Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse tunnelling

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Proxy Tunnel HTTP Nat Go

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • hookdeck-cli

    Manage your Hookdeck workspaces, connections, transformations, filters, and more with the Hookdeck CLI

    • Might I recommend Hookdeck as well?

    https://hookdeck.com/

    Very very useful for handling webhooks and making working with them including locally a pleasure.

  • Caddy

    Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • frp

    A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

  • rathole

    A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.

    • I used Oracle free tier VPS and threw Rathole on it. I haven't noticed any latency or performance issues.

    https://github.com/rapiz1/rathole

  • sish

    HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.

    • I made sish [0] so this could be done for myself and friends automatically. It’s a binary written in Go that implements the SSH protocol and allows TCP forwards, HTTP(S) w/ built in requesting of certs from LE (including for custom domains) forwards, aliases (tunnels kept local to the daemon that does not bind a port) forwards, and TLS forwards using SNI for routing.

    sish implements a web front end for inspecting web traffic on tunnels as well, albeit not as nice as Ngrok :)

    [0] https://github.com/antoniomika/sish

  • tcpproxy

    Proxy TCP connections based on static rules, HTTP Host headers, and SNI server names (Go package or binary)

    • Not sure if it has a name, but I've seen it called "reverse dialing": https://github.com/inetaf/tcpproxy/issues/8

  • henk

    A ~100 line reverse proxy daemon with OpenSSH as client.

    • I also built something similar once when I needed something like ngrok but wanted to use open source:

    https://github.com/tweedegolf/henk

    It has a very similar approach, but uses about a hundred lines of Go instead of nginx. It's based on unix sockets created by SSH reverse tunneling, whose names are used to select the desired subdomain. This makes it possible to add more reverse proxies with just an ssh command, without changing anything on the server. It's also small enough that it's easy to add custom logic such as request logging.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts