cloudfare tunel实现内网访问
2024-09-18T08:58:09+08:00 | 2分钟阅读 | 更新于 2024-09-18T08:58:09+08:00
域名方案:自己的域名+cloudfare tunnel,自测带宽10Mbps;zeotier方案:直接安装客户端,感觉稍微有点卡,带宽感觉只有1Mbps。目前采用的前者,域名从spaceship购买,8块钱一年,要外币信用卡支付。
#服务器架构是arch linux,安装cloudfare服务端cilent
pacman -Syu cloudflared
cloudflared tunnel login
#创建tunnel,会返回一串编码,358839ac-fb31-1111-1111-011111453
cloudflared tunnel create ssh1
#配置隧道解析域名
cloudflared tunnel route dns ssh1 ssh1.aaa.com
#设置协议
vim ~/.cloudflared/config.yml
tunnel: 358839ac-fb31-1111-1111-011111453
credentials-file: /root/.cloudflared/358839ac-fb31-1111-1111-011111453.json
protocol: h2mux
ingress:
# 第一个网站,连接到本地的80端口
#- hostname: <域名1.com>
# service: http://localhost:80
# 第二个网站,https协议,连接到本地的443端口,禁用证书校验(用于自签名SSL证书)
# - hostname: <域名2.com>
# service: https://127.0.0.1:443
# originRequest:
# noTLSVerify: true
# originServerName: <域名2.com>
# 第三个网站,8012端口,泛域名
# - hostname: <*.域名3.com>
# service: http://localhost:8012
# 第四个,反代MySQL sock服务
# - hostname: <mysql.域名4.com>
# service: unix:/tmp/mysql.sock
# 第五个,反代SSH服务
- hostname: ssh1.aaa.com
service: ssh://localhost:22
- service: http_status:404
#验证协议
cloudflared tunnel ingress validate
cloudflared --loglevel debug --transport-loglevel warn --config ~/.cloudflared/config.yml tunnel run 358839ac-fb31-1111-1111-011111453
/etc/cloudflared/config.yml
systemctl start cloudflared
systemctl status cloudflared
#1.安装客户端工具,我这里是内网zerotier
brew install cloudflared
#2. -url localhost:222 的作用是转到本机器的1024端口,也可以其他端口,然后方便用任意ssh工具连接管理
cloudflared access ssh --hostname ssh1.aaa.com-url localhost:1024
