1, Environment

1. ECS (lightweight application server)
2. Heiqunhui DSM 6.2-23739
3. frp version 0.38.0

2, ECS frps configuration

1. The ECS uses Tencent cloud. It's slow to download GitHub directly with wget, and it's still stuck in the end. First download it and copy it to the server. FinalShell is recommended here. It comes with file management. It's too friendly for novices. It's very convenient to transfer files (of course, it's OK to use WinSCP, but you need to open another software). You don't need vi/vim anymore. Edit it on your own computer, pull it in, or change it directly in the software.
   wget https://github.com/fatedier/frp/releases
   
   Unzip the downloaded file and transfer it directly to / usr/local.
   Of course, the command line can also be decompressed to the specified directory
   tar -xvf frp_0.38.0_linux_amd64.tar.gz -C /usr/local
2. Configure service file FRP service

[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=simple
ExecStart=/usr/local/frp/frps -c /usr/local/frp/frps.ini
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
StandardOutput=syslog
StandardError=inherit

[Install]
WantedBy=multi-user.target

Where execstart = / usr / local / FRP / FRPs - C / usr / local / FRP / FRPs Ini to the corresponding file address.

1. Put the file FRP Place the service in the specified location
   /usr/lib/systemd/system/frp.service

2. Reload the configuration file for the service
   systemctl daemon-reload

3. Start / stop / restart, check the status, and set the startup auto start / off startup auto start

systemctl start frp
systemctl stop frp
systemctl restart frp
systemctl status frp
systemctl enable frp
systemctl disable frp

1. Server FRPs Ini configuration

[common]
bind_port = 10001         # Listening port. The client configures the corresponding port
vhost_http_port = 8080    # When the client configuration type is http, use this port to access
vhost_https_port = 8080   # When the client configuration type is https, use this port to access
token = csdn              # Authentication token. The client configures the corresponding token

dashboard_port = 10000    # The frp console looks more intuitive. It is recommended to open it
dashboard_user = csdn
dashboard_pwd = csdn      # User name and password of dashboard
log_file = ./frps.log     # Log file record location
log_level = info          # log level
log_max_days = 3          # Log days

3, Qunhui docker configuration frpc

1. The docker registry searches frp. The previous tutorial basically used oldiy, which has not been updated for a long time. The red box is the latest version 0.38.0.
   
2. Configure FRPC Ini. The path here is my new folder docker/frp.

[common]
server_addr = 124.1.1.1       #External network of Tencent cloud server
server_port = 10001           #Listening port configured by the server
token = csdn                  
[nas]
type = http                   #http mode, a tcp mode will be introduced below
local_ip = 192.168.199.199    #ip used by Qunhui in Intranet
local_port = 5000             #Local port

custom_domains = 124.1.1.1   #Domain name, no domain name configuration server ip

# This configuration is the same as FRPs Vhost configured in ini_ http_ Port. 124.1.1.1:8080 is used for access

1. In order to better understand the configuration of two ini files, the following example shows another WEB access method, using tcp

[common]
server_addr = 124.1.1.1       #External network of Tencent cloud server
server_port = 10001           #Listening port configured by the server
token = csdn                  
[nas]
type = tcp                    #tcp mode
local_ip = 192.168.199.199    #ip used by Qunhui in Intranet
local_port = 5000             #Local port
remote_port = 9991            #The remote port is also an external network access port

custom_domains = 124.1.1.1   #Domain name, no domain name configuration server ip

# This configuration is the same as FRPs Vhost configured in ini_ http_ Port is irrelevant. 124.1.1.1:9991 is used for access

1. Go to [image] to start, check [use high permission execution container] and enter [advanced settings].
2. In [storage space], [add file], select the newly configured FRPC Ini, the loading path is configured as shown in the figure, / etc / FRP / FRPC ini.
   
3. Check [use the same network as Docker Host] in [network]
4. After starting the container, you can see this client in the console dashboard just configured according to the HTTP or TCP options just configured. So far, you can use frp to realize intranet penetration.
   

reference resources

https://gofrp.org/
https://zhuanlan.zhihu.com/p/129076009
https://post.smzdm.com/p/aoowo2kn/