hoelee/cloudflared
1
0
Fork 0
mirror of https://github.com/cloudflare/cloudflared.git synced 2025-07-28 07:39:58 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

TUN-7245: Add bastion flag to origin service check

Browse Source
This commit is contained in:
Devin Carr
2023-03-06 15:19:10 -08:00
parent bf3136debb
commit 93f8f6b55c
9 changed files with 75 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/cloudflared/tunnel/cmd.go
View File

@@ -199,7 +199,7 @@ func TunnelCommand(c *cli.Context) error {
// Run a quick tunnel
// A unauthenticated named tunnel hosted on <random>.<quick-tunnels-service>.com
// We don't support running proxy-dns and a quick tunnel at the same time as the same process
shouldRunQuickTunnel := c.IsSet("url") || c.IsSet("hello-world")
shouldRunQuickTunnel := c.IsSet("url") || c.IsSet(ingress.HelloWorldFlag)
if !c.IsSet("proxy-dns") && c.String("quick-service") != "" && shouldRunQuickTunnel {
return RunQuickTunnel(sc)
}
@@ -215,6 +215,9 @@ func TunnelCommand(c *cli.Context) error {
}
if c.IsSet("proxy-dns") {
if shouldRunQuickTunnel {
return fmt.Errorf("running a quick tunnel with `proxy-dns` is not supported")
}
// NamedTunnelProperties are nil since proxy dns server does not need it.
// This is supported for legacy reasons: dns proxy server is not a tunnel and ideally should
// not run as part of cloudflared tunnel.
@@ -786,7 +789,7 @@ func configureProxyFlags(shouldHide bool) []cli.Flag {
Hidden: shouldHide,
}),
altsrc.NewBoolFlag(&cli.BoolFlag{
Name: "hello-world",
Name: ingress.HelloWorldFlag,
Value: false,
Usage: "Run Hello World Server",
EnvVars: []string{"TUNNEL_HELLO_WORLD"},

19
cmd/cloudflared/tunnel/configuration.go
View File

@@ -124,7 +124,7 @@ func isSecretEnvVar(key string) bool {
func dnsProxyStandAlone(c *cli.Context, namedTunnel *connection.NamedTunnelProperties) bool {
return c.IsSet("proxy-dns") &&
!(c.IsSet("name") || // adhoc-named tunnel
c.IsSet("hello-world") || // quick or named tunnel
c.IsSet(ingress.HelloWorldFlag) || // quick or named tunnel
namedTunnel != nil) // named tunnel
}
@@ -231,17 +231,16 @@ func prepareTunnelConfig(
if err != nil && err != ingress.ErrNoIngressRules {
return nil, nil, err
}
if c.IsSet("url") {
// Ingress rules cannot be provided with --url flag
if c.IsSet("url") || c.IsSet(ingress.HelloWorldFlag) || c.IsSet(config.BastionFlag) {
// Ingress rules cannot be provided with --url, --hello-world or --bastion flag
if !ingressRules.IsEmpty() {
return nil, nil, ingress.ErrURLIncompatibleWithIngress
} else {
// Only for quick or adhoc tunnels will we attempt to parse:
// --url, --hello-world, or --unix-socket flag for a tunnel ingress rule
ingressRules, err = ingress.NewSingleOrigin(c, false)
if err != nil {
return nil, nil, err
}
}
// Only for quick or adhoc tunnels will we attempt to parse:
// --url, --hello-world, --bastion, or --unix-socket flag for a tunnel ingress rule
ingressRules, err = ingress.NewSingleOrigin(c, false)
if err != nil {
return nil, nil, err
}
}