8. HOWTO : Expose Personal Blog Running in Home to Internet by ZTM
This article demonstrates the following scenario: I am running a personal blog (wordpress) on my Raspberry Pi ubuntu at home and would like to be able to provide access to it using a fixed domain name. With the help of ZTM running on public cloud hosting, this can be achieved quickly and inexpensively. Users can use aws ultra-low-cost (or even free) t2.nano hosting. In this example, we continue to use ZTM AMI to create cloud hosting, in the lowest cost case can realize the low cost of 1 cent / hour. The configuration process is as follows:
- Creating a Cloud Host using ZTM AMI
When creating EC2, select the “ZTM” AMI.
Select “ZTM” AMI when creating EC2
Select “ZTM” AMI
The ZTM Hub service will be started automatically after the EC2 is created, check it and make a note of the contents of the generated permit file:
ubuntu@ip-172-31-18-226:~$ sudo systemctl status ztm-hub
● ztm-hub.service - ztm hub service
Loaded: loaded (/etc/systemd/system/ztm-hub.service; enabled; preset: enabled)
Active: active (running) since Sat 2024-08-03 07:35:07 UTC; 52s ago
Main PID: 604 (start.sh)
Tasks: 7 (limit: 1078)
Memory: 106.0M (peak: 120.4M)
CPU: 1.074s 1.074s
CGroup. /system.slice/ztm-hub.service
├─604 /bin/bash /etc/ztm/start.sh
├─610 /usr/local/bin/ztm run hub --listen 0.0.0.0:8888 --names 15.157.68.113:8888 --data /root/.ztm --permit /root/.ztm/ztm-permit.json
└─852 /usr/local/bin/ztm --pipy repo://ztm/hub --args --data /root/.ztm --listen 0.0.0.0:8888
Aug 03 07:35:07 ip-172-31-18-226 systemd[1]. Started ztm-hub.service - ztm hub service.
ubuntu@ip-172-31-18-226:~$ sudo cat /root/.ztm/ztm-permit.json
{"ca":"-----BEGIN CERTIFICATE-----\nMIICoTCCAYkCFGDGJqaG9LQLsbgrbMnGVDpLk+ANMA0GCSqGSIb3DQEBCwUAMA0x\nCzAJBgNVBAMMAmNhMB4XDTI0MDgwMzA3MzUxMFoXDTI1MDgwMzA3MzUxMFowDTEL\nMAkGA1UEAwwCY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMfC6R\nq+Q0IhKuC/dkv+8dPFz2I5E3adsJAftkqYIFrWFxdnkxQB3YFy84UJZ1PZ+LoZWR\n7GSPSBY+8+Ql4+n0E+MNzWqrgY0h86hiV7+FrJ0osTqkmomHDkHIwQnvH6x3ML4a\nfeV8JQY5n2YE3SGw760VAimu2PQ0YsOo7xZJDCKTBm4qD6cSkicHwVQOxvG7ASuI\nzI/N63psqWWdVeWoCTLdhYskgzeRohBSRC1Pc10PTSu9L2IJYtXUP32Z+MmxrK4M\nHGdt2CpjYpmqkAyC7TTgZ61ublBBSq78pZqclCxSd4eiT6JA4tSeF9alCFWZ7Oly\nNna5DkSW/MPKN+BJAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAC/vciw3rnNff4yd\nd72SrWPaqo5jM3Ar0Qz0XK4D1h4eYzbP/075MGV29scffX0+Gdw40zvQnWIgDQYW\n1xVqEafcMwwiICrRV//ABXHJMQ4vglbvHOAOUo2wGu6TY3WddUUNNOAFneAEZsEF\nE+Ka9yeDsccx1IrPUBfd/osSOcclEkowhYi0EObF0KH6QVk4ahZJ61q6it8+Pmwp\nFS0hjUTmRqKbIGfey+vmglNknsMXtVkdwd8t7KKmMhaaIdHrJGkMGdGZ8MnhXtYu\nmuvxO9vnhycn2IYUdDp1wqtIXj4ciFJ7ONEF80RCk8VQf+ELFx8IsCPz2sOommvD\npQizvaY=\n-----END CERTIFICATE-----\n","agent":{"certificate":"-----BEGIN CERTIFICATE-----\nMIICozCCAYsCFF8n8ofRHRqz1+DyNhYWNGPM9lezMA0GCSqGSIb3DQEBCwUAMA0x\nCzAJBgNVBAMMAmNhMB4XDTI0MDgwMzA3MzUxMFoXDTI1MDgwMzA3MzUxMFowDzEN\nMAsGA1UEAwwEcm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKs2\nyCkx9Aj8Abop9mpcb0mrV1p2dMwUIaCg1jhiOGI8VkaYgx1JhJ8LDlwrWz7ohnjV\n2ezX/D8neCNueC8rOpiHtcHNabYgoRGkCvfL3uusKJaqwm5pHi0NqHtH2/ylrd1g\nRyXoPDxx/3hUfjIgzPoxJYfwAuffI2OVUf7eGdFO67eSvmJsZFMxb1HYv/qOyT7p\nT17M+LBi0ESuS187zR4ceykuiRRskZmbJ31MnabpEALrBId8CGK02yfrCIbRB+0j\n1sGEWwp/j2AAUjStltNMThwIfolpEa6j+Cmuvnu+Uq6F4wv2+uBWvi8/GkQIDl6l\nvToivuBHj3zuh6MG3h8CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnDzsu9HNCdGk\nu8lQjYnviCaa1JuhZIA5swDXBtBNWr0XTSt/v9AYMD+l0uaqCMOyPaJJcg/PGMYa\n2P2oUcCc0IcLhZVs+TYeyttsk8yAMHHbaa1/rdSfu92s22NeHgizu9RQ/qivJYBj\nC9QwujZp9HPu0ApchNaEEhrE5gWjpqShvfwKR7Ul78aiGmvFTnkSjFIgPKuDZn/E\nbu7r6lDnImrSiNfp/7clqxlJjDxBHLozUNoK2OPVgicXWLvlVMoXDlYLBiGzkOd8\n+wC+B7CKAQWQhudqK5xPbowBuJgKu2S8jPK2mR8Pf6reNv64nDb8qNmDzYHwF/0g\nerwkbkYgHw==\n-----END CERTIFICATE-----\n","privateKey":"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCrNsgpMfQI/AG6\nKfZqXG9Jq1dadnTMFCGgoNY4YjhiPFZGmIMdSYSfCw5cK1s+6IZ41dns1/w/J3gj\nbngvKzqYh7XBzWm2IKERpAr3y97rrCiWqsJuaR4tDah7R9v8pa3dYEcl6Dw8cf94\nVH4yIMz6MSWH8ALn3yNjlVH+3hnRTuu3kr5ibGRTMW9R2L/6jsk+6U9ezPiwYtBE\nrktfO80eHHspLokUbJGZmyd9TJ2m6RAC6wSHfAhitNsn6wiG0QftI9bBhFsKf49g\nAFI0rZbTTE4cCH6JaRGuo/gprr57vlKuheML9vrgVr4vPxpECA5epb06Ir7gR498\n7oejBt4fAgMBAAECggEADXOfZEUtdCtAg3zahF7Ay5vvoAbghEwsnC8mxYVKAsXU\nzXUcEAf/qHM47Jrnb1jbf9Dlb0tE4T1bngUG4kXWM7et2w0leg60OOuXhQJ6gC+l\nfLjrz7roiQeirhTmPsJRl6wBywOk/+bA+JZC1/Nlx15nIXgE8mzAnglUSN7wTlZw\n8dm0cUVugetZaythD8APSWDYD420NFNXZszyUZjYq4nKzX17bKnWVSwjfHdTLUDM\nZWZc3PltFd8SfDkfW21QOqQW3qMhGu+liLmJwGi0EVdqfoZa12NbUkZ4/rO1Pijp\nI06BGitpCoajs/PYCr6QPz8kg37t6pDArhXgGMB1UQKBgQDoJdo+vnXn0rIzKA0B\nITzGUW9wJzKEtaiTuk5GHzCOQiG5Vdd0qea23yySiuqPMiEnMTb79+XFrb4AOXU3\nWdj3+njpPvdfD20b2a1RFCn+oD5Jk3D0rr0tfKsyztgWuOHPIzB3aFcc8y+DadSr\nVjTElLKtF+c0K52R3mVhRwI82QKBgQC8zjIYYGbcZComaRjyWcliKpLPCfk6dCmR\nzO5CRv8NHy0BZr2z58zaOweuhY8RwjGUFtLlPntcJd3ttdm44sF9FQHcH0NdOgck\nTgoX80wig4ZYKa/h3lc8Q8f71mdJ8vss39Kww5FjbGYDNM63MLdY0DHRzgmN6a4n\no63Ignj3twKBgQCeZ83PCIlNoWCFNawB/FsK++Bth+GZ2pboDrWAdaHdQFTgsSlu\nasyKNiik6fN5uHwU0Skyr4ny5EYEwzAvj7hUJW5Bwfxrugv6eAMikv7AxzkZXWkz\nHNTrZ+ktpySeBJPYkqtsnx7qGyptolZCf3VMOibdo7TYzXYcZcOJqDlnqQKBgFll\nrJScOLgL+WU8iCJgXxlLHT5I86g4zmIJzZq2MRfOdinest4XWIjQQH/jH24CLCV5\ndRw0rIZiK6XdYBzJyWHna30FlIj06+LFzMOwYJFLA3aFLpFdDKMtWOimiTubgFCs\nHf+yagnQjrDf9S0KNRYpZh14WE/IoLyGJMf29z4bAoGBAOfSIxFKaVRzJXNvB1II\nbo33tJ2UFde7/V+g0DEE6jvpFKbDrGGfJUXjEBelzs7dIuitjwNhrYD7DlOVHbS6\nlhxGSatTs3o1PuPz5pZU4M/5FOAZGOeB/U/fLTVWg0nOc1vk6tZ90zUjQvMSPUEB\nwIYCvQyAKpZvkIR4tLgKXT0h\n-----END PRIVATE KEY-----\n"},"bootstraps":["15.157.68.113:8888"]}- Start the ZTM Agent on the cloud host
Start ZTM Agent on EC2 and connect to the Hub:
ubuntu@ip-172-31-18-226:~$ ps -ef | grep ztm
root 604 1 0 07:35 ? 00:00:00 /bin/bash /etc/ztm/start.sh
root 610 604 0 07:35 ? 00:00:00 /usr/local/bin/ztm run hub --listen 0.0.0.0:8888 --names 15.157.68.113:8888 --data /root/.ztm --permit /root/.ztm/ztm-permit.json
root 852 610 0 07:35 ? 00:00:00 /usr/local/bin/ztm --pipy repo://ztm/hub --args --data /root/.ztm --listen 0.0.0.0:8888
ubuntu 1166 1073 0 07:42 pts/0 00:00:00 grep --color=auto ztm
ubuntu@ip-172-31-18-226:~$ sudo ztm start agent
ubuntu@ip-172-31-18-226:~$ ps -ef | grep ztm
root 604 1 0 07:35 ? 00:00:00 /bin/bash /etc/ztm/start.sh
root 610 604 0 07:35 ? 00:00:00 /usr/local/bin/ztm run hub --listen 0.0.0.0:8888 --names 15.157.68.113:8888 --data /root/.ztm --permit /root/.ztm/ztm-permit.json
root 852 610 0 07:35 ? 00:00:00 /usr/local/bin/ztm --pipy repo://ztm/hub --args --data /root/.ztm --listen 0.0.0.0:8888
root 1229 1 2 07:42 ? 00:00:00 /usr/local/bin/ztm run agent --data /root/.ztm --listen 127.0.0.1:7777
root 1232 1229 2 07:42 ? 00:00:00 /usr/local/bin/ztm --pipy repo://ztm/agent --args --data /root/.ztm --listen 127.0.0.1:7777
ubuntu 1236 1073 0 07:42 pts/0 00:00:00 grep --color=auto ztm
ubuntu@ip-172-31-18-226:~$ sudo cp /root/.ztm/ztm-permit.json . /
ubuntu@ip-172-31-18-226:~$ sudo chown ubuntu:ubuntu ztm-permit.json
ubuntu@ip-172-31-18-226:~$ ztm join my-blog --as hub-local-agent --permit ztm-permit.json
ubuntu@ip-172-31-18-226:~$ ztm get meshes
NAME JOINED AS USER HUBS STATUS
my-blog hub-local-agent root 15.157.68.113:8888 Connected
ubuntu@ip-172-31-18-226:~$ ztm get ep
NAME USER IP PORT STATUS
hub-local-agent (local) root 15.157.68.113 49222 OnlineYou can see that the agent on EC2 is connected to the hub.
- Running ZTM Agent at home on Raspberry Pi ubuntu
Download the ARM64 version of ZTM on your Raspberry Pi (download from the ZTM Release page at https://github.com/flomesh-io/ztm/releases/tag/v0.1.0 ) and launch it:
ubuntu@wp:~$ wget https://github.com/flomesh-io/ztm/releases/download/v0.1.0/ztm-aio-v0.1.0-generic_linux-arm64.tar.gz
Length: 10628339 (10M) [application/octet-stream]
Saving to: 'ztm-aio-v0.1.0-generic_linux-arm64.tar.gz'
ztm-aio-v0.1.0-generic_linux-arm64.tar 100%[===========================================================================>] 10.14M 48.1 MB/s in 0.2s
2024-08-03 08:11:39 (48.1 MB/s) - 'ztm-aio-v0.1.0-generic_linux-arm64.tar.gz' saved [10628339/10628339]
ubuntu@wp:~$ tar xzvf ztm-aio-v0.1.0-generic_linux-arm64.tar.gz
bin/ztm
ubuntu@wp:~$ sudo cp bin/ztm /usr/local/bin/
ubuntu@wp:~$ ztm version
ZTM.
Version : v0.1.0
Commit : 58e91bd4eb840a453cdd7929055ab5611bc4455a
Date : Fri, 26 Jul 2024 14:15:04 +0800
Pipy.
Version : 1.3.0
Commit : e391b8da94f619b13adf9265eb42aed3cb224cf7
Date : Fri, 26 Jul 2024 13:13:18 +0800
ubuntu@wp:~$ sudo ztm start agent
ubuntu@wp:~$ ztm join my-blog --as wordpress --permit permit.json
ubuntu@wp:~$ ztm get ep
NAME USER IP PORT STATUS
hub-local-agent root 15.157.68.113 49222 Online
wordpress (local) root 15.222.249.119 36932 OnlineYou can see that both the wordpress host and the Agent on EC2 are connected to the Hub.
- Create a ZTM tunnel between port 80 of the cloud host and the home blog host.
Execute on the EC2 host of the Hub:
ubuntu@ip-172-31-18-226:~$ ztm tunnel open in tcp/blog --listen 0.0.0.0:80
ubuntu@ip-172-31-18-226:~$ ztm ep wordpress tunnel open out tcp/blog ---target 127.0.0.1:80This opens a tunnel from port 80 of EC2 to port 80 of Raspberry Pi.
- Cloud Hosting Binding Domain Name Bind your own domain name (e.g. my-blog.name) to EC2, then you can access http://my-blog.name/ to access your Wordpress blog on your Raspberry Pi.