opn-repo icon indicating copy to clipboard operation
opn-repo copied to clipboard

Published 20 hours ago verified publisher icon mimugmail

Cloudflared package

Open Cadish opened this issue 3 years ago • 10 comments

Hi,

Would it be possible to add cloudflared as a package? https://github.com/cloudflare/cloudflared

Thanks Cadish

Cadish avatar Feb 01 '21 16:02 Cadish

I asked over there about current pkg as the Port is outdated. Lets see :)

mimugmail avatar Feb 01 '21 20:02 mimugmail

Great! Thanks!

Cadish avatar Feb 02 '21 07:02 Cadish

hi @mimugmail , they have merged the code apparently... https://github.com/cloudflare/cloudflared/issues/285

Cadish avatar Mar 15 '21 11:03 Cadish

No, the author merged it into his own fork, it's still open.

mimugmail avatar Mar 16 '21 06:03 mimugmail

It's now in community repo:

pkg install cloudflared If you tell me something about config and syntax I can try to build a plugin

mimugmail avatar Mar 24 '21 20:03 mimugmail

Great! Will try it. Thanks a lot.

The config & syntax are dependent on what you want to achieve with it. I only use it with Cloudflare Argo to create a tunnel to disclose internal applications to the outside without opening any ports. This way, I also can use Cloudflare Access as an extra security level to not disclose my origins directly.

To do this:

  1. Create a tunnel itself: cloudflared tunnel create <NAME>
  2. Create a config file: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/config
  3. Run the tunnel: cloudflared tunnel --config path/config.yaml run <NAME>.

More documentation on this is here: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps

Cadish avatar Mar 25 '21 15:03 Cadish

If you got it running on the OPN you can also send me the config via private channel and I can try to build a plugin for you.

mimugmail avatar Mar 25 '21 16:03 mimugmail

I'd love to see support for this, especially considering that Cloudflare Tunnel is free now. I imagine some people might like to use it for DNS over HTTPS, although dnscrypt-proxy already exists in the main repository.

MattElek avatar Apr 16 '21 14:04 MattElek

why doesn't cloudflared service install work? That would be so much simpler, single command to set up the tunnel.

Qhilm avatar May 11 '23 10:05 Qhilm

@mimugmail, this is the config file which works for me, in case you're still search for a reference. The problem is, I can't manage to run it as a service at the moment, unless I'm missing something.

tunnel: sense
credentials-file: /root/.cloudflared/<tunnel-UID>.json
ingress:
 # Rules map traffic from a hostname to a local service:
 - hostname: subomain1.youcloudflaredomain.com
   service: https://server1.localdomain.com
 - hostname: subomain2.youcloudflaredomain.com
   service: https://server2.localdomain.com:12345
 # This “catch-all” rule doesn’t have a hostname/path, so it matches everything
 - service: http_status:404

Important is that the server1 will need to have both server1.localdomain.com and subomain1.youcloudflaredomain.com in its certificate SAN, otherwise it fails. I assume it's possible to disable the TLS verification somehow but I didn't want to. Same for server2, it will need both server2.localdomain.com and subomain2.youcloudflaredomain.com in its SAN.

But overall it would be great to have the remotely managed tunnel, that would greatly simplify all of this, no login, no creating a config file, etc. etc. Single command with a token created in the cloudflare dashboard, done.

Qhilm avatar May 11 '23 15:05 Qhilm