'%3e%3cpath%20d='M9%2021H15'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3cpath%20d='M5.25001%209.75C5.25001%207.95979%205.96116%206.2429%207.22703%204.97703C8.4929%203.71116%2010.2098%203%2012%203C13.7902%203%2015.5071%203.71116%2016.773%204.97703C18.0388%206.2429%2018.75%207.95979%2018.75%209.75C18.75%2013.1081%2019.5281%2015.8063%2020.1469%2016.875C20.2126%2016.9888%2020.2472%2017.1179%2020.2474%2017.2493C20.2475%2017.3808%2020.2131%2017.5099%2020.1475%2017.6239C20.082%2017.7378%2019.9877%2017.8325%2019.8741%2017.8985C19.7604%2017.9645%2019.6314%2017.9995%2019.5%2018H4.50001C4.36874%2017.9992%204.23997%2017.964%204.12659%2017.8978C4.0132%2017.8317%203.91916%2017.7369%203.85387%2017.6231C3.78858%2017.5092%203.75432%2017.3801%203.75452%2017.2489C3.75472%2017.1176%203.78937%2016.9887%203.85501%2016.875C4.47282%2015.8063%205.25001%2013.1072%205.25001%209.75Z'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_4762_133'%3e%3crect%20width='24'%20height='24'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
'%3e%3cpath%20d='M24%200H0V24H24V0Z'%20fill='white'%20fill-opacity='0.01'/%3e%3cpath%20d='M12%2011C14.2091%2011%2016%209.20914%2016%207C16%204.79086%2014.2091%203%2012%203C9.79086%203%208%204.79086%208%207C8%209.20914%209.79086%2011%2012%2011Z'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3cpath%20d='M4%2021V20.4857C4%2018.5655%204%2017.6055%204.38753%2016.872C4.72841%2016.2269%205.27235%2015.7024%205.94138%2015.3737C6.70196%2015%207.6976%2015%209.68889%2015H14.3111C16.3024%2015%2017.298%2015%2018.0586%2015.3737C18.7276%2015.7024%2019.2716%2016.2269%2019.6125%2016.872C20%2017.6055%2020%2018.5655%2020%2020.4857V21'%20stroke='black'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_4762_139'%3e%3crect%20width='24'%20height='24'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
📌 微服 x 群晖/飞牛 — hclient-cli 外网访问配置教程
medium
发布于189天前还没想好签名
⚠️观前提示 此文档适用场景为: **群晖/飞牛与微服不在同一局域网,需要通过外网简单访问.** **若群晖/飞牛与微服同处相同局域网,则优先使用[netmap](https://appstore.lazycat.cloud/#/shop/detail/org.snyh.netmap)转发.** ------ # ✅ **步骤 1:下载 hclient-cli 并上传至群晖/飞牛** 从 Gitee 下载适合系统的版本: 👉 https://gitee.com/lazycatcloud/hclient-cli 然后将文件上传到 NAS 目录。 📌 **示例文件:`hclient-cli-linux-amd64`**  ------ # ✅ **步骤 2:启用 SSH 并连接 NAS** 在群晖或飞牛中开启 SSH 然后用终端工具(PuTTY / Terminal)连接 NAS。  ------ # ✅ **步骤 3:赋权 & 设置 capability** 进入上传目录后执行: ```bash # 后续步骤需要用到root权限,切换到root身份 sudo -i # cd到刚刚上传文件的目录,这里以飞牛为例 # 飞牛文件路径在/volX/1000/xxx路径/ # 群晖文件路径在/volumeX/xxx路径/ cd /vol1/1000/nvme/application/ # 添加执行权限 chmod +x ./hclient-cli-linux-amd64 ``` > capability 允许非 root 用户创建 TUN 设备。 > 若需要设置可执行: > `sudo setcap cap_net_admin=eip ./hclient-cli-linux-amd64`  ------ # ✅ **步骤 4:启动 hclient(前台运行便于调试)** ```bash ./hclient-cli-linux-amd64 -tun ``` 保持该终端开启,不要关闭。  ------ # ✅ **步骤 5:打开新终端执行微服认证** ### ① 添加盒子 ```bash curl -X POST 'http://127.0.0.1:7777/add_box?bname=$盒子名&uid=$用户名&password=$密码' ``` ### ② 查看连接状态 ```bash curl 'http://127.0.0.1:7777/box_list' ``` (可插入“已添加但未 TFA 的状态截图”) ### ③ 输入 TFA 验证码 ```bash curl -X POST 'http://127.0.0.1:7777/add_tfa?bname=$盒子名&tfa=$验证码' ``` ### ④ 再次确认状态 ```bash curl 'http://127.0.0.1:7777/box_list' ``` 如果看到 **connected / online** 字样,则表示连接成功。   ------ # ✅ **步骤 6:后台运行 hclient** 调试完成后 退出刚启动的前台hclient,用普通用户身份并添加 & 后台重新运行hclient,这次再运行就不会需要输入密码验证: ```bash sudo ./hclient-cli-linux-amd64 -tun & ``` 如需让其开机自动运行,也可写到 Task Scheduler 或启动脚本中。  ------ # ✅ **步骤 7:在微服后台获取设备域名** 进入 **懒猫客户端 → 设备管理** 找到你的 NAS 对应的 **设备域名**。  ------ # ✅ **步骤 8:通过域名访问群晖/飞牛 NAS** 在浏览器输入微服为你分配的域名,即可: - 打开 DSM - 下载文件 - 访问服务 - 使用反向代理端口访问内部应用  ------ # 🎉 **完成!现在 NAS 已可通过微服实现外网访问。**
评论
3为啥不用netmap 直接端口转发呢?😂
适用于微服和飞牛不在同一局域网的场景
太棒了,刚好想试试