d-bis/loc_az_hci
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
loc_az_hci/scripts/deploy/complete-cloudflared-setup-vm100.sh

142 lines
3.7 KiB
Bash
Raw Permalink Normal View History

Initial commit: loc_az_hci (smom-dbis-138 excluded via .gitignore) Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-08 09:04:46 -08:00
#!/bin/bash
# Complete Cloudflare Tunnel Setup for VM 100
# Run this AFTER SSH access to VM 100 is working
# Usage: From root@pve: ssh ubuntu@192.168.1.244, then run this script
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
# Load environment variables
if [ -f "$PROJECT_ROOT/.env" ]; then
set -a
source <(grep -v '^#' "$PROJECT_ROOT/.env" | grep -v '^$' | sed 's/#.*$//' | grep '=')
set +a
else
echo "Error: .env file not found. Please set:"
echo " CLOUDFLARE_TUNNEL_TOKEN"
echo " CLOUDFLARE_ACCOUNT_ID"
echo " CLOUDFLARE_DOMAIN"
exit 1
fi
# Colors
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
echo "========================================="
echo "Cloudflare Tunnel Configuration"
echo "========================================="
echo ""
# Create directories and user
echo -e "${GREEN}[1/6]${NC} Creating directories and user..."
sudo mkdir -p /etc/cloudflared
sudo useradd -r -s /bin/false cloudflared 2>/dev/null || true
sudo chown cloudflared:cloudflared /etc/cloudflared
echo "✓ Done"
echo ""
# Create config file
echo -e "${GREEN}[2/6]${NC} Creating config file..."
sudo tee /etc/cloudflared/config.yml > /dev/null << CONFIGEOF
tunnel: $CLOUDFLARE_TUNNEL_TOKEN
credentials-file: /etc/cloudflared/credentials.json
ingress:
- hostname: grafana.$CLOUDFLARE_DOMAIN
service: http://192.168.1.82:3000
- hostname: prometheus.$CLOUDFLARE_DOMAIN
service: http://192.168.1.82:9090
- hostname: git.$CLOUDFLARE_DOMAIN
service: http://192.168.1.121:3000
- hostname: proxmox-ml110.$CLOUDFLARE_DOMAIN
service: https://192.168.1.206:8006
originRequest:
noTLSVerify: true
- hostname: proxmox-r630.$CLOUDFLARE_DOMAIN
service: https://192.168.1.49:8006
originRequest:
noTLSVerify: true
- service: http_status:404
CONFIGEOF
sudo chown cloudflared:cloudflared /etc/cloudflared/config.yml
sudo chmod 600 /etc/cloudflared/config.yml
echo "✓ Done"
echo ""
# Create credentials file
echo -e "${GREEN}[3/6]${NC} Creating credentials file..."
sudo tee /etc/cloudflared/credentials.json > /dev/null << CREDEOF
{
"AccountTag": "$CLOUDFLARE_ACCOUNT_ID",
"TunnelSecret": "$CLOUDFLARE_TUNNEL_TOKEN"
}
CREDEOF
sudo chown cloudflared:cloudflared /etc/cloudflared/credentials.json
sudo chmod 600 /etc/cloudflared/credentials.json
echo "✓ Done"
echo ""
# Create systemd service
echo -e "${GREEN}[4/6]${NC} Creating systemd service..."
sudo tee /etc/systemd/system/cloudflared.service > /dev/null << SERVICEEOF
[Unit]
Description=Cloudflare Tunnel
After=network.target
[Service]
Type=simple
User=cloudflared
ExecStart=/usr/local/bin/cloudflared tunnel --config /etc/cloudflared/config.yml run
Restart=on-failure
RestartSec=10s
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target
SERVICEEOF
echo "✓ Done"
echo ""
# Enable and start service
echo -e "${GREEN}[5/6]${NC} Enabling and starting service..."
sudo systemctl daemon-reload
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sleep 5
echo "✓ Done"
echo ""
# Verify
echo -e "${GREEN}[6/6]${NC} Verifying configuration..."
echo ""
echo "=== Service Status ==="
sudo systemctl status cloudflared --no-pager | head -15
echo ""
echo "=== Configuration Files ==="
ls -la /etc/cloudflared/
echo ""
echo "=== Recent Logs ==="
sudo journalctl -u cloudflared -n 10 --no-pager
echo ""
echo "========================================="
echo -e "${GREEN}Configuration Complete!${NC}"
echo "========================================="
echo ""
echo "Next steps:"
echo "1. Verify service: systemctl status cloudflared"
echo "2. View logs: journalctl -u cloudflared -f"
echo "3. Configure DNS records in Cloudflare Dashboard"
echo ""
Reference in New Issue Copy Permalink