TLS Listener Builder#

The ngrok Agent SDK for Python

class ngrok.TlsListenerBuilder#

An ngrok listener backing a TLS endpoint.

allow_cidr(cidr)#

Restriction placed on the origin of incoming connections to the edge to only allow these CIDR ranges. Call multiple times to add additional CIDR ranges. See IP restrictions in the ngrok docs for additional details.

deny_cidr(cidr)#

Restriction placed on the origin of incoming connections to the edge to deny these CIDR ranges. Call multiple times to add additional CIDR ranges. See IP restrictions in the ngrok docs for additional details.

domain(domain)#

The domain to request for this edge, any valid domain or hostname that you have previously registered with ngrok. If using a custom domain, this requires registering in the ngrok dashboard and setting a DNS CNAME value.

forwards_to(forwards_to)#

Listener backend metadata. Viewable via the dashboard and API, but has no bearing on listener behavior.

To automatically forward connections, you can use listen_and_forward, or listen_and_serve on the Listener Builder.

listen()#

Begin listening for new connections on this listener.

listen_and_forward(to_url)#

Begin listening for new connections on this listener and forwarding them to the given url. This url can be either a TCP/HTTP address or a file socket path, for example: “http://localhost:8080”, “https://192.168.1.100:8443”, or for file socket paths on Linux/Darwin “unix:///path/to/unix.sock”.

Parameters:

to_url – The URL to forward traffic on to

Returns:

A task to await for the Listener linked with the server.

Return type:

Task

listen_and_serve(server)#

Begin listening for new connections on this listener and forwarding them to the given http server.

Parameters:

server (http.server.HTTPServer or None) – The server to link with a Listener.

Returns:

A task to await for the Listener linked with the server.

Return type:

Task

metadata(metadata)#

Listener-specific opaque metadata. Viewable via the API.

mutual_tlsca(mutual_tlsca)#

Certificates to use for client authentication at the ngrok edge. See Mutual TLS in the ngrok docs for additional details.

policy(policy_config)#

DEPRECATED: use traffic_policy instead. :param str policy_config: Traffic policy configuration to be attached to the listener.

proxy_proto(proxy_proto)#

The version of PROXY protocol to use with this listener “1”, “2”, or “” if not using.

termination(cert_pem, key_pem)#

The key to use for TLS termination at the ngrok edge in PEM format. See TLS Termination in the ngrok docs for additional details.

traffic_policy(policy_config)#

Traffic Policy configuration. :param str policy_config: Traffic policy configuration to be attached to the listener.

verify_upstream_tls(verify_upstream_tls)#

Whether to disable certificate verification for this listener.