scubbo/cloudflaredtunneldns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add README

Browse Source
This commit is contained in:
Jack Jackson 2022-08-22 15:59:27 -07:00
parent 6decdb445d
commit 3bcc3cffb0
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
README.md Normal file
View File

@ -0,0 +1,30 @@
## Overview
This is a tool to allow updating [Cloudflare Tunnels](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/) - both adding a service to the tunnel, and updating the DNS entries for the external name of that service - in a single deployment. Add it to a Kubernetes deployment as follows:
```
initContainers:
- name: dns-setter
image: <location of image>
command: [ "/bin/bash", "-c", "--" ]
args: [ "./dns_update.sh --config <path_to_config> --cert <path_to_cert> --domain <your root domain>"]
```
with Volume Mounts that provide the config and certificates.
## More detail
[Cloudflare Tunnels](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/) allow you to make services accessible to the external Internet without directly exposing your ports, by forwarding requests via a locally-running daemon which connects to (and is protected by) Cloudflare's global infrastructure.
Unfortunately, the process of exposing a new service requires two steps:
1. The mapping between "external addressable name" and "internal service" is added to the Cloudflare Tunnel configuration.
2. A DNS entry for the external addressable name (pointing to the tunnel's UUID-based name) is published.
If the DNS entries are provided by Cloudflare's own DNS servers, Step 2 can be achieved by using the Cloudflare Tunnel tool: `cloudflared tunnel route dns <tunnel_name> <domain_name>`. However, executing this for all the sites defined in the Cloudflared config file would require some parsing, and the `cloudflare/cloudflared` [image](https://hub.docker.com/r/cloudflare/cloudflared) does not support installing tools like [yq](https://github.com/mikefarah/yq).
This tool parses the Cloudflared config file and uses the `cloudflared` tool to update DNS records for all configured names, meaning that a single deployment can carry out both update steps.
## TODOs
* Extend my [Drone pipeline](https://gitea.scubbo.org/scubbo/cloudflaredtunneldns/src/branch/main/.drone.yml) to push a pre-built image to DockerHub for broader usability.
* Use [Cloudflare API](https://api.cloudflare.com/#dns-records-for-a-zone-properties) to determine which records have already been set to prevent unnecessary no-op updates.