tunnel

package
v0.10.0-rc17 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 12, 2026 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConfirmQuickTunnelLoss added in v0.9.0 

func ConfirmQuickTunnelLoss(cfg *config.Config, u *ui.UI, currentURL, action string) bool

ConfirmQuickTunnelLoss warns the user when a destructive action is about to invalidate an active quick tunnel URL, and asks whether to proceed. Returns true when the caller should continue.

Quick tunnels get a fresh *.trycloudflare.com URL on every cluster recreate or `obol tunnel restart`, so anyone who bookmarked or registered the old URL will see 530 errors until they re-discover via /skill.md. Persistent (DNS) tunnels are stable across these events and skip the warning.

Pass currentURL as discovered from the running cloudflared pod (or "" when none). In non-interactive sessions, Confirm returns its default (true), so automation and CI flows print the warning but do not block.

func CreateStorefront added in v0.7.0 

func CreateStorefront(cfg *config.Config, tunnelURL string) error

CreateStorefront creates (or updates) a simple HTML landing page served at the tunnel hostname's root path. This uses the same busybox-httpd + ConfigMap pattern as the .well-known registration in monetize.py.

func DeleteStorefront added in v0.7.0 

func DeleteStorefront(cfg *config.Config) error

DeleteStorefront removes the storefront landing page resources.

func EnsureRunning added in v0.7.0 

func EnsureRunning(cfg *config.Config, u *ui.UI) (string, error)

EnsureRunning is the historical alias for WaitReady. New callers should prefer WaitReady directly; this is kept so existing call sites compile unchanged.

func EnsureTunnelForSell added in v0.7.0 

func EnsureTunnelForSell(cfg *config.Config, u *ui.UI) (string, error)

EnsureTunnelForSell ensures the tunnel is running and propagates the URL to the public service discovery surfaces needed by seller flows. It updates the frontend ConfigMap and storefront, but deliberately avoids syncing the obol-agent overlay. The agent overlay should be updated by explicit tunnel provisioning/login flows, not every ServiceOffer mutation.

func GetTunnelURL 

func GetTunnelURL(cfg *config.Config) (string, error)

GetTunnelURL parses cloudflared logs to extract the quick tunnel URL.

func InjectBaseURL added in v0.7.0 

func InjectBaseURL(cfg *config.Config, tunnelURL string) error

InjectBaseURL sets AGENT_BASE_URL on the default Hermes deployment so that monetize.py uses the tunnel URL in registration JSON.

func IsQuickTunnelHealthy added in v0.9.0 

func IsQuickTunnelHealthy(cfg *config.Config) bool

IsQuickTunnelHealthy reports whether a quick (anonymous *.trycloudflare.com) tunnel is currently serving — pod is Running and a URL has been captured from its logs. Returns false for persistent (DNS) tunnels and for any failure mode (no kubeconfig, no pod, no URL).

Used by `obol stack up` to skip the cloudflared chart sync when the URL would otherwise be invalidated. Persistent tunnels survive helmfile sync because the chart renders replicas: 1 for them; quick tunnels do not, so re-syncing the chart kills the running pod and rotates the URL.

func Login 

func Login(cfg *config.Config, u *ui.UI, opts LoginOptions) error

Login provisions a locally-managed tunnel using `cloudflared tunnel login` (browser auth), then writes the required credentials/config into Kubernetes and upgrades the cloudflared Helm release so the in-cluster connector runs the locally-managed tunnel.

Docs: - Create a locally-managed tunnel: https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/do-more-with-tunnels/local-management/create-local-tunnel/ - Configuration file for published apps: https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/do-more-with-tunnels/local-management/configuration-file/ - `origincert` run parameter (locally-managed tunnels): https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/configure-tunnels/cloudflared-parameters/run-parameters/

func Logs 

func Logs(cfg *config.Config, follow bool) error

Logs displays cloudflared logs.

func Provision 

func Provision(cfg *config.Config, u *ui.UI, opts ProvisionOptions) error

Provision provisions a remotely managed persistent Cloudflare Tunnel routed via a proxied DNS record.

func Restart 

func Restart(cfg *config.Config, u *ui.UI, opts RestartOptions) error

Restart restarts the cloudflared deployment and propagates the new tunnel URL to dependent resources (obol-stack-config ConfigMap, agent overlay, storefront HTTPRoute hostname pin). Quick tunnels get a new URL on every restart, so dependents must be refreshed or sell flows break:

  • skill.md / services.json embed the stale base URL until the controller observes the ConfigMap change
  • the storefront HTTPRoute is hostname-pinned; without an update it points at the old tunnel hostname and traffic to the new hostname's `/` falls through to the frontend catch-all

func RestorePersistentResources added in v0.10.0 

func RestorePersistentResources(cfg *config.Config, u *ui.UI) error

RestorePersistentResources rehydrates the in-cluster cloudflared resources from local state so persistent tunnels survive stack recreation.

func Status 

func Status(cfg *config.Config, u *ui.UI) error

Status displays the current tunnel status and URL.

func Stop added in v0.7.0 

func Stop(cfg *config.Config, u *ui.UI) error

Stop scales the cloudflared deployment to 0 replicas.

func SyncAgentBaseURL added in v0.5.0 

func SyncAgentBaseURL(cfg *config.Config, tunnelURL string) error

SyncAgentBaseURL patches AGENT_BASE_URL in the default Hermes deployment and runs helmfile sync to apply the change. It is a no-op if the obol-agent deployment directory does not exist (agent not yet initialized).

func SyncTunnelConfigMap added in v0.7.0 

func SyncTunnelConfigMap(cfg *config.Config, tunnelURL string) error

SyncTunnelConfigMap creates or patches the obol-stack-config ConfigMap in the obol-frontend namespace with the current tunnel URL. The frontend reads this ConfigMap to construct the correct dashboard URL.

func WaitReady added in v0.9.0 

func WaitReady(cfg *config.Config, u *ui.UI) (string, error)

WaitReady scales the cloudflared deployment to the desired replica count, waits for the deployment rollout, and returns the active public tunnel URL.

For quick tunnels this polls pod logs for a public *.trycloudflare.com URL. For persistent tunnels this returns the configured hostname after rollout.

Side effects on success: injects AGENT_BASE_URL into the agent deployment, writes the tunnel URL to the obol-frontend ConfigMap, and refreshes the storefront landing page for the public tunnel hostname.

Types

type CloudflareRegistrarDomainAlias added in v0.10.0 

type CloudflareRegistrarDomainAlias = cloudflareRegistrarDomain

Exported aliases for CLI and JSON presentation helpers.

type CloudflareRegistrarWorkflowAlias added in v0.10.0 

type CloudflareRegistrarWorkflowAlias = cloudflareRegistrarWorkflow

type DomainCheckOptions added in v0.10.0 

type DomainCheckOptions struct {
	Domains   []string
	AccountID string
	APIToken  string
}

type DomainCheckResult added in v0.10.0 

type DomainCheckResult struct {
	AccountID string                      `json:"account_id"`
	Domains   []cloudflareRegistrarDomain `json:"domains"`
}

func CheckDomains added in v0.10.0 

func CheckDomains(opts DomainCheckOptions) (*DomainCheckResult, error)

type DomainRegisterOptions added in v0.10.0 

type DomainRegisterOptions struct {
	DomainName    string
	Years         int
	AutoRenew     bool
	PrivacyMode   string
	ConfirmCharge bool
	RespondAsync  bool
	AccountID     string
	APIToken      string
}

type DomainRegisterResult added in v0.10.0 

type DomainRegisterResult struct {
	AccountID    string                       `json:"account_id"`
	Availability cloudflareRegistrarDomain    `json:"availability"`
	Workflow     *cloudflareRegistrarWorkflow `json:"workflow,omitempty"`
}

func RegisterDomain added in v0.10.0 

func RegisterDomain(u *ui.UI, opts DomainRegisterOptions) (*DomainRegisterResult, error)

type DomainSearchOptions added in v0.10.0 

type DomainSearchOptions struct {
	Query      string
	Extensions []string
	Limit      int
	AccountID  string
	APIToken   string
}

type DomainSearchResult added in v0.10.0 

type DomainSearchResult struct {
	AccountID string                      `json:"account_id"`
	Domains   []cloudflareRegistrarDomain `json:"domains"`
}

func SearchDomains added in v0.10.0 

func SearchDomains(opts DomainSearchOptions) (*DomainSearchResult, error)

type LoginOptions 

type LoginOptions struct {
	Hostname          string
	TransportProtocol string

	// OverwriteDNS passes --overwrite-dns to `cloudflared tunnel route dns`.
	// Without it, cloudflared refuses to replace an existing A/AAAA/CNAME
	// record at the hostname, so re-running the wizard after a prior attempt
	// fails with "An A, AAAA, or CNAME record with that host already exists"
	// (Cloudflare API error 1003).
	OverwriteDNS bool
}

type ProvisionOptions 

type ProvisionOptions struct {
	Hostname          string
	AccountID         string
	ZoneID            string
	APIToken          string
	TransportProtocol string
}

ProvisionOptions configures `obol tunnel provision`.

type RestartOptions added in v0.10.0 

type RestartOptions struct {
	TransportProtocol string
}

type SetupOptions added in v0.10.0 

type SetupOptions struct {
	Hostname          string
	Management        string
	TransportProtocol string
	AccountID         string
	ZoneID            string
	APIToken          string
	RegisterDomain    bool
	Years             int
	AutoRenew         bool
	PrivacyMode       string
	ConfirmCharge     bool

	// OverwriteDNS forwards --overwrite-dns to the underlying
	// `cloudflared tunnel route dns` invocation in local-managed mode, so a
	// prior CNAME at the hostname is replaced instead of failing the wizard.
	// Has no effect in remote-managed mode (the Cloudflare API path performs
	// its own upsert).
	OverwriteDNS bool
}

type SetupResult added in v0.10.0 

type SetupResult struct {
	Hostname           string                       `json:"hostname"`
	URL                string                       `json:"url"`
	Mode               string                       `json:"mode"`
	ManagementMode     string                       `json:"management_mode"`
	TransportProtocol  string                       `json:"transport_protocol,omitempty"`
	AccountID          string                       `json:"account_id,omitempty"`
	ZoneID             string                       `json:"zone_id,omitempty"`
	RegistrationStatus *cloudflareRegistrarWorkflow `json:"registration_status,omitempty"`
}

func Setup added in v0.10.0 

func Setup(cfg *config.Config, u *ui.UI, opts SetupOptions) (*SetupResult, error)

type TunnelState added in v0.5.0 

type TunnelState = tunnelState

TunnelState is an exported alias so other packages (agent, openclaw) can read tunnel state without reaching into unexported types.

func LoadTunnelState added in v0.5.0 

func LoadTunnelState(cfg *config.Config) (*TunnelState, error)

LoadTunnelState reads the persisted tunnel state from disk. Returns (nil, nil) if no state file exists.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.