Deploying NPS with Docker on an Alibaba Cloud Server for Remote Access

When a project requires remote colleagues to preview a local service but no public test server is available, the author leverages an idle Alibaba Cloud server and sets up NPS (a reverse‑proxy tool) via Docker to provide internet‑accessible tunneling.

The server specifications are 2 vCPU, 8 GiB RAM, running Alibaba Cloud Linux 3.2104 LTS 64‑bit.

Install Docker and pull the NPS image

First, add the Docker yum repository:

wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

List available Docker versions (optional):

yum list docker-ce --showduplicates | sort -r

Install Docker:

yum install docker-ce -y

Configure Docker daemon if needed (edit /etc/docker/daemon.json ) and start the service:

systemctl start docker

Pull the NPS Docker image:

docker pull ffdfgdfg/nps

Run the NPS container:

docker run -d --name=nps --restart=always --net=host -v /opt/nps/conf:/conf ffdfgdfg/nps

Configure security group

Open the following ports on the Alibaba Cloud server:

8080 – NPS web management interface

8024 – Server‑client communication

5173 – Local service port (adjust as needed)

If any port conflicts with existing services, modify the NPS configuration accordingly.

Web management

Access the NPS web UI at http://<public‑ip>:8080 using username admin and password 123 . Create a new client, leaving most fields as default, enable compression and encryption.

After creation, note the client ID displayed.

Configure a TCP tunnel

Add a new TCP tunnel with the following settings:

Mode: TCP Tunnel

Client ID: the ID from the previous step

Server port: e.g., 5173 (the port you want exposed)

Target (IP:port): 127.0.0.1:5173 (your local machine’s service)

The client will initially show as offline until the local client is started.

Set up the local NPS client

Download the client binary from the NPS GitHub releases (choose the client suffix) and place it in a directory such as ~/npc .

Run the client with the server address, verification key, and tunnel type:

./npc -server=*.*.*.*:8024 -vkey=av3*****yiepb1 -type=tcp

If the output shows “Successful connection with server”, the tunnel is active and the web UI will display the client as online.

Finally, access the public IP and the chosen port (e.g., http://<public‑ip>:5173 ) to verify that the local project is reachable from the internet.

Reference: NPS Chinese documentation.