Why am I doing this?

I've been complaining: the public cloud is too expensive. A typical server costs about 150USD a month. And because I use a lot of Azure PaaS services, my current business needs to cause me to spend more than 500USD (3000 CNY) per month. In addition, the database and App Service are both costly.

This practice proves: Using Azure is very expensive!

So I've been thinking: I have a lot of junk old computers at home. If you sell the old computer, you may only get about 200USD. Using these old computers to replace some public cloud facilities, you can significantly reduce overhead.

But: directly using the old computer to deploy my online business will have a severe problem: the old computer is deployed under the home network and cannot get the public IP. Moreover, especially in China, operating your own data center requires registering a company and reviewing and filing, which processes are very complicated.

I desperately need to figure out a way to expose the ports of my old computer at home to the Internet to provide services instead of Azure.

I always thought this was not feasible and had to immigrate abroad until I discovered the FRP program.

How FRP works

The FRP website is at https://github.com/fatedier/frp. FRP is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the Internet. As of now, it supports TCP and UDP and HTTP and HTTPS protocols, where requests can be forwarded to internal services by the domain name.

Unlike any other existing solutions: FRP does not require your server to have a public IP.

After my understanding, I found that its principle is straightforward: it is divided into FRP client and FRP server. The FRP client needs to be installed on a device on your home network. Then, the FRP server must be installed on the public cloud.

When the FRP client starts, it will register its information with the FRP server. Therefore, when the FRP server receives a service request from a real user, the connection is redirected to the FRP client, the device in the home network, for processing. After the processing is completed, the result of the FRP client will be returned to the user.

The OS for FRP client and server can be different. Which means you can use FRP for Windows as client and FRP for Linux as server.

Let's get started.

Step 1 - Get a server

First, buy a Ubuntu server on any cloud provider. For example: Azure or Vultr.

After buying the server, if you only get the root account's password, finish best practice here: Linux best practice.

Step 2 - Install FRP

One key install:

sudo apt update
DEBIAN_FRONTEND=noninteractive sudo apt install wget curl jq tar -y

latestUrl=$(curl https://api.github.com/repos/fatedier/frp/releases/latest | jq -r '(.assets[] | select(.browser_download_url | contains("linux_amd64"))).browser_download_url')
echo "Latest download url is $latestUrl"
wget -O ~/frp.tar.gz $latestUrl
mkdir ~/temp
tar -zxvf ~/frp.tar.gz --directory ~/temp

frpcPath=$(find ~/temp/ -name "frpc")
frpsPath=$(find ~/temp/ -name "frps")

sudo sudo cp $frpcPath /usr/bin/
sudo sudo cp $frpsPath /usr/bin/

sudo mkdir /etc/frp
sudo touch /etc/frp/frps.ini

echo '
[common]
bind_port = 7000
token = your_strong_password@123
dashboard_port = 7500
dashboard_user = your_name
dashboard_pwd = your_another_strong_password@123
' | sudo tee -a /etc/frp/frps.ini

echo '
[Unit]
Description=Frp Server Service
After=network.target

[Service]
User=root
Type=simple
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/frps -c /etc/frp/frps.ini
LimitNOFILE=1048576

[Install]
WantedBy=multi-user.target
' | sudo tee -a /etc/systemd/system/frps.service

sudo systemctl enable frps.service
sudo systemctl start frps.service

echo "IP is:"
curl https://ifconfig.me

sudo systemctl status frps.service

Manual install

First, download frp via command:

$ wget https://github.com/fatedier/frp/releases/download/v0.41.0/frp_0.41.0_linux_amd64.tar.gz

Right here I'm using 0.41.0 as an example. You can get the latest download address here: FRP Release

Unzip it:

$ tar -zxvf ./frp_0.41.0_linux_amd64.tar.gz

Copy the frps to bin folder now:

$ sudo cp ./frp_0.41.0_linux_amd64/frps /usr/bin/

And create the configuration file:

$ sudo mkdir /etc/frp
$ sudo touch /etc/frp/frps.ini

Use your favorite editor to edit the frps.ini file. For example, you can run: sudo vim /etc/frp/frps.ini.

Use the following content to replace the frps.ini file.

[common]
bind_port = 7000
token = your_strong_password@123
dashboard_port = 7500
dashboard_user = your_name
dashboard_pwd = your_another_strong_password@123

Edit the content to use your own strong password and name!

Save the file.

Run the following command to register FRP as a service:

(sudo bash first required)

# 
echo "
[Unit]
Description=Frp Server Service
After=network.target

[Service]
User=root
Type=simple
Restart=on-failure
RestartSec=5s
ExecStart=/usr/bin/frps -c /etc/frp/frps.ini
LimitNOFILE=1048576

[Install]
WantedBy=multi-user.target
" > /etc/systemd/system/frps.service

Run the next command to test if your configuration is correct:

$ sudo /usr/bin/frps -c /etc/frp/frps.ini

You may see the following output:

And finally register the service:

$ sudo systemctl enable frps.service
$ sudo systemctl start frps.service
$ sudo systemctl status frps.service

You can save and reboot your server now.

Step 3 - Get a local home server

Now you have an FRP server with a strong password. You need to make sure you home server can successfully connect to the FRP server.

It is not required to have a public IP address for that! Your home server can be deployed after firewall or NAT.

Right here I'm using Windows Server as an example. Don't forget that you can follow some best practice about Windows Server here.

And you need to install nssm on it. Download nssm here: https://nssm.cc/

After downloading, add the path of nssm to path, or directly copy the nssm.exe to C:\Windows\system32 so you can access it from the terminal.

Step 4 - Install FRP on the home server

On your server, download the FRP client from FRP Release.

You may need to exclude the path from Windows Defender. It's possibly that it treat FRP as an virus. But no worries. As I checked, there is no bad code from the FRP distrib.

Edit the frpc.ini file with any editor.

You need to change the HTTP and HTTPS to your own service name. Right here I only used it as example.

[common]
server_addr = 1.2.3.4 (This should be your FRP Server's IP address)
server_port = 7000
token = your_strong_password@123

[HTTP]
type = tcp
local_ip = 127.0.0.1
local_port = 80
remote_port = 80

[HTTPS]
type = tcp
local_ip = 127.0.0.1
local_port = 443
remote_port = 443

After that, you can run FRP locally to verify the configuration.

Create a PowerShell session with Administrator priviledge. Run command:

 .\frpc.exe -c .\frpc.ini

Hopefully you will see output like this:

Now you only need to register FRP as a background service.

You can create a start.cmd file to run it directly.

And register it as:

nssm install frp

And select the start.cmd.

Now you can try it! Use your mobile Internet to access your cloud server. Hopefully you will connect to your home server's service!

Step 5 (Optional) Configure auto upgrade.

You can create a new update.sh to upgrade the frpc\frps on the server.

Don't forget to replace anduin to your own user alias.

sudo apt install tar wget jq
latestUrl=$(curl https://api.github.com/repos/fatedier/frp/releases/latest | jq -r '(.assets[] | select(.browser_download_url | contains("linux_amd64"))).browser_download_url')
echo "Latest download url is $latestUrl"
wget -O /home/anduin/frp.tar.gz $latestUrl
mkdir /home/anduin/temp
tar -zxvf /home/anduin/frp.tar.gz --directory /home/anduin/temp

frpcPath=$(find /home/anduin/temp/ -name "frpc")
frpsPath=$(find /home/anduin/temp/ -name "frps")

sudo systemctl stop   frpc.service
sudo systemctl stop   frps.service
sudo cp $frpcPath /usr/bin/
sudo cp $frpsPath /usr/bin/
sudo systemctl start  frpc.service
sudo systemctl start  frps.service

echo "Cleaning up..."
sudo rm /home/anduin/frp.tar.gz
sudo rm /home/anduin/temp -rvf

Costs?

Do remember, your cloud server might be costs by traffic! And your home network might also be costs by traffic. Imagine there was 10GB traffic this month, it might costs you twice with the cloud and with your home!!

If your service is not heavy, usually it's super cheap! For me, a Dell Optiplex 7080 costs about 300USD is enought. And the cloud server costs about 20$ a month.

Compared with the electricity bill of a few dollars per month and the network cost of dozens of dollars per month, the cloud server's monthly hundreds of USD is too expensive.