Skip to content

Instantly share code, notes, and snippets.

@MRGRD56

MRGRD56/Expose-Port.ps1

Last active November 8, 2023 06:44
Show Gist options
  • Save MRGRD56/49543c3fa91ee1d9da27ff7037f02030 to your computer and use it in GitHub Desktop.
Save MRGRD56/49543c3fa91ee1d9da27ff7037f02030 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up frp client & server with nginx for HTTPS forwarding
Raw
Expose-Port.ps1
function Expose-Port {
param (
[Parameter(Mandatory=$true)]
[switch]$Http,
[Parameter(Mandatory=$true)]
[int]$Port,
[string]$IP,
[string]$Subdomain
)
if (-not $IP) {
$IP = "127.0.0.1"
}
# Если Subdomain не указан, используем значение Port в качестве Subdomain
if (-not $Subdomain) {
$Subdomain = $Port.ToString()
}
# Установка переменных среды
$env:FRPC_NAME = "http-${Subdomain}"
$env:FRPC_TYPE = "http"
$env:FRPC_IP = $IP
$env:FRPC_PORT = $Port
$env:FRPC_SUBDOMAIN = $Subdomain
Write-Host ""
Write-Host -ForegroundColor green "Exposing ${IP}:${Port} to ${Subdomain}.tun.mrgrd56.ru"
Write-Host ""
Write-Host "Web Interface https://tun.mrgrd56.ru"
Write-Host "Forwarding http://${Subdomain}.tun.mrgrd56.ru -> http://${IP}:${Port}"
Write-Host "Forwarding https://${Subdomain}.tun.mrgrd56.ru -> http://${IP}:${Port}"
Write-Host ""
# Вызов frpc.exe с нужными параметрами
& "C:\_public\frp_0.52.3_windows_amd64\frpc.exe" -c "C:\_public\frp_0.52.3_windows_amd64\frpc.toml"
}
# Usage:
# Expose-Port -Http 9999 -Subdomain test
# Expose-Port -Http 8080
# Expose-Port -Http -Port 8080 -IP "127.0.0.2"
# Expose-Port -Http 8080 "127.0.0.2"
Raw
frpc.toml
serverAddr = "192.168.0.103"
serverPort = 7000
auth.method = "token"
auth.token = "SECRET"
[[proxies]]
name = "{{ .Envs.FRPC_NAME }}"
type = "{{ .Envs.FRPC_TYPE }}"
localIP = "{{ .Envs.FRPC_IP }}"
localPort = {{ .Envs.FRPC_PORT }}
subdomain = "{{ .Envs.FRPC_SUBDOMAIN }}"
Raw
frps.toml
bindPort = 7000
vhostHTTPPort = 9070
vhostHTTPSPort = 9071 # this doesn't seem to be necessary, HTTPS is set up in nginx
subDomainHost = "tun.mrgrd56.ru"
logFile = "/var/log/frp/frps.log"
auth.method = "token"
auth.token = "SECRET"
enablePrometheus = true
webServer.port = 7500
webServer.user = "SECRET"
webServer.password = "SECRET"
Raw
nginx.conf
server {
server_name tun.mrgrd56.ru;
listen 80;
location / {
return 301 https://$host$request_uri;
}
}
server {
server_name tun.mrgrd56.ru;
listen 443 ssl;
ssl_certificate /etc/ssl/mrgrd56.ru/a/tun.mrgrd56.ru.cert.pem;
ssl_certificate_key /etc/ssl/mrgrd56.ru/a/tun.mrgrd56.ru.key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
proxy_pass_request_headers on;
location / {
proxy_pass http://localhost:7500;
}
}
server {
server_name *.tun.mrgrd56.ru;
listen 80;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Cookie $http_cookie;
proxy_set_header Proxy-Connection "";
proxy_pass_request_headers on;
location / {
proxy_pass http://localhost:9070;
}
}
server {
server_name *.tun.mrgrd56.ru;
listen 443 ssl;
ssl_certificate /etc/ssl/mrgrd56.ru/a/tun.mrgrd56.ru.cert.pem;
ssl_certificate_key /etc/ssl/mrgrd56.ru/a/tun.mrgrd56.ru.key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Cookie $http_cookie;
proxy_set_header Proxy-Connection "";
proxy_pass_request_headers on;
location / {
proxy_ssl_server_name on;
proxy_ssl_name $host;
proxy_ssl_verify off;
proxy_pass http://localhost:9070;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment