新版frp-0.61.0 实现泛解析域名穿透 以及 https启用
需要在公网服务器的域名解析平台 泛域名 *.aa.com 解析到frp 公网服务器的ip x.x.x.x
对于frpc.toml 文件的 serverAddr 绑定的ip 需要公网服务器放行 bindPort 对于的端口
frpc.toml serverPort 对于的的是 frps.toml bindPort 端口
frps.toml
bindPort = 7000
vhostHTTPPort = 80
vhostHTTPSPort = 443frppath="/data/frp/frp_0.61.0_linux_amd64"
port=7000
fprsStart(){
if [ -d ${frppath} ];
then
echo ""
else
echo "${frppath}目录不存在"
exit
fi
echo "进入${frppath}目录"
cd ${frppath}
nohup ./frps -c ./frps.toml > frps.log 2>&1 &
exit
}
fprsStop(){
#根据端口号查询对应的pid
pid=$(netstat -nlp | grep :$port | awk '{print $7}' | awk -F"/" '{ print $1 }');
#杀掉对应的进程,如果pid不存在,则不执行
if [ -n "$pid" ]
then
kill -9 $pid;
echo "${port}端口对应的进程号${pid}被杀死"
else
echo "${port}端口未启动"
fi
}
frpReStart(){
fprsStop
sleep 2s
fprsStart
}
commport(){
#根据端口号查询对应的pid
pid=$(netstat -nlp | grep :$port | awk '{print $7}' | awk -F"/" '{ print $1 }');
#杀掉对应的进程,如果pid不存在,则不执行
if [ -n "$pid" ]
then
echo "${port}端口对应的进程号${pid}"
else
echo "${port}端口未启动"
fi
}
sele(){
commport
}
helpTxt(){
echo "-----------------------------"
echo " start 启动frps "
echo " stop 关闭frps "
echo " restart 重启frps "
# echo " 2 启动frpc "
# echo " 3 关闭frpc "
echo " sele 端口运行情况 "
# echo " exit 退出 "
echo "-----------------------------"
}
case "$1" in
"start")
fprsStart
;;
"stop")
fprsStop
;;
"restart")
frpReStart
;;
"sele")
sele
;;
*)
helpTxt
;;
esac内网机器的nginx配置ssl证书,至于ssl证书自己去搞,宝塔获取也好,免费的也好,很好弄的
server {
# 服务器端口使用443,开启ssl, 这里ssl就是上面安装的ssl模块
listen 443 ssl;
# 域名,多个以空格分开
server_name *.aa.com;
# ssl证书地址
ssl_certificate /usr/local/nginx/cert/ssl.pem; # pem文件的路径
ssl_certificate_key /usr/local/nginx/cert/ssl.key; # key文件的路径
# ssl验证相关配置
ssl_session_timeout 5m; #缓存有效期
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
location / {
root html;
index index.html index.htm;
}
}https 最重要的是
[[proxies]]
name = "nginx"
type = "https"
localIP = "192.168.1.33"
localPort = 443
customDomains = ["*.aa.com"]frpc.toml
serverAddr = "x.x.x.x"
serverPort = 7000
webServer.addr = "0.0.0.0"
webServer.port = 7000
webServer.user = "admin"
webServer.password = "admin"
[[proxies]]
name = "web"
type = "http"
localIP = "192.168.1.34"
localPort = 9100
customDomains = ["mqtt.aa.com"]
[[proxies]]
name = "mqtt"
type = "tcp"
localIP = "192.168.1.33"
localPort = 1883
remotePort = 1883
[[proxies]]
name = "nginx"
type = "https"
localIP = "192.168.1.33"
localPort = 443
customDomains = ["*.aa.com"]
frppath="/data/frp/frp_0.61.0_linux_amd64"
port=7000
fprsStart(){
if [ -d ${frppath} ];
then
echo ""
else
echo "${frppath}目录不存在"
exit
fi
echo "进入${frppath}目录"
cd ${frppath}
nohup ./frpc -c ./frpc.toml > frpc.log 2>&1 &
exit
}
fprsStop(){
#根据端口号查询对应的pid
pid=$(netstat -nlp | grep :$port | awk '{print $7}' | awk -F"/" '{ print $1 }');
#杀掉对应的进程,如果pid不存在,则不执行
if [ -n "$pid" ]
then
kill -9 $pid;
echo "${port}端口对应的进程号${pid}被杀死"
else
echo "${port}端口未启动"
fi
}
frpReStart(){
fprsStop
sleep 2s
fprsStart
}
commport(){
#根据端口号查询对应的pid
pid=$(netstat -nlp | grep :$port | awk '{print $7}' | awk -F"/" '{ print $1 }');
#杀掉对应的进程,如果pid不存在,则不执行
if [ -n "$pid" ]
then
echo "${port}端口对应的进程号${pid}"
else
echo "${port}端口未启动"
fi
}
sele(){
commport
}
helpTxt(){
echo "-----------------------------"
echo " start 启动frps "
echo " stop 关闭frps "
echo " restart 重启frps "
# echo " 2 启动frpc "
# echo " 3 关闭frpc "
echo " sele 端口运行情况 "
# echo " exit 退出 "
echo "-----------------------------"
}
case "$1" in
"start")
fprsStart
;;
"stop")
fprsStop
;;
"restart")
frpReStart
;;
"sele")
sele
;;
*)
helpTxt
;;
esac
# while :
# do
# #键盘录入数据
# helpTxt
# echo "请输入指令"
# read meath
# case ${meath} in
# "0")
# fprsStart exit
# ;;
# "1")
# fprsStop exit
# ;;
# "4")
# sele exit
# ;;
# "5")
# helpTxt exit
# ;;
# "exit")
# echo "程序结束!"
# break
# ;;
# *)
# echo "你输入的是'${meath}'不在范围内"
# continue
# ;;
# esac
# done
# #键盘录入数据
# read meath
# case "$meath" in
# "0")
# fprsStart exit
# ;;
# "1")
# fprsStop exit
# ;;
# "4")
# sele exit
# ;;
# "5")
# helpTxt exit
# ;;
# *) helpTxt exit
# ;;
# esac