ngsrv
Get Started

ngsrv vs ngrok

Both ngsrv and ngrok solve the same core problem: take a local service and expose it on the public internet over HTTPS. They differ in how they treat config, security, and the developer's day-to-day workflow. This page walks through those differences without trash-talking.

ngsrv helps developers expose local services, share preview links, test webhooks, and get feedback faster. ngrok pioneered the category and remains the best-known option in it. Below is an honest look at where each one fits.

What is ngrok?

ngrok is a hosted tunneling service that lets you expose local servers, ingress to Kubernetes, and run API gateways. It's command-driven (ngrok http 80), has a long history, and a large ecosystem.

What is ngsrv?

ngsrv is a tunneling service built around a declarative YAML config you commit to git. The CLI looks similar (ngsrv http 3000), but the day-to-day flow is multi-tunnel by default, the security policies are on every plan, and the Kubernetes integration is a first-class sidecar with /healthz, /readyz, and /metrics.

At a glance

| | ngsrv | ngrok | | --- | --- | --- | | One-command tunnel | ngsrv http 3000 | ngrok http 3000 | | Declarative multi-tunnel config | ngsrv run ngsrv.yml (built in) | Limited (config file exists, less central) | | Custom domains | Included on Pro | Included on paid plans | | Reserved subdomains | Included on Pro | Included on paid plans | | Free-tier security policies | IP allowlist, rate limit, time window, geo, header auth | OAuth on paid plans | | Kubernetes sidecar | First-class, Helm chart shipped | Available, separate operator | | Prometheus metrics | Out of the box (/metrics) | Available, separate setup | | Stable exit codes for CI | Documented | Less granular |

Where ngsrv is the better fit

You want config in git. If you'd rather have a ngsrv.yml checked in alongside your docker-compose.yml, ngsrv was built for that:

tunnels:
  - name: api
    port: 8080
    subdomain: api
    security_policies:
      - allow-office-ip
      - rate-limit-100rps

  - name: webhooks
    port: 9000
    subdomain: hooks

  - name: docs
    port: 3000
    domain: docs.example.com

Run all three with ngsrv run ngsrv.yml. The same file works locally, in CI, and in Kubernetes.

You want real security policies on the free tier. ngsrv ships IP allowlist, rate limit, time window, geo, and header-required policies on every plan. You don't need an enterprise tier to put a tunnel behind your office IP range.

You want Kubernetes integration that looks like Kubernetes. The ngsrv sidecar exposes /healthz, /readyz, /metrics, and has a Helm chart. Probes work, scraping works, and the logs are structured JSON with stable exit codes.

You want pricing that doesn't penalize multiple tunnels. The Pro plan includes 10 tunnels by default with overage pricing per tunnel, not per-tunnel-per-region license math.

Where ngrok is the better fit

Brand familiarity. Some companies have ngrok in their approved-vendor list and that's that. Worth respecting.

Mature integrations. ngrok has been around longer and has more third-party docs, blog posts, and Stack Overflow answers. If you're stuck on a niche issue at midnight, there's more existing material to find.

Kubernetes Ingress Operator. ngrok has a dedicated K8s ingress operator with a substantial feature set if you're building it into a platform.

Migration notes

If you're already on ngrok and curious about ngsrv:

  1. Install: brew install ngsrv/tap/ngsrv (or curl -fsSL https://get.ngsrv.com | bash).
  2. Authenticate: ngsrv token <YOUR_TOKEN>.
  3. Replace ngrok http 3000 with ngsrv http 3000 in any scripts.
  4. For your ngrok.yml, the equivalent ngsrv.yml is a near 1:1 translation — tunnels: array with port, subdomain, domain, and policies.

Most teams report parity within an afternoon.

When to keep ngrok

If your team's pain point isn't config, security, or Kubernetes — and you're happy with ngrok's pricing — there is no reason to switch for the sake of switching. The honest position.

FAQ

Is ngsrv a drop-in replacement for ngrok? For the common case (http <port>) — yes. For advanced ingress operator features, the surface area differs.

Does ngsrv support custom domains like ngrok? Yes, on Pro and above. See /docs/cli/domains.

Are ngsrv tunnels secure? Yes. HTTPS terminates at the edge, and security policies (IP allowlist, rate limit, geo, header auth) are on every plan.

How much does ngsrv cost compared to ngrok? ngsrv's Pro plan starts at $7/month and includes 10 tunnels, 100GB bandwidth, 5 custom domains, and all security policies except mTLS. Check the /pricing page for the latest details.

Can I run ngsrv in Kubernetes? Yes — there's a first-class sidecar and a Helm chart, with /healthz, /readyz, and /metrics endpoints.