Skip to content

8. HOWTO : Expose Personal Blog Running in Home to Internet by ZTM

CaiShu edited this page Oct 8, 2024 · 4 revisions

This article demonstrates the following scenario: I am running a personal blog (wordpress) on my Raspberry Pi ubuntu at home and would like to be able to provide access to it using a fixed domain name. With the help of ZTM running on public cloud hosting, this can be achieved quickly and inexpensively. Users can use aws ultra-low-cost (or even free) t2.nano hosting. In this example, we continue to use ZTM AMI to create cloud hosting, in the lowest cost case can realize the low cost of 1 cent / hour. The configuration process is as follows:

  1. Creating a Cloud Host using ZTM AMI

When creating EC2, select the “ZTM” AMI.

Select “ZTM” AMI when creating EC2

1

Select “ZTM” AMI

2

The ZTM Hub service will be started automatically after the EC2 is created, check it and make a note of the contents of the generated permit file:

ubuntu@ip-172-31-18-226:~$ sudo systemctl status ztm-hub
● ztm-hub.service - ztm hub service
     Loaded: loaded (/etc/systemd/system/ztm-hub.service; enabled; preset: enabled)
     Active: active (running) since Sat 2024-08-03 07:35:07 UTC; 52s ago
   Main PID: 604 (start.sh)
      Tasks: 7 (limit: 1078)
     Memory: 106.0M (peak: 120.4M)
        CPU: 1.074s 1.074s
     CGroup. /system.slice/ztm-hub.service
             ├─604 /bin/bash /etc/ztm/start.sh
             ├─610 /usr/local/bin/ztm run hub --listen 0.0.0.0:8888 --names 54.176.162.150:443 --data /root/.ztm --permit /root/.ztm/ztm-permit.json
             └─852 /usr/local/bin/ztm --pipy repo://ztm/hub --args --data /root/.ztm --listen 0.0.0.0:443

Aug 03 07:35:07 ip-172-31-18-226 systemd[1]. Started ztm-hub.service - ztm hub service.
ubuntu@ip-172-31-18-226:~$ sudo cat /root/.ztm/ztm-permit.json
{"ca":"-----BEGIN CERTIFICATE-----\nMIICoTCCAYkCFGDGJqaG9LQLsbgrbMnGVDpLk+ANMA0GCSqGSIb3DQEBCwUAMA0x\nCzAJBgNVBAMMAmNhMB4XDTI0MDgwMzA3MzUxMFoXDTI1MDgwMzA3MzUxMFowDTEL\nMAkGA1UEAwwCY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMfC6R\nq+Q0IhKuC/dkv+8dPFz2I5E3adsJAftkqYIFrWFxdnkxQB3YFy84UJZ1PZ+LoZWR\n7GSPSBY+8+Ql4+n0E+MNzWqrgY0h86hiV7+FrJ0osTqkmomHDkHIwQnvH6x3ML4a\nfeV8JQY5n2YE3SGw760VAimu2PQ0YsOo7xZJDCKTBm4qD6cSkicHwVQOxvG7ASuI\nzI/N63psqWWdVeWoCTLdhYskgzeRohBSRC1Pc10PTSu9L2IJYtXUP32Z+MmxrK4M\nHGdt2CpjYpmqkAyC7TTgZ61ublBBSq78pZqclCxSd4eiT6JA4tSeF9alCFWZ7Oly\nNna5DkSW/MPKN+BJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAC/vciw3rnNff4yd\nd72SrWPaqo5jM3Ar0Qz0XK4D1h4eYzbP/075MGV29scffX0+Gdw40zvQnWIgDQYW\n1xVqEafcMwwiICrRV//ABXHJMQ4vglbvHOAOUo2wGu6TY3WddUUNNOAFneAEZsEF\nE+Ka9yeDsccx1IrPUBfd/osSOcclEkowhYi0EObF0KH6QVk4ahZJ61q6it8+Pmwp\nFS0hjUTmRqKbIGfey+vmglNknsMXtVkdwd8t7KKmMhaaIdHrJGkMGdGZ8MnhXtYu\nmuvxO9vnhycn2IYUdDp1wqtIXj4ciFJ7ONEF80RCk8VQf+ELFx8IsCPz2sOommvD\npQizvaY=\n-----END CERTIFICATE-----\n","agent":{"certificate":"-----BEGIN CERTIFICATE-----\nMIICozCCAYsCFF8n8ofRHRqz1+DyNhYWNGPM9lezMA0GCSqGSIb3DQEBCwUAMA0x\nCzAJBgNVBAMMAmNhMB4XDTI0MDgwMzA3MzUxMFoXDTI1MDgwMzA3MzUxMFowDzEN\nMAsGA1UEAwwEcm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKs2\nyCkx9Aj8Abop9mpcb0mrV1p2dMwUIaCg1jhiOGI8VkaYgx1JhJ8LDlwrWz7ohnjV\n2ezX/D8neCNueC8rOpiHtcHNabYgoRGkCvfL3uusKJaqwm5pHi0NqHtH2/ylrd1g\nRyXoPDxx/3hUfjIgzPoxJYfwAuffI2OVUf7eGdFO67eSvmJsZFMxb1HYv/qOyT7p\nT17M+LBi0ESuS187zR4ceykuiRRskZmbJ31MnabpEALrBId8CGK02yfrCIbRB+0j\n1sGEWwp/j2AAUjStltNMThwIfolpEa6j+Cmuvnu+Uq6F4wv2+uBWvi8/GkQIDl6l\nvToivuBHj3zuh6MG3h8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnDzsu9HNCdGk\nu8lQjYnviCaa1JuhZIA5swDXBtBNWr0XTSt/v9AYMD+l0uaqCMOyPaJJcg/PGMYa\n2P2oUcCc0IcLhZVs+TYeyttsk8yAMHHbaa1/rdSfu92s22NeHgizu9RQ/qivJYBj\nC9QwujZp9HPu0ApchNaEEhrE5gWjpqShvfwKR7Ul78aiGmvFTnkSjFIgPKuDZn/E\nbu7r6lDnImrSiNfp/7clqxlJjDxBHLozUNoK2OPVgicXWLvlVMoXDlYLBiGzkOd8\n+wC+B7CKAQWQhudqK5xPbowBuJgKu2S8jPK2mR8Pf6reNv64nDb8qNmDzYHwF/0g\nerwkbkYgHw==\n-----END CERTIFICATE-----\n","privateKey":"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrNsgpMfQI/AG6\nKfZqXG9Jq1dadnTMFCGgoNY4YjhiPFZGmIMdSYSfCw5cK1s+6IZ41dns1/w/J3gj\nbngvKzqYh7XBzWm2IKERpAr3y97rrCiWqsJuaR4tDah7R9v8pa3dYEcl6Dw8cf94\nVH4yIMz6MSWH8ALn3yNjlVH+3hnRTuu3kr5ibGRTMW9R2L/6jsk+6U9ezPiwYtBE\nrktfO80eHHspLokUbJGZmyd9TJ2m6RAC6wSHfAhitNsn6wiG0QftI9bBhFsKf49g\nAFI0rZbTTE4cCH6JaRGuo/gprr57vlKuheML9vrgVr4vPxpECA5epb06Ir7gR498\n7oejBt4fAgMBAAECggEADXOfZEUtdCtAg3zahF7Ay5vvoAbghEwsnC8mxYVKAsXU\nzXUcEAf/qHM47Jrnb1jbf9Dlb0tE4T1bngUG4kXWM7et2w0leg60OOuXhQJ6gC+l\nfLjrz7roiQeirhTmPsJRl6wBywOk/+bA+JZC1/Nlx15nIXgE8mzAnglUSN7wTlZw\n8dm0cUVugetZaythD8APSWDYD420NFNXZszyUZjYq4nKzX17bKnWVSwjfHdTLUDM\nZWZc3PltFd8SfDkfW21QOqQW3qMhGu+liLmJwGi0EVdqfoZa12NbUkZ4/rO1Pijp\nI06BGitpCoajs/PYCr6QPz8kg37t6pDArhXgGMB1UQKBgQDoJdo+vnXn0rIzKA0B\nITzGUW9wJzKEtaiTuk5GHzCOQiG5Vdd0qea23yySiuqPMiEnMTb79+XFrb4AOXU3\nWdj3+njpPvdfD20b2a1RFCn+oD5Jk3D0rr0tfKsyztgWuOHPIzB3aFcc8y+DadSr\nVjTElLKtF+c0K52R3mVhRwI82QKBgQC8zjIYYGbcZComaRjyWcliKpLPCfk6dCmR\nzO5CRv8NHy0BZr2z58zaOweuhY8RwjGUFtLlPntcJd3ttdm44sF9FQHcH0NdOgck\nTgoX80wig4ZYKa/h3lc8Q8f71mdJ8vss39Kww5FjbGYDNM63MLdY0DHRzgmN6a4n\no63Ignj3twKBgQCeZ83PCIlNoWCFNawB/FsK++Bth+GZ2pboDrWAdaHdQFTgsSlu\nasyKNiik6fN5uHwU0Skyr4ny5EYEwzAvj7hUJW5Bwfxrugv6eAMikv7AxzkZXWkz\nHNTrZ+ktpySeBJPYkqtsnx7qGyptolZCf3VMOibdo7TYzXYcZcOJqDlnqQKBgFll\nrJScOLgL+WU8iCJgXxlLHT5I86g4zmIJzZq2MRfOdinest4XWIjQQH/jH24CLCV5\ndRw0rIZiK6XdYBzJyWHna30FlIj06+LFzMOwYJFLA3aFLpFdDKMtWOimiTubgFCs\nHf+yagnQjrDf9S0KNRYpZh14WE/IoLyGJMf29z4bAoGBAOfSIxFKaVRzJXNvB1II\nbo33tJ2UFde7/V+g0DEE6jvpFKbDrGGfJUXjEBelzs7dIuitjwNhrYD7DlOVHbS6\nlhxGSatTs3o1PuPz5pZU4M/5FOAZGOeB/U/fLTVWg0nOc1vk6tZ90zUjQvMSPUEB\nwIYCvQyAKpZvkIR4tLgKXT0h\n-----END PRIVATE KEY-----\n"},"bootstraps":["54.176.162.150:443"]}
  1. Start the ZTM Agent on the cloud host

When using the 'ztm tunnel' AMI, AMI will automatically Start ZTM Agent and join it to ZTM Hub:

ubuntu@ip-172-31-18-226:~$ systemctl status ztm-hub
● ztm-hub.service - ztm hub service
     Loaded: loaded (/etc/systemd/system/ztm-hub.service; enabled; preset: enabled)
     Active: active (running) since Mon 2024-10-07 09:44:05 UTC; 13h ago
   Main PID: 31470 (start-hub.sh)
      Tasks: 7 (limit: 4586)
     Memory: 2.3G (peak: 2.3G)
        CPU: 2min 9.886s
     CGroup: /system.slice/ztm-hub.service
             ├─31470 /bin/bash /etc/ztm/start-hub.sh
             ├─31472 /usr/local/bin/ztm run hub --listen 0.0.0.0:443 --names 54.176.162.150:443 --data /root/.ztm --permit /root/.ztm/ztm-permit>
             └─31485 /usr/local/bin/ztm --pipy repo://ztm/hub --args --data /root/.ztm --listen 0.0.0.0:443

Oct 07 09:44:05 ip-172-31-17-110 systemd[1]: Started ztm-hub.service - ztm hub service.

You can see that the agent on EC2 is connected to the hub.

  1. Running ZTM Agent at home on Raspberry Pi ubuntu

Download the ARM64 version of ZTM on your Raspberry Pi (download from the ZTM Release page at https://github.com/flomesh-io/ztm/releases/tag/v0.1.0 ) and launch it:

ubuntu@wp:~$ wget https://github.com/flomesh-io/ztm/releases/download/v0.1.0/ztm-aio-v0.1.0-generic_linux-arm64.tar.gz
Length: 10628339 (10M) [application/octet-stream]
Saving to: 'ztm-aio-v0.1.0-generic_linux-arm64.tar.gz'

ztm-aio-v0.1.0-generic_linux-arm64.tar 100%[===========================================================================>] 10.14M 48.1 MB/s in 0.2s

2024-08-03 08:11:39 (48.1 MB/s) - 'ztm-aio-v0.1.0-generic_linux-arm64.tar.gz' saved [10628339/10628339]
ubuntu@wp:~$ tar xzvf ztm-aio-v0.1.0-generic_linux-arm64.tar.gz
bin/ztm
ubuntu@wp:~$ sudo cp bin/ztm /usr/local/bin/
ubuntu@wp:~$ ztm version
ZTM.
  Version : v0.1.0
  Commit : 58e91bd4eb840a453cdd7929055ab5611bc4455a
  Date : Fri, 26 Jul 2024 14:15:04 +0800
Pipy.
  Version : 1.3.0
  Commit : e391b8da94f619b13adf9265eb42aed3cb224cf7
  Date : Fri, 26 Jul 2024 13:13:18 +0800
ubuntu@wp:~$ sudo ztm start agent
ubuntu@wp:~$ ztm join my-blog --as wordpress --permit permit.json
ubuntu@wp:~$ ztm get ep
NAME USER IP PORT STATUS
hub-local-agent root 54.176.162.150 49222 Online
wordpress (local) root 15.222.249.119 36932 Online

You can see that both the wordpress host and the Agent on EC2 are connected to the Hub.

  1. Create a ZTM tunnel between port 80 of the cloud host and the home blog host.

Execute on the EC2 host of the Hub:

ubuntu@ip-172-31-18-226:~$ ztm tunnel open in tcp/blog --listen 0.0.0.0:80
ubuntu@ip-172-31-18-226:~$ ztm ep wordpress tunnel open out tcp/blog ---target 127.0.0.1:80

This opens a tunnel from port 80 of EC2 to port 80 of Raspberry Pi.

  1. Cloud Hosting Binding Domain Name Bind your own domain name (e.g. my-blog.name) to EC2, then you can access http://my-blog.name/ to access your Wordpress blog on your Raspberry Pi.