain_name:8899"
trust_host_root_certs: false
tunnels:
  http:
    subdomain: "httptest"
    proto:
       http: "172.16.50.35:80"
  https:
    subdomain: "httpstest"
    proto:
      https: "172.16.50.35:443"
  ssh:
    remote_port: 12345
    proto:
      tcp: "172.16.50.35:22"

• 客户端启动，客户端bin程序从刚刚的服务端编译好的下载下来使用

/opt/ngrok/ngrok -config=/opt/ngrok/ngrok.cfg start-all