[新服务] cloudflared tunnel docker & native

Summary

• https://sspai.com/post/79278

• https://hostloc.com/thread-1154840-6-3.html

步骤

#native

brew install cloudflared &&

sudo cloudflared service install eyJhIjoiOxxxxxx


sudo cloudflared service --help
Password:
NAME:
   cloudflared service - Manages the cloudflared launch agent

USAGE:
   cloudflared service command [command options] [arguments...]

COMMANDS:
   install    Install cloudflared as an user launch agent
   uninstall  Uninstall the cloudflared launch agent
   help, h    Shows a list of commands or help for one command

OPTIONS:
   --help, -h  show help (default: false)

# logs
/Library/Logs/com.cloudflare.cloudflared.err.log
/Library/Logs/com.cloudflare.cloudflared.out.log

docker-composer.yaml

cd ~/tmp_qh/data/
mkdir $(hostname)-cloudflared && cd $(hostname)-cloudflared

cat > docker-compose.yml <<EOF
version: '3.8'
services:
  cloudflared:
    image: cloudflare/cloudflared:latest
    command: tunnel --no-autoupdate run --token eyJhIjoixxx
    # Optional configurations
    container_name: cloudflared_tunnel
    # To expose ports, if necessary, uncomment the following line and adjust as needed
    # ports:
    #   - "your_host_port:your_container_port"    restart: unless-stopped

    # If your service needs specific network settings, you can specify them here
    # networks:
    #   - cloudflared_tunnel-network
    #   - npm_nginx_proxy_manager-network
#networks:
# "docker network create " first if not done
#  cloudflared_tunnel-network:
#    external: true
#  npm_nginx_proxy_manager-network:
#    external: true

# or just use one network
networks:
  default:
    name: npm_nginx_proxy_manager-network
    external: true
EOF

# in server can use host.docker.internal to access host_ip:port

https只支持一级subdomain，比如xxx.domain.com, 而不是xxx.yyy.domain.com - otherwise ssl error

参考(带额外认证）