there is also this that I used instead of ngrok
I personally use Duck DNS  for main internal domains, so I can have a certificate that most tools will recognize as valid. This saves me from adding my cert in every machine that will use that service.
I use dehydrated  to get a Let's Encrypt certificate using Duck DNS. There is a good article explaining that by Andreas Gohr .
 - https://www.duckdns.org/
 - https://github.com/lukas2511/dehydrated
 - https://www.splitbrain.org/blog/2017-08/10-homeassistant_duc...
Why are they dangerous? Is that because they need to be manually added to applications, and no one bothers to do that?
Not necessarily. Google have decided that Android users can't be trusted to install their own certificates. I don't know if Apple will permit it, either.
If you absolutely need network connectivity, bring a cellular-wifi hotspot that you've already tested. Talk to the site organizer to find out what cell networks work there, and if you need to, buy a SIM in advance.
If you don't have an IT organization, you are the IT organization, so be a good one.
As someone who has hosted hack days in many countries on six continents and prides himself on providing a reliable and friendly network (including hand-on supporting IoT folks) for said events, it’s really freaking annoying when someone starts blasting their AP at ridiculous power levels for their one-off use case effectively muddying to hell the RF spectrum of the event space.
They weren't in the wrong for being prepared, but for not listening to you.
It’s the equivalent of bringing a machine gun to a shooting range and spraying bullets all around you (missing everyone, but still causing a bad time for all involved) because you don’t even know how to hold it properly.
I need to debug a test-mode stripe webhook and normal approaches have failed for whatever reason. solution: fire up a dev environemnt locally, ngrok it, add the ngrok address to the staging webhook list, profit.
There are tons of use cases.
So you will need to either configure router to open the firewall, or use a solution like this. Which pretty much like current situation -- you need to either configure router to make a NAT mapping, or use a solution like this one.
A lot of modern websites rely on websockets for push notifications so they're usually open. It works wonderfully for things like public WiFi where all traffic is sent through an HTTP proxy and everything else blocked
ssh -R 443:localhost:3000 -N my_remote-server
Obviously, you'll want some iptables on the remote end or for your local box not to have anything valuable on it, but it will let you test webhooks.
>Why do we need this project? Similar tools such as ngrok or Argo Tunnel from Cloudflare are closed-source, have limits built-in, can work out expensive and have limited support for arm/arm64. Ngrok is also often banned by corporate firewall policies meaning it can be unusable.
If this tool offers similar functionality, as soon as it becomes well-known it too will "be often banned by corporate firewall policies meaning it can be unusable".
Welcome to an arms race!
"DO NOT RUN THIS VERSION OF NGROK (1.X) IN PRODUCTION. Both the client and server are known to have serious reliability issues including memory and file descriptor leaks as well as crashes. There is also no HA story as the server is a SPOF. You are advised to run 2.0 for any production quality system."
NB I've used ngrok and think it's very useful, but it's not really open source
What is the best way to avoid this trap, short of making your prototypes purposefully buggy and incomplete?
It's basically using the same tactics as a RAT used by hackers, but used for legitimate uses.