Security News
New Proposed CISA Mandate Would Require Critical Infrastructure to Report Ransom Payments Within 24 Hours
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
@expo/ngrok
Advanced tools
node wrapper for ngrok
Weekly downloads
Readme
Ngrok exposes your localhost to the web. https://ngrok.com/
var ngrok = require('ngrok');
ngrok.connect(function (err, url) {});
or
npm install ngrok -g
ngrok http 8080
You can create basic http-https-tcp tunnel without authtoken. For custom subdomains and more you should obtain authtoken by signing up at ngrok.com. Once you set it, it's stored in ngrok config and used for all tunnels. Few ways:
ngrok.authtoken(token, function(err, token) {});
ngrok.connect({authtoken: token, ...}, function (err, url) {});
ngrok authtoken <token>
var ngrok = require('ngrok');
ngrok.connect(function (err, url) {}); // https://757c1652.ngrok.io -> http://localhost:80
ngrok.connect(9090, function (err, url) {}); // https://757c1652.ngrok.io -> http://localhost:9090
ngrok.connect({proto: 'tcp', addr: 22}, function (err, url) {}); // tcp://0.tcp.ngrok.io:48590
ngrok.connect(opts, function(err, url) {});
ngrok.connect({
proto: 'http', // http|tcp|tls
addr: 8080, // port or network address
auth: 'user:pwd', // http basic authentication for tunnel
subdomain: 'alex', // reserved tunnel name https://alex.ngrok.io
authtoken: '12345', // your authtoken from ngrok.com
region: 'us' // one of ngrok regions (us, eu, au, ap), defaults to us
}, function (err, url) {});
Other options: name, inspect, host_header, bind_tls, hostname, crt, key, client_cas, remote_addr
- read here
Note on regions: region used in first tunnel will be used for all next tunnels too.
The ngrok and all tunnels will be killed when node process is done. To stop the tunnels use
ngrok.disconnect(url); // stops one
ngrok.disconnect(); // stops all
ngrok.kill(); // kills ngrok process
Note on http tunnels: by default bind_tls is true, so whenever you use http proto two tunnels are created - http and https. If you disconnect https tunnel, http tunnel remains open. You might want to close them both by passing http-version url, or simply by disconnecting all in one go ngrok.disconnect()
.
Also you can use ngrok as an event emitter, it fires "connect", "disconnect" and "error" events
ngrok.once('connect', function (url) {};
ngrok.connect(port);
You can use ngrok's configurations files, then just pass name
option when making a tunnel. Configuration files allow to specify more options, eg ngrok region you want to use.
OS X /Users/example/.ngrok2/ngrok.yml
Linux /home/example/.ngrok2/ngrok.yml
Windows C:\Users\example\.ngrok2\ngrok.yml
When tunnel is established you can use the ngrok interface http://127.0.0.1:4040 to inspect the webhooks done via ngrok.
To get a handle to the spawned ngrok process use
ngrok.process(); // returns ChildProcess
npm install downloads ngrok binaries for you platform and puts them into bin folder. You can host binaries yourself and set NGROK_CDN_URL env var before installing ngrok. Or you can force specific arch by setting NGROK_ARCH, eg NGROK_ARCH=freebsdia32
First time you create tunnel ngrok process is spawned and runs until you disconnect or when parent process killed. All further tunnels are created or stopped by using internal ngrok api which usually runs on http://127.0.0.1:4040
Please run git update-index --assume-unchanged bin/ngrok
to not override ngrok stub in your pr. Unfortunately it can't be gitignored.
FAQs
node wrapper for ngrok
The npm package @expo/ngrok receives a total of 17,549 weekly downloads. As such, @expo/ngrok popularity was classified as popular.
We found that @expo/ngrok demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 24 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
Security News
Redis is no longer OSS, breaking its explicit commitment to remain under the BSD 3-Clause License forever. This has angered contributors who are now working to fork the software.
Product
Socket AI now enables 'AI detected potential malware' alerts by default, ensuring users benefit from AI-powered state-of-the-art malware detection without needing to opt-in.