Cloudflared: Difference between revisions
Category:Networking. Description added, link added |
described how to get credentialsFile |
||
| Line 5: | Line 5: | ||
== Example == | == Example == | ||
To get credentialsFile (e.g. tunnel-ID.json) do: | |||
<syntaxhighlight lang="sh"> | |||
cloudflared tunnel login <the-token-you-see-in-dashboard> | |||
cloudflared tunnel create ConvenientTunnelName | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="nix"> | |||
{ | |||
services.cloudflared = { | |||
enable = true; | |||
tunnels = { | |||
"00000000-0000-0000-0000-000000000000" = { | |||
credentialsFile = "${config.sops.secrets.cloudflared-creds.path}"; | |||
default = "http_status:404"; | |||
}; | |||
}; | |||
}; | |||
} | |||
</syntaxhighlight> | |||
Then you can use dashboard to add your public hosts (will need to convert the new tunnel to dashboard-managed). | |||
Alternatively, save the <code>cert.pem</code> to cloudflared user's %home%/.cloudflared/cert.pem, and instead of using dashboard specify ingress rules in your configuration.nix like this: | |||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
| Line 26: | Line 49: | ||
}; | }; | ||
} | } | ||
</syntaxhighlight> | |||
[[Category:Networking]] | [[Category:Networking]] | ||