d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
665e3dfd2ae546e34bc57d06385e1fd8fadf393f
proxmox/scripts/archive/consolidated/deploy/setup-multi-tunnel.sh
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

210 lines
7.0 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Setup script for Cloudflare Multi-Tunnel configuration
# This script sets up separate tunnels for each Proxmox host
set -euo pipefail
# Load IP configuration
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
TUNNELS_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
# Configuration
PROXMOX_HOST="${PROXMOX_HOST:-192.168.11.10}"
VMID="${VMID:-102}"
TUNNELS=("ml110" "r630-01" "r630-02")
# Check if running on Proxmox host or need to SSH
if command -v pct &> /dev/null; then
RUN_LOCAL=true
log_info "Running on Proxmox host directly"
else
RUN_LOCAL=false
log_info "Will execute commands via SSH to $PROXMOX_HOST"
fi
# Function to execute command (local or via SSH)
exec_cmd() {
if [ "$RUN_LOCAL" = true ]; then
eval "$@"
else
ssh "root@${PROXMOX_HOST}" "$@"
fi
}
# Function to execute command in container
exec_in_container() {
local cmd="$1"
if [ "$RUN_LOCAL" = true ]; then
pct exec "$VMID" -- bash -c "$cmd"
else
ssh "root@${PROXMOX_HOST}" "pct exec $VMID -- bash -c '$cmd'"
fi
}
log_info "=== Cloudflare Multi-Tunnel Setup ==="
log_info "Proxmox Host: $PROXMOX_HOST"
log_info "VMID: $VMID"
log_info "Tunnels: ${TUNNELS[*]}"
echo ""
# Check if VMID 102 exists and is running
log_info "Checking VMID $VMID status..."
if ! exec_cmd "pct status $VMID 2>/dev/null | grep -q running"; then
log_error "VMID $VMID is not running. Please start it first."
exit 1
fi
log_success "VMID $VMID is running"
# Check if cloudflared is installed
log_info "Checking cloudflared installation..."
if ! exec_in_container "command -v cloudflared &> /dev/null"; then
log_warn "cloudflared not found. Installing..."
exec_in_container "
wget -q https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -O /tmp/cloudflared.deb
dpkg -i /tmp/cloudflared.deb || apt-get install -f -y
rm /tmp/cloudflared.deb
cloudflared --version
"
log_success "cloudflared installed"
else
log_success "cloudflared is installed"
fi
# Create directories
log_info "Creating configuration directories..."
exec_in_container "
mkdir -p /etc/cloudflared
mkdir -p /var/log/cloudflared
"
log_success "Directories created"
# Copy configuration files
log_info "Copying configuration files..."
for tunnel in "${TUNNELS[@]}"; do
config_file="$TUNNELS_DIR/configs/tunnel-${tunnel}.yml"
if [ ! -f "$config_file" ]; then
log_error "Configuration file not found: $config_file"
exit 1
fi
# Copy to container
if [ "$RUN_LOCAL" = true ]; then
pct push "$VMID" "$config_file" "/etc/cloudflared/tunnel-${tunnel}.yml"
else
scp "$config_file" "root@${PROXMOX_HOST}:/tmp/tunnel-${tunnel}.yml"
ssh "root@${PROXMOX_HOST}" "pct push $VMID /tmp/tunnel-${tunnel}.yml /etc/cloudflared/tunnel-${tunnel}.yml"
fi
log_success "Copied config for tunnel-${tunnel}"
done
# Copy systemd service files
log_info "Installing systemd service files..."
for tunnel in "${TUNNELS[@]}"; do
service_file="$TUNNELS_DIR/systemd/cloudflared-${tunnel}.service"
if [ ! -f "$service_file" ]; then
log_error "Service file not found: $service_file"
exit 1
fi
# Copy to container
if [ "$RUN_LOCAL" = true ]; then
pct push "$VMID" "$service_file" "/tmp/cloudflared-${tunnel}.service"
exec_in_container "mv /tmp/cloudflared-${tunnel}.service /etc/systemd/system/cloudflared-${tunnel}.service"
else
scp "$service_file" "root@${PROXMOX_HOST}:/tmp/cloudflared-${tunnel}.service"
ssh "root@${PROXMOX_HOST}" "pct push $VMID /tmp/cloudflared-${tunnel}.service /etc/systemd/system/cloudflared-${tunnel}.service"
exec_in_container "mv /tmp/cloudflared-${tunnel}.service /etc/systemd/system/cloudflared-${tunnel}.service"
fi
log_success "Installed service for tunnel-${tunnel}"
done
# Reload systemd
log_info "Reloading systemd..."
exec_in_container "systemctl daemon-reload"
log_success "Systemd reloaded"
# Prompt for tunnel tokens
log_warn "=== IMPORTANT: Tunnel Setup Required ==="
log_warn "Before enabling services, you need to:"
log_warn "1. Create tunnels in Cloudflare Dashboard"
log_warn "2. Copy tunnel tokens/credentials"
log_warn "3. Update configuration files with tunnel IDs"
log_warn "4. Place credential files in /etc/cloudflared/"
echo ""
log_info "See docs/CLOUDFLARE_ACCESS_SETUP.md for detailed instructions"
echo ""
read -p "Have you created the tunnels and have the credentials ready? (y/N): " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
log_warn "Setup paused. Please create tunnels first."
log_info "Run this script again after creating tunnels."
exit 0
fi
# Prompt for each tunnel
for tunnel in "${TUNNELS[@]}"; do
echo ""
log_info "=== Setting up tunnel-${tunnel} ==="
read -p "Enter tunnel ID for tunnel-${tunnel}: " tunnel_id
read -p "Enter path to credentials JSON file (or press Enter to skip): " creds_file
if [ -n "$creds_file" ] && [ -f "$creds_file" ]; then
# Update config file with tunnel ID
exec_in_container "sed -i 's/<TUNNEL_ID_${tunnel^^}>/$tunnel_id/g' /etc/cloudflared/tunnel-${tunnel}.yml"
# Copy credentials file
if [ "$RUN_LOCAL" = true ]; then
pct push "$VMID" "$creds_file" "/etc/cloudflared/tunnel-${tunnel}.json"
else
scp "$creds_file" "root@${PROXMOX_HOST}:/tmp/tunnel-${tunnel}.json"
ssh "root@${PROXMOX_HOST}" "pct push $VMID /tmp/tunnel-${tunnel}.json /etc/cloudflared/tunnel-${tunnel}.json"
fi
exec_in_container "chmod 600 /etc/cloudflared/tunnel-${tunnel}.json"
log_success "Credentials configured for tunnel-${tunnel}"
else
log_warn "Skipping credentials for tunnel-${tunnel}. Configure manually later."
fi
done
# Enable services (but don't start yet - user should verify configs first)
log_info "Enabling systemd services..."
for tunnel in "${TUNNELS[@]}"; do
exec_in_container "systemctl enable cloudflared-${tunnel}.service"
log_success "Enabled cloudflared-${tunnel}.service"
done
echo ""
log_success "=== Setup Complete ==="
log_info "Next steps:"
log_info "1. Verify configuration files in /etc/cloudflared/"
log_info "2. Start services: systemctl start cloudflared-*"
log_info "3. Check status: systemctl status cloudflared-*"
log_info "4. Configure Cloudflare Access (see docs/CLOUDFLARE_ACCESS_SETUP.md)"
log_info "5. Set up monitoring: ./scripts/monitor-tunnels.sh --daemon"
Reference in New Issue View Git Blame Copy Permalink