远程服务器端

# 部署frps服务端 ## 官方文档 [frp 是什么](https://gofrp.org/zh-cn/docs/overview/) ## 实现条件 需要有公网IP的云服务器 ## frp版本 查看[frp版本发布](https://github.com/fatedier/frp/releases),获取最新版本 > frp 采用 Go 语言编写,支持跨平台,只需下载适用于您平台的二进制文件即可执行,无需额外依赖。 ## 下载Linux系统下的服务器版本frps 服务器系统是CentOS 这里下载frp的linux_amd64版本 注意修改下面的版本号和文件名 2023年10月版本: 自v0.52版本开始,配置文件为tomal格式。后续不再支持ini格式 ```js wget https://github.com/fatedier/frp/releases/download/v0.52.1/frp_0.52.1_linux_amd64.tar.gz ``` 此版本配置文件为ini格式 ```js wget https://github.com/fatedier/frp/releases/download/v0.51.3/frp_0.51.3_linux_amd64.tar.gz ``` 早期版本: ```js wget https://github.com/fatedier/frp/releases/download/v0.34.3/frp_0.34.3_linux_amd64.tar.gz ``` 如果下载时提示`Unable to establish SSL connection.`,是因为无法建立下载链接。多试几次就可以了。 # 安装frps 创建目录 ```language mkdir frp ``` 解压文件 ```language tar -zxvf frp_0.34.3_linux_amd64.tar.gz -C /root/frp/ ``` 进入frp目录(可选) ```language cd frp/frp_0.34.3_linux_amd64/ ``` # 配置frps 修改宝塔“/root/frp/”目录下的“frps.ini”配置文件(可在SSH里修改,也可手动进入目录修改) >w 注意修改`vhostHTTPPort`的值。默认是80,要改为其他值。 因为服务器的80端口,已经被其他服务占用,是无法启动frps的 ```ini [common] #服务器端监听的端口,默认是7000,可自定义 bind_port = 7000 vhost_http_port = 7600 token = password2020 dashboard_port = 7500 dashboard_user = admin dashboard_pwd = zhaoxuan ``` v0.5.2以后的配置文件是“frps.toml”,而不是“frps.ini” ```toml # A literal address or host name for IPv6 must be enclosed # in square brackets, as in "[::1]:80", "[ipv6-host]:http" or "[ipv6-host%zone]:80" # For single "bind_addr" field, no need square brackets, like "bind_addr = ::". # 服务端监听地址,默认0.0.0.0 bindAddr = "0.0.0.0" # 服务端监听端口,默认7000 bindPort = 7000 # udp port used for kcp protocol, it can be same with 'bind_port'. # if not set, kcp is disabled in frps. # 服务端监听 KCP 协议端口,默认0 kcpBindPort = 7000 # udp port used for quic protocol. # if not set, quic is disabled in frps. # 服务端监听 QUIC 协议端口 # quicBindPort = 7002 # Specify which address proxy will listen for, default value is same with bind_addr # proxy_bind_addr = "127.0.0.1" # quic protocol options # transport.quic.keepalivePeriod = 10 # transport.quic.maxIdleTimeout = 30 # transport.quic.maxIncomingStreams = 100000 # Heartbeat configure, it's not recommended to modify the default value # The default value of heartbeat_timeout is 90. Set negative value to disable it. # transport.heartbeatTimeout = 90 # Pool count in each proxy will keep no more than maxPoolCount. # 最大连接池大小 transport.maxPoolCount = 5 # If tcp stream multiplexing is used, default is true # transport.tcpMux = true # Specify keep alive interval for tcp mux. # only valid if tcpMux is true. # transport.tcpMuxKeepaliveInterval = 60 # tcpKeepalive specifies the interval between keep-alive probes for an active network connection between frpc and frps. # If negative, keep-alive probes are disabled. # transport.tcpKeepalive = 7200 # transport.tls.force specifies whether to only accept TLS-encrypted connections. By default, the value is false. tls.force = false # transport.tls.certFile = "server.crt" # transport.tls.keyFile = "server.key" # transport.tls.trustedCaFile = "ca.crt" # If you want to support virtual host, you must set the http port for listening (optional) # Note: http port and https port can be same with bind_port # HTTP 类型代理监听的端口 vhostHTTPPort = 7600 # HTTPS 类型代理监听的端口 vhostHTTPSPort = 443 # Response header timeout(seconds) for vhost http server, default is 60s # vhostHTTPTimeout = 60 # tcpmuxHTTPConnectPort specifies the port that the server listens for TCP # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP # requests on one single port. If it's not - it will listen on this value for # HTTP CONNECT requests. By default, this value is 0. # tcpmuxHTTPConnectPort = 1337 # If tcpmux_passthrough is true, frps won't do any update on traffic. # tcpmuxPassthrough = false # Configure the web server to enable the dashboard for frps. # dashboard is available only if webServer.port is set. # 启用 Dashboard 监听的配置 webServer.addr = "127.0.0.1" webServer.port = 7500 webServer.user = "admin" webServer.password = "admin" # webServer.tls.certFile = "server.crt" # webServer.tls.keyFile = "server.key" # dashboard assets directory(only for debug mode) # webServer.assetsDir = "./static" # Enable golang pprof handlers in dashboard listener. # Dashboard port must be set first # 启动 Go HTTP pprof webServer.pprofEnable = false # enablePrometheus will export prometheus metrics on webServer in /metrics api. # 是否提供 Prometheus 监控接口 enablePrometheus = true # console or real logFile path like ./frps.log # 日志文件地址 log.to = "./frps.log" # trace, debug, info, warn, error log.level = "info" log.maxDays = 3 # disable log colors when log.to is console, default is false log.disablePrintColor = false # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. detailedErrorsToClient = true # auth.method specifies what authentication method to use authenticate frpc with frps. # If "token" is specified - token will be read into login message. # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". auth.method = "token" # auth.additionalScopes specifies additional scopes to include authentication information. # Optional values are HeartBeats, NewWorkConns. # auth.additionalScopes = ["HeartBeats", "NewWorkConns"] # auth token # 鉴权使用的 token 值 auth.token = "12345678" # oidc issuer specifies the issuer to verify OIDC tokens with. auth.oidc.issuer = "" # oidc audience specifies the audience OIDC tokens should contain when validated. auth.oidc.audience = "" # oidc skipExpiryCheck specifies whether to skip checking if the OIDC token is expired. auth.oidc.skipExpiryCheck = false # oidc skipIssuerCheck specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer. auth.oidc.skipIssuerCheck = false # userConnTimeout specifies the maximum time to wait for a work connection. # userConnTimeout = 10 # Only allow frpc to bind ports you list. By default, there won't be any limit. allowPorts = [ { start = 2000, end = 3000 }, { single = 3001 }, { single = 3003 }, { start = 4000, end = 50000 } ] # Max ports can be used for each client, default value is 0 means no limit maxPortsPerClient = 0 # If subDomainHost is not empty, you can set subdomain when type is http or https in frpc's configure file # When subdomain is est, the host used by routing is test.frps.com subDomainHost = "frps.com" # custom 404 page for HTTP requests # custom404Page = "/path/to/404.html" # specify udp packet size, unit is byte. If not set, the default value is 1500. # This parameter should be same between client and server. # It affects the udp and sudp proxy. udpPacketSize = 1500 # Retention time for NAT hole punching strategy data. natholeAnalysisDataReserveHours = 168 [[httpPlugins]] name = "user-manager" addr = "127.0.0.1:9000" path = "/handler" ops = ["Login"] [[httpPlugins]] name = "port-manager" addr = "127.0.0.1:9001" path = "/handler" ops = ["NewProxy"] ``` ## 启动frps 根据配置文件的不同,用不同的命令启动服务器。 使用以下命令启动v0.5.2以后的服务器: ``` ./frps -c ./frps.toml ``` 使用以下命令启动v0.5.2以前的服务器: ```language ./frps -c ./frps.ini ``` 提示下列内容,说明开启成功 ```language 2021/01/11 16:33:50 [I] [service.go:190] frps tcp listen on 0.0.0.0:7000 2021/01/11 16:33:50 [I] [root.go:215] start frps success ``` 完整的运行日志 ```cmd [root@VM-0-7-centos ~]# tar -zxvf frp_0.34.3_linux_amd64.tar.gz -C /root/frp/ frp_0.34.3_linux_amd64/ frp_0.34.3_linux_amd64/frps frp_0.34.3_linux_amd64/frps.ini frp_0.34.3_linux_amd64/LICENSE frp_0.34.3_linux_amd64/frpc.ini frp_0.34.3_linux_amd64/frps_full.ini frp_0.34.3_linux_amd64/frpc_full.ini frp_0.34.3_linux_amd64/systemd/ frp_0.34.3_linux_amd64/systemd/frps@.service frp_0.34.3_linux_amd64/systemd/frpc@.service frp_0.34.3_linux_amd64/systemd/frpc.service frp_0.34.3_linux_amd64/systemd/frps.service frp_0.34.3_linux_amd64/frpc [root@VM-0-7-centos ~]# cd frp/frp_0.34.3_linux_amd64/ [root@VM-0-7-centos frp_0.34.3_linux_amd64]# ./frps -c ./frps.ini 2023/10/22 17:50:45 [I] [service.go:190] frps tcp listen on 0.0.0.0:7000 2023/10/22 17:50:45 [I] [service.go:232] http service listen on 0.0.0.0:7600 2023/10/22 17:50:45 [I] [service.go:289] Dashboard listen on 0.0.0.0:7500 2023/10/22 17:50:45 [I] [root.go:215] start frps success ``` 提示下列内容,说明端口被占用 ``` create vhost http listener error, listen tcp 0.0.0.0:80: bind: address already in use ``` ## 在ssh客户端编辑frps.ini文件的方法: 进入frp目录 ```language cd frp/frp_0.34.3_linux_amd64/ ``` 输入命令: ```js vi frps.ini ``` 按键盘上的i,进入编辑状态。 按esc,退出编辑状态。 在左下角点一下,输入“:wq”,按回车,即可退出编辑进入命令行。 ## 配置ECS安全组规则 腾讯云开放指定端口 ![image.png](https://cos.easydoc.net/52287695/files/lo1b5ld5.png) 阿里云开放指定端口 ![image.png](https://cos.easydoc.net/52287695/files/kjtj67jx.png) ## 放行宝塔端口 在宝塔的安全面板,放行配置中的3个端口: ![image.png](https://cos.easydoc.net/52287695/files/lo1b77el.png) ## 验证服务 在SSH命令行窗口开启的情况下 访问`服务器域名+dashboard端口` 出现登录页面,能使用配置中的账号和密码登录,说明frps服务已正常开启 ![image.png](https://cos.easydoc.net/52287695/files/lo1al3vv.png) ![image.png](https://cos.easydoc.net/52287695/files/lo1b8msq.png) > 关闭SSH窗口,frps服务则会立即关闭。 # 使用systemctl来控制frp的启动 参考教程:[systemctl教程](https://www.cnblogs.com/chenshy/p/13514248.html) ## 服务端配置 配置文件的目录,位于`/usr/lib/systemd/system` ```js sudo vi /lib/systemd/system/frps.service ``` 输入以下内容,注意修改文件的路径 ```js [Unit] Description=fraps service After=network.target network-online.target syslog.target Wants=network.target network-online.target [Service] Type=simple #启动服务的命令(此处写你的frps的实际安装目录) ExecStart=/root/frp/frp_0.34.3_linux_amd64/frps -c /root/frp/frp_0.34.3_linux_amd64/frps.ini [Install] WantedBy=multi-user.target ``` ### 重载配置文件 sudo systemctl daemon-reload ### 启动frps sudo systemctl start frps ### 打开自启动 sudo systemctl enable frps ### 重启应用 sudo systemctl restart frps ### 停止应用 sudo systemctl stop frps ### 查看应用的日志 sudo systemctl status frps ### 停止开机自启动 systemctl disable frps ## 查看frp线程 ps -aux | grep frp 完整的运行日志: ```cmd [root@VM-0-7-centos ~]# sudo systemctl daemon-reload [root@VM-0-7-centos ~]# sudo systemctl start frps [root@VM-0-7-centos ~]# sudo systemctl enable frps Created symlink from /etc/systemd/system/multi-user.target.wants/frps.service to /usr/lib/systemd/system/frps.service. [root@VM-0-7-centos ~]# sudo systemctl restart frps [root@VM-0-7-centos ~]# sudo systemctl status frps ● frps.service - fraps service Loaded: loaded (/usr/lib/systemd/system/frps.service; enabled; vendor preset: disabled) Active: active (running) since Sun 2023-10-22 18:04:11 CST; 15s ago Main PID: 28636 (frps) CGroup: /system.slice/frps.service └─28636 /root/frp/frp_0.34.3_linux_amd64/frps -c /root/frp/frp_0.34.3_linux_amd64/frps.ini Oct 22 18:04:11 VM-0-7-centos systemd[1]: Started fraps service. Oct 22 18:04:11 VM-0-7-centos frps[28636]: 2023/10/22 18:04:11 [I] [service.go:190] frps tcp listen on 0.0.0.0:7000 Oct 22 18:04:11 VM-0-7-centos frps[28636]: 2023/10/22 18:04:11 [I] [service.go:232] http service listen on 0.0.0.0:7600 Oct 22 18:04:11 VM-0-7-centos frps[28636]: 2023/10/22 18:04:11 [I] [service.go:289] Dashboard listen on 0.0.0.0:7500 Oct 22 18:04:11 VM-0-7-centos frps[28636]: 2023/10/22 18:04:11 [I] [root.go:215] start frps success Oct 22 18:04:18 VM-0-7-centos frps[28636]: 2023/10/22 18:04:18 [I] [dashboard_api.go:65] Http request: [/api/serverinfo] Oct 22 18:04:18 VM-0-7-centos frps[28636]: 2023/10/22 18:04:18 [I] [dashboard_api.go:58] Http response [/api/serverinfo]: code [200] [root@VM-0-7-centos ~]# ps -aux | grep frp root 28636 0.2 0.2 717300 18372 ? Ssl 18:04 0:00 /root/frp/frp_0.34.3_linux_amd64/frps -c /root/frp/frp_0.34.3_linux_amd64/frps.ini root 29071 0.0 0.0 9092 672 pts/0 S+ 18:04 0:00 grep frp [root@VM-0-7-centos ~]# ``` # 其他内网穿透工具 https://natapp.cn/
上一篇 添加网站
nextDoc 树莓派本地端
本文档使用易文档编写, 更新时间: 2023-11-23 15:49