scubbo/cloudflaredtunneldns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enable options for certificate and domain

Browse Source
This commit is contained in:
Jack Jackson 2022-08-22 13:20:02 -07:00
parent ce499cffa4
commit 6decdb445d
1 changed files with 61 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
dns_update.sh
View File

@ -1,30 +1,68 @@
#!/bin/sh #!/bin/bash
set -eux set -eux
# First argument is cloudflared config file # https://stackoverflow.com/a/14203146/1040915
# TODO - make this optional, and check standard locations if absent. POSITIONAL_ARGS=()
# Not doing it now because that would require me to remember how to
# do named arguments with bash (I think it's `getopt`?), and ain't while [[ $# -gt 0 ]]; do
# nobody got time for that. case $1 in
if [ $# -lt 1 ]; then --config)
echo "Requires an argument pointing to the config file"; # Provide a path to the Cloudflared Config file.
exit 1; # Required, since we need to parse the config file to find tunnel name.
fi # (If I was less lazy, I would implement cloudflared-like behaviour to search
CONFIG_FILE_LOCATION=$1 # the standard locations if absent. But I am, so I didn't :P )
if [ ! -f $CONFIG_FILE_LOCATION ]; then CONFIG="$2"
echo "File \"$CONFIG_FILE_LOCATION\" does not exist"; shift # past argument
shift # past value
;;
--cert)
# Provide a path to the Cloudflared certificate.
# If absent, Cloudflared will search the standard locations (as above).
# ([`/etc/cloudflared/`, `/usr/local/etc/cloudflared`, `$HOME/.cloudflared`])
CERT="$2"
shift # past argument
shift # past value
;;
-d|--domain)
# If set, only try to update DNS for names that are subdomains of this domain.
# If not set, try to update all names.
DOMAIN="$2"
shift # past argument
shift # past value
;;
-*|--*)
echo "Unknown option $1"
exit 1
;;
*)
POSITIONAL_ARGS+=("$1") # save positional arg
shift # past argument
;;
esac
done
if [[ -z $CONFIG ]]; then
echo "Path to config file must be provided";
exit 1; exit 1;
fi fi
# Second argument is "root domain". set -- "${POSITIONAL_ARGS[@]}" # restore positional parameters
# If set, only try to update DNS for names that are subdomains of this domain.
# If not set, try to update all names
TUNNEL_NAME=$(yq ".tunnel" $CONFIG_FILE_LOCATION);
if [ $# -gt 1 ]; then
ROOT_DOMAIN=$2;
yq ".ingress[].hostname | select(. != null) | select (. == \"*$ROOT_DOMAIN\")" $CONFIG_FILE_LOCATION | xargs -I {} cloudflared tunnel route dns $TUNNEL_NAME {};
else
yq '.ingress[].hostname | select(. != null)' $CONFIG_FILE_LOCATION | xargs -I {} cloudflared tunnel route dns $TUNNEL_NAME {};
fi
TUNNEL_NAME=$(yq ".tunnel" $CONFIG);
COMMAND_STRING="yq \".ingress[].hostname | select(. != null)";
if [[ -n "$DOMAIN" ]]; then
COMMAND_STRING="$COMMAND_STRING | select (. == \\\"*$DOMAIN\\\")";
fi
# Note closing double-quote, from start of COMMAND_STRING
COMMAND_STRING="$COMMAND_STRING\" $CONFIG | xargs -I {} cloudflared tunnel";
if [[ -n "$CERT" ]]; then
COMMAND_STRING="$COMMAND_STRING --origincert $CERT";
fi
COMMAND_STRING="$COMMAND_STRING route dns $TUNNEL_NAME {}";
# I don't know enough about bash security to know whether there's a risk of injection here:
# be careful where you accept script parameters from!
eval $COMMAND_STRING