cloudflared: improve init script for tunnel management

author Akihiro Nagai <[email protected]>

Wed, 5 Nov 2025 11:20:56 +0000 (20:20 +0900)

committer George Sapkin <[email protected]>

Thu, 6 Nov 2025 00:11:02 +0000 (02:11 +0200)
author Akihiro Nagai <[email protected]>
Wed, 5 Nov 2025 11:20:56 +0000 (20:20 +0900)
committer George Sapkin <[email protected]>
Thu, 6 Nov 2025 00:11:02 +0000 (02:11 +0200)
diff --git a/net/cloudflared/Makefile b/net/cloudflared/Makefile

index 4b88c953f568394631a0587a72d7298932c9cafb..3920dc96395ee49df4ab71e00c95fe051a99298e 100644 (file)
--- a/net/cloudflared/Makefile
+++ b/net/cloudflared/Makefile
@@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
  
  PKG_NAME:=cloudflared
  PKG_VERSION:=2025.10.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
  
  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
  PKG_SOURCE_URL:=https://codeload.github.com/cloudflare/cloudflared/tar.gz/$(PKG_VERSION)?
@@ -31,7 +31,7 @@ define Package/cloudflared
    CATEGORY:=Network
    SUBMENU:=Web Servers/Proxies
    TITLE:=Cloudflare Tunnel client
-  URL:=https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide
+  URL:=https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/get-started/
    DEPENDS:=$(GO_ARCH_DEPENDS) +ca-bundle
  endef
  
diff --git a/net/cloudflared/files/cloudflared.config b/net/cloudflared/files/cloudflared.config

index f159c7c58c0fa43fe52c1bdd5705c13bfd38a079..36d1652ef198aced4606e7f74352aee7a1e29abd 100644 (file)
--- a/net/cloudflared/files/cloudflared.config
+++ b/net/cloudflared/files/cloudflared.config
@@ -2,8 +2,8 @@
  config cloudflared 'config'
         option enabled '0'
         option token ''
-       option config '/etc/cloudflared/config.yml'
-       option origincert '/etc/cloudflared/cert.pem'
+#      option config '/etc/cloudflared/config.yml'
+#      option origincert '/etc/cloudflared/cert.pem'
         option edge_bind_address ''
         option edge_ip_version ''
         option grace_period ''
diff --git a/net/cloudflared/files/cloudflared.init b/net/cloudflared/files/cloudflared.init

index 351dd0d39517154fcfee205fe09bd647dd230b11..a22964df7a58eddf9f6f45c6ce0c1aea0bca17a4 100755 (executable)
--- a/net/cloudflared/files/cloudflared.init
+++ b/net/cloudflared/files/cloudflared.init
@@ -9,6 +9,7 @@ PROG="/usr/bin/cloudflared"
  
  append_param_arg() {
         local value
+
         config_get value "config" "$1" $2
         [ -n "$value" ] && procd_append_param command "--${1//_/-}" "$value"
  }
@@ -17,15 +18,26 @@ start_service() {
         config_load "$CONF"
  
         local enabled
+       local token
+
         config_get_bool enabled "config" "enabled"
         [ "$enabled" -eq "1" ] || return 1
  
         procd_open_instance "$CONF"
         procd_set_param command "$PROG" "tunnel"
         procd_append_param command "--no-autoupdate"
+       procd_append_param command "run"
+
+       config_get token "config" "token"
+       if [ -n "$token" ]; then
+               # Remotely-managed tunnel (recommended by Cloudflare)
+               procd_append_param command "--token" "$token"
+       else
+               # Locally-managed tunnels
+               append_param_arg "config" "/etc/cloudflared/config.yml"
+               append_param_arg "origincert" "/etc/cloudflared/cert.pem"
+       fi
  
-       append_param_arg "config" "/etc/cloudflared/config.yml"
-       append_param_arg "origincert" "/etc/cloudflared/cert.pem"
         append_param_arg "edge_bind_address"
         append_param_arg "edge_ip_version"
         append_param_arg "grace_period"
@@ -37,9 +49,6 @@ start_service() {
         append_param_arg "loglevel"
         append_param_arg "logfile"
  
-       procd_append_param command "run"
-       append_param_arg "token"
-
         procd_set_param respawn
         procd_set_param stderr 1
  
diff --git a/net/cloudflared/files/sample_config.yml b/net/cloudflared/files/sample_config.yml

index 1b3a5544a24ec36ca90fe7c1769e09a3203f30cd..af98abbc7c5422444c4558207492bcf3689ab892 100644 (file)
--- a/net/cloudflared/files/sample_config.yml
+++ b/net/cloudflared/files/sample_config.yml
@@ -1,3 +1,11 @@
+# https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/do-more-with-tunnels/local-management/configuration-file/
+
+# NOTICE
+# Cloudflare recommends setting up a remotely-managed tunnel.
+# Remotely-managed configurations are stored on Cloudflare,
+# which allows you to manage the tunnel from any machine
+# using the dashboard, API, or Terraform.
+
  #tunnel: <Tunnel-UUID>
  #credentials-file: /etc/cloudflared/<Tunnel-UUID>.json
  #
author	Akihiro Nagai <[email protected]>
	Wed, 5 Nov 2025 11:20:56 +0000 (20:20 +0900)
committer	George Sapkin <[email protected]>
	Thu, 6 Nov 2025 00:11:02 +0000 (02:11 +0200)
net/cloudflared/Makefile		patch \| blob \| history
net/cloudflared/files/cloudflared.config		patch \| blob \| history
net/cloudflared/files/cloudflared.init		patch \| blob \| history
net/cloudflared/files/sample_config.yml		patch \| blob \| history