Another DIY Ngrok Using Inlets and Apache

Subscribe to my newsletter and never miss my upcoming articles

Ngrok is one of the most popular tunneling tool to make your local server accessible world wide. Back in the days, I used to use it when it's the time to show my work to remote client. It's still a prototype, not even an MVP, so setting up a public domain just for this purpose was not worth it. It was fun to use, even I could use my own subdomain, such as solie.ngrok.io, but now it's a paid service to be able to use a non random subdomain.

So, I began to search (easy) alternatives, and found some. Serveo and localtunnel are both very easy to use and setup, but the issue is they are most of the time very slow, and sometimes just unusable. I move to ssh forwarding and it worked. Recently I just found inlets to create a similar service as ngrok.

If you read the quick start and the docs, you will find it uses caddy for the web server as the proxy. Of course it's good and the syntax (of caddy) is very easy to comprehend, compared to either nginx or apache. The problem is, I already have apache running on my public accessible server, serving some web sites. Well, maybe one day I will switch to caddy, but...

Ok, so here are the steps. It consists of two parts, one is in the server side, with an accessible IP or domain name, and the second is in the client, which is your laptop or PC, connected to the internet and be able to access the server mentioned before.

I assume that you are familiar with simple command line under GNU/Linux operating system for this, also apache web server is running normally.

Server Side

First, install the inlets using this one liner:

curl -sLS https://get.inlets.dev | sudo sh

It will download the correct binary inlets and move it into your /usr/local/bin. Next, make sure to enable proxy, proxy_http, and proxy_wstunnel modules in apache using this command:

sudo a2enmod proxy proxy_http proxy_wstunnel

No need to restart the apache yet. Next, add the inlets proxy redirection to the sites-enabled, for example:

<VirtualHost *:80>
    ServerName exit.example.com
    RewriteEngine on
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteRule /(.*) ws://127.0.0.1:9191/$1 [P,L]
    ProxyPass / http://127.0.0.1:9191/
    ProxyPassReverse / http://127.0.0.1:9191/
    ProxyRequests off
</VirtualHost>

Please note that you need to replace exit.example.com to your own subdomain. Here I use port 9191 as the inlets port. At this point, it's the time to run the inlets and restart the apache. I prefer to use tmux session to make a command keep on running in the server ASAP. You can also use screen other than tmux. So, here are what I run:

tmux
inlets server --port 9191 # it will run in tmux session
Ctrl-b " # split tmux screen
sudo apachectl restart

Note that I don't use token to make it easy as cake. You can test it by opening the address from browser or curl, it will show nothing, for now.

Local Side

I use Neon KDE in my laptop, so the inlets installation process is the same one liner command:

curl -sLS https://get.inlets.dev | sudo sh

If you use different operating system such as macOS, you can use brew to install it:

brew install inlets

Or, just go to the inlets github and choose a suitable binary for your local machine. Next, run inlets to connect your local application to the server above. For example you already run your app in the port 8080:

inlets client -r exit.example.com -u http://127.0.0.1:8080

And there you have it, exit.example.com is now redirected directly to your local running app.

QnA

What if I have multiple apps running, how I can map my port to subdomain? You're asking. I simply answer, "Just change the port to your other app.... Other than that, setup a new subdomain to serve another app"

What if I need SSL? Now everything needs https. Well, this is now easier. You can use certbot to get a free SSL certificate from letsencrypt.

No Comments Yet