Cloudflare Tunnel Support (#29)

* Adding necessary changes for tunnel setup supporting cloudflared

* Applied shwrap pattern to login, create and delete tunnel actions, many fixes

* Refactoring sesh 1

* Added utils, remaining tunnel tasks, cleanup
pull/31/head
Paulo Truta 2023-03-20 00:54:42 +01:00 committed by GitHub
parent 161ec76eb9
commit ece500c342
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 434 additions and 18 deletions

3
.gitignore vendored
View File

@ -21,3 +21,6 @@ main
# Build
/bin
# Logs from executed scripts
/scripts/output.log

View File

@ -35,6 +35,7 @@ test-with-coverage:
go test -tags=unit -timeout=600s -v ./... -coverprofile=coverage.out
install-cloud: build-cloud
systemctl stop edgeboxctl
cp ./bin/edgeboxctl /usr/local/bin/edgeboxctl
cp ./edgeboxctl/edgeboxctl.service /lib/systemd/system/edgeboxctl.service
systemctl daemon-reload
@ -42,8 +43,10 @@ install-cloud: build-cloud
@echo "To start edgeboxctl run: systemctl start edgeboxctl"
install-prod: build-prod
cp ./bin/edgeboxctl /usr/local/bin/edgeboxctl
cp ./edgeboxctl/edgeboxctl.service /lib/systemd/system/edgeboxctl.service
systemctl daemon-reload
-sudo systemctl stop edgeboxctl
sudo rm -rf /usr/local/bin/edgeboxctl /lib/systemd/system/edgeboxctl.service
sudo cp ./bin/edgeboxctl /usr/local/bin/edgeboxctl
sudo cp ./edgeboxctl.service /lib/systemd/system/edgeboxctl.service
sudo systemctl daemon-reload
@echo "Edgeboxctl installed successfully"
@echo "To start edgeboxctl run: systemctl start edgeboxctl"

View File

@ -4,6 +4,13 @@ import (
"fmt"
"strconv"
"strings"
"log"
"os"
"os/exec"
"bufio"
"path/filepath"
"io/ioutil"
"encoding/json"
"github.com/edgebox-iot/edgeboxctl/internal/utils"
@ -11,6 +18,12 @@ import (
"github.com/shirou/gopsutil/host"
)
type cloudflaredTunnelJson struct {
AccountTag string `json:"AccountTag"`
TunnelSecret string `json:"TunnelSecret"`
TunnelID string `json:"TunnelID"`
}
// GetUptimeInSeconds: Returns a value (as string) of the total system uptime
func GetUptimeInSeconds() string {
uptime, _ := host.Uptime()
@ -85,3 +98,191 @@ func SetupCloudOptions() {
// In the end of this operation takes place, remove the env file as to not overwrite any options once they are set.
utils.Exec("/", "rm", []string{cloudEnvFileLocationPath})
}
// StartService: Starts a service
func StartService(serviceID string) {
wsPath := utils.GetPath(utils.WsPath)
fmt.Println("Starting" + serviceID + "service")
cmdargs := []string{"start", serviceID}
utils.Exec(wsPath, "systemctl", cmdargs)
}
// StopService: Stops a service
func StopService(serviceID string) {
wsPath := utils.GetPath(utils.WsPath)
fmt.Println("Stopping" + serviceID + "service")
cmdargs := []string{"stop", "cloudflared"}
utils.Exec(wsPath, "systemctl", cmdargs)
}
// RestartService: Restarts a service
func RestartService(serviceID string) {
wsPath := utils.GetPath(utils.WsPath)
fmt.Println("Restarting" + serviceID + "service")
cmdargs := []string{"restart", serviceID}
utils.Exec(wsPath, "systemctl", cmdargs)
}
// GetServiceStatus: Returns the status output of a service
func GetServiceStatus(serviceID string) string {
wsPath := utils.GetPath(utils.WsPath)
cmdargs := []string{"status", serviceID}
return utils.Exec(wsPath, "systemctl", cmdargs)
}
// CreateTunnel: Creates a tunnel via cloudflared, needs to be authenticated first
func CreateTunnel(configDestination string) {
fmt.Println("Creating Tunnel for Edgebox.")
cmd := exec.Command("sh", "/home/system/components/edgeboxctl/scripts/cloudflared_tunnel_create.sh")
stdout, err := cmd.StdoutPipe()
if err != nil {
panic(err)
}
scanner := bufio.NewScanner(stdout)
err = cmd.Start()
if err != nil {
panic(err)
}
for scanner.Scan() {
fmt.Println(scanner.Text())
text := scanner.Text()
fmt.Println(text)
}
if scanner.Err() != nil {
cmd.Process.Kill()
cmd.Wait()
panic(scanner.Err())
}
// This also needs to be executed in root and non root variants
fmt.Println("Reading cloudflared folder to get the JSON file.")
isRoot := false
dir := "/home/system/.cloudflared/"
dir2 := "/root/.cloudflared/"
files, err := os.ReadDir(dir)
if err != nil {
panic(err)
}
var jsonFile os.DirEntry
for _, file := range files {
// check if file has json extension
if filepath.Ext(file.Name()) == ".json" {
fmt.Println("Non-Root JSON file found: " + file.Name())
jsonFile = file
}
}
// If the files are not in the home folder, try the root folder
if jsonFile == nil {
files, err = os.ReadDir(dir2)
if err != nil {
panic(err)
}
for _, file := range files {
// check if file has json extension
if filepath.Ext(file.Name()) == ".json" {
fmt.Println("Root JSON file found: " + file.Name())
jsonFile = file
isRoot = true
}
}
}
if jsonFile == nil {
panic("No JSON file found in directory")
}
fmt.Println("Reading JSON file.")
targetDir := "/home/system/.cloudflared/"
if isRoot {
targetDir = "/root/.cloudflared/"
}
jsonFilePath := filepath.Join(targetDir, jsonFile.Name())
jsonBytes, err := ioutil.ReadFile(jsonFilePath)
if err != nil {
panic(err)
}
fmt.Println("Parsing JSON file.")
var data cloudflaredTunnelJson
err = json.Unmarshal(jsonBytes, &data)
if err != nil {
log.Printf("Error reading tunnel JSON file: %s", err)
}
fmt.Println("Tunnel ID is:" + data.TunnelID)
// create the config.yml file with the following content in each line:
// "url": "http://localhost:80"
// "tunnel": "<TunnelID>"
// "credentials-file": "/root/.cloudflared/<tunnelID>.json"
file := configDestination
f, err := os.Create(file)
if err != nil {
panic(err)
}
defer f.Close()
_, err = f.WriteString("url: http://localhost:80\ntunnel: " + data.TunnelID + "\ncredentials-file: " + jsonFilePath)
if err != nil {
panic(err)
}
}
// DeleteTunnel: Deletes a tunnel via cloudflared, this does not remove the service
func DeleteTunnel() {
fmt.Println("Deleting possible previous tunnel.")
// Configure the service and start it
cmd := exec.Command("sh", "/home/system/components/edgeboxctl/scripts/cloudflared_tunnel_delete.sh")
stdout, err := cmd.StdoutPipe()
if err != nil {
panic(err)
}
scanner := bufio.NewScanner(stdout)
err = cmd.Start()
if err != nil {
panic(err)
}
for scanner.Scan() {
fmt.Println(scanner.Text())
text := scanner.Text()
fmt.Println(text)
}
if scanner.Err() != nil {
cmd.Process.Kill()
cmd.Wait()
panic(scanner.Err())
}
}
// InstallTunnelService: Installs the tunnel service
func InstallTunnelService(config string) {
fmt.Println("Installing cloudflared service.")
cmd := exec.Command("cloudflared", "--config", config, "service", "install")
cmd.Start()
cmd.Wait()
}
// RemoveTunnelService: Removes the tunnel service
func RemoveTunnelService() {
wsPath := utils.GetPath(utils.WsPath)
fmt.Println("Removing possibly previous service install.")
cmd := exec.Command("cloudflared", "service", "uninstall")
cmd.Start()
cmd.Wait()
fmt.Println("Removing cloudflared files")
cmdargs := []string{"-rf", "/home/system/.cloudflared"}
utils.Exec(wsPath, "rm", cmdargs)
cmdargs = []string{"-rf", "/etc/cloudflared/config.yml"}
utils.Exec(wsPath, "rm", cmdargs)
cmdargs = []string{"-rf", "/root/.cloudflared/cert.pem"}
utils.Exec(wsPath, "rm", cmdargs)
}

View File

@ -7,12 +7,17 @@ import (
"log"
"strconv"
"time"
"os/exec"
"strings"
"os"
"bufio"
"github.com/edgebox-iot/edgeboxctl/internal/diagnostics"
"github.com/edgebox-iot/edgeboxctl/internal/edgeapps"
"github.com/edgebox-iot/edgeboxctl/internal/storage"
"github.com/edgebox-iot/edgeboxctl/internal/system"
"github.com/edgebox-iot/edgeboxctl/internal/utils"
_ "github.com/go-sql-driver/mysql" // Mysql Driver
_ "github.com/mattn/go-sqlite3" // SQlite Driver
)
@ -29,10 +34,7 @@ type Task struct {
}
type taskSetupTunnelArgs struct {
BootnodeAddress string `json:"bootnode_address"`
BootnodeToken string `json:"bootnode_token"`
AssignedAddress string `json:"assigned_address"`
NodeName string `json:"node_name"`
DomainName string `json:"domain_name"`
}
type taskStartEdgeAppArgs struct {
@ -64,6 +66,7 @@ type taskEnablePublicDashboardArgs struct {
InternetURL string `json:"internet_url"`
}
const STATUS_CREATED int = 0
const STATUS_EXECUTING int = 1
const STATUS_FINISHED int = 2
@ -134,16 +137,36 @@ func ExecuteTask(task Task) Task {
switch task.Task {
case "setup_tunnel":
log.Println("Setting up bootnode connection...")
log.Println("Setting up Cloudflare Tunnel...")
var args taskSetupTunnelArgs
err := json.Unmarshal([]byte(task.Args.String), &args)
if err != nil {
log.Printf("Error reading arguments of setup_bootnode task: %s", err)
log.Printf("Error reading arguments of setup_tunnel task: %s", err)
status := "{\"status\": \"error\", \"message\": \"The Domain Name you are going to Authorize must be provided beforehand! Please insert a domain name and try again.\"}"
utils.WriteOption("TUNNEL_STATUS", status)
} else {
taskResult := taskSetupTunnel(args)
task.Result = sql.NullString{String: taskResult, Valid: true}
}
case "start_tunnel":
log.Println("Starting Cloudflare Tunnel...")
taskResult := taskStartTunnel()
task.Result = sql.NullString{String: taskResult, Valid: true}
case "stop_tunnel":
log.Println("Stopping Cloudflare Tunnel...")
taskResult := taskStopTunnel()
task.Result = sql.NullString{String: taskResult, Valid: true}
case "disable_tunnel":
log.Println("Disabling Cloudflare Tunnel...")
taskResult := taskDisableTunnel()
task.Result = sql.NullString{String: taskResult, Valid: true}
case "install_edgeapp":
log.Println("Installing EdgeApp...")
@ -328,19 +351,141 @@ func ExecuteSchedules(tick int) {
func taskSetupTunnel(args taskSetupTunnelArgs) string {
fmt.Println("Executing taskSetupTunnel")
wsPath := utils.GetPath(utils.WsPath)
wsPath := utils.GetPath(utils.WsPath)
cmdargs := []string{"gen", "--name", args.NodeName, "--token", args.BootnodeToken, args.BootnodeAddress + ":8655", "--prefix", args.AssignedAddress}
utils.Exec(wsPath, "tinc-boot", cmdargs)
// Stop a the service if it is running
system.StopService("cloudflared")
cmdargs = []string{"start", "tinc@dnet"}
utils.Exec(wsPath, "systemctl", cmdargs)
// Uninstall the service if it is installed
system.RemoveTunnelService()
cmdargs = []string{"enable", "tinc@dnet"}
utils.Exec(wsPath, "systemctl", cmdargs)
fmt.Println("Creating cloudflared folder")
cmdargs := []string{"/home/system/.cloudflared"}
utils.Exec(wsPath, "mkdir", cmdargs)
output := "OK" // Better check / logging of command execution result.
return output
cmd := exec.Command("sh", "/home/system/components/edgeboxctl/scripts/cloudflared_login.sh")
stdout, err := cmd.StdoutPipe()
if err != nil {
panic(err)
}
scanner := bufio.NewScanner(stdout)
err = cmd.Start()
if err != nil {
panic(err)
}
url := ""
for scanner.Scan() {
fmt.Println(scanner.Text())
text := scanner.Text()
if strings.Contains(text, "https://") {
url = text
fmt.Println("Tunnel setup is requesting auth with URL: " + url)
status := "{\"status\": \"waiting\", \"login_link\": \"" + url + "\"}"
utils.WriteOption("TUNNEL_STATUS", status)
break
}
}
if scanner.Err() != nil {
cmd.Process.Kill()
cmd.Wait()
panic(scanner.Err())
}
go func() {
fmt.Println("Running async")
cmd.Wait()
// Keep retrying to read cert.pem file until it is created
// When running as a service, the cert is saved to a different folder,
// so we check both :)
for {
_, err := os.Stat("/home/system/.cloudflared/cert.pem")
_, err2 := os.Stat("/root/.cloudflared/cert.pem")
if err == nil || err2 == nil {
fmt.Println("cert.pem file detected")
break
}
time.Sleep(1 * time.Second)
fmt.Println("Waiting for cert.pem file to be created")
}
fmt.Println("Tunnel auth setup finished without errors.")
status := "{\"status\": \"starting\", \"login_link\": \"" + url + "\"}"
utils.WriteOption("TUNNEL_STATUS", status)
// Remove old tunnel if it exists, and create from scratch
system.DeleteTunnel()
// Create new tunnel (destination config file is param)
system.CreateTunnel("/home/system/.cloudflared/config.yml")
fmt.Println("Creating DNS Routes for @ and *.")
cmd = exec.Command("cloudflared", "tunnel", "route", "dns", "-f" ,"edgebox", "*." + args.DomainName)
cmd.Start()
err = cmd.Wait()
if err != nil {
log.Fatal(err)
}
cmd = exec.Command("cloudflared", "tunnel", "route", "dns", "-f" ,"edgebox", args.DomainName)
cmd.Start()
err = cmd.Wait()
if err != nil {
log.Fatal(err)
}
domainNameInfo := args.DomainName
utils.WriteOption("DOMAIN_NAME", domainNameInfo)
// Install service with given config file
system.InstallTunnelService("/home/system/.cloudflared/config.yml")
// Start the service
system.StartService("cloudflared")
if err != nil {
fmt.Println("Tunnel auth setup finished with errors.")
status := "{\"status\": \"error\", \"login_link\": \"" + url + "\"}"
utils.WriteOption("TUNNEL_STATUS", status)
log.Fatal(err)
} else {
fmt.Println("Tunnel auth setup finished without errors.")
status := "{\"status\": \"connected\", \"login_link\": \"" + url + "\", \"domain\": \"" + args.DomainName + "\"}"
utils.WriteOption("TUNNEL_STATUS", status)
}
fmt.Println("Finished running async")
}()
return "{\"url\": \"" + url + "\"}"
}
func taskStartTunnel() string {
fmt.Println("Executing taskStartTunnel")
system.StartService("cloudflared")
domainName := utils.ReadOption("DOMAIN_NAME")
status := "{\"status\": \"connected\", \"domain\": \"" + domainName + "\"}"
utils.WriteOption("TUNNEL_STATUS", status)
return "{\"status\": \"ok\"}"
}
func taskStopTunnel() string {
fmt.Println("Executing taskStopTunnel")
system.StopService("cloudflared")
domainName := utils.ReadOption("DOMAIN_NAME")
status := "{\"status\": \"stopped\", \"domain\": \"" + domainName + "\"}"
utils.WriteOption("TUNNEL_STATUS", status)
return "{\"status\": \"ok\"}"
}
func taskDisableTunnel() string {
fmt.Println("Executing taskDisableTunnel")
system.StopService("cloudflared")
system.DeleteTunnel()
system.RemoveTunnelService()
utils.DeleteOption("DOMAIN_NAME")
utils.DeleteOption("TUNNEL_STATUS")
return "{\"status\": \"ok\"}"
}
func taskInstallEdgeApp(args taskInstallEdgeAppArgs) string {

View File

@ -192,3 +192,47 @@ func WriteOption(optionKey string, optionValue string) {
db.Close()
}
// ReadOption : Reads a key value pair option from the api shared database
func ReadOption(optionKey string) string {
db, err := sql.Open("sqlite3", GetSQLiteDbConnectionDetails())
if err != nil {
log.Fatal(err.Error())
}
var optionValue string
err = db.QueryRow("SELECT value FROM option WHERE name = ?", optionKey).Scan(&optionValue)
if err != nil {
log.Fatal(err.Error())
}
db.Close()
return optionValue
}
// DeleteOption : Deletes a key value pair option from the api shared database
func DeleteOption(optionKey string) {
db, err := sql.Open("sqlite3", GetSQLiteDbConnectionDetails())
if err != nil {
log.Fatal(err.Error())
}
statement, err := db.Prepare("DELETE FROM option WHERE name = ?;") // Prepare SQL Statement
if err != nil {
log.Fatal(err.Error())
}
_, err = statement.Exec(optionKey) // Execute SQL Statement
if err != nil {
log.Fatal(err.Error())
}
db.Close()
}

View File

@ -0,0 +1,6 @@
#!/usr/bin/env sh
echo "Starting script login"
cloudflared tunnel login 2>&1 | tee /home/system/components/edgeboxctl/scripts/output.log &
echo "sleeping 5 seconds"
sleep 5

View File

@ -0,0 +1,7 @@
#!/usr/bin/env sh
echo "Starting script create"
# script -q -c "cloudflared tunnel login 2>&1 | tee /app/output.log" &
cloudflared tunnel create edgebox 2>&1 | tee /home/system/components/edgeboxctl/scripts/output.log
echo "sleeping 5 seconds"
sleep 5

View File

@ -0,0 +1,7 @@
#!/usr/bin/env sh
echo "Starting script delete"
TUNNEL_ORIGIN_CERT=/home/system/.cloudflared/cert.pem
cloudflared tunnel delete edgebox 2>&1 | tee /home/system/components/edgeboxctl/scripts/output.log &
echo "sleeping 5 seconds"
sleep 5