tunnel

package
v0.9.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2026 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConfirmQuickTunnelLoss added in v0.9.0 

func ConfirmQuickTunnelLoss(cfg *config.Config, u *ui.UI, currentURL, action string) bool

ConfirmQuickTunnelLoss warns the user when a destructive action is about to invalidate an active quick tunnel URL, and asks whether to proceed. Returns true when the caller should continue.

Quick tunnels get a fresh *.trycloudflare.com URL on every cluster recreate or `obol tunnel restart`, so anyone who bookmarked or registered the old URL will see 530 errors until they re-discover via /skill.md. Persistent (DNS) tunnels are stable across these events and skip the warning.

Pass currentURL as discovered from the running cloudflared pod (or "" when none). In non-interactive sessions, Confirm returns its default (true), so automation and CI flows print the warning but do not block.

func CreateStorefront added in v0.8.0 

func CreateStorefront(cfg *config.Config, tunnelURL string) error

CreateStorefront creates (or updates) a simple HTML landing page served at the tunnel hostname's root path. This uses the same busybox-httpd + ConfigMap pattern as the .well-known registration in monetize.py.

func DeleteStorefront added in v0.8.0 

func DeleteStorefront(cfg *config.Config) error

DeleteStorefront removes the storefront landing page resources.

func EnsureRunning added in v0.8.0 

func EnsureRunning(cfg *config.Config, u *ui.UI) (string, error)

EnsureRunning is the historical alias for WaitReady. New callers should prefer WaitReady directly; this is kept so existing call sites compile unchanged.

func EnsureTunnelForSell added in v0.8.0 

func EnsureTunnelForSell(cfg *config.Config, u *ui.UI) (string, error)

EnsureTunnelForSell ensures the tunnel is running and propagates the URL to the public service discovery surfaces needed by seller flows. It updates the frontend ConfigMap and storefront, but deliberately avoids syncing the obol-agent overlay. The agent overlay should be updated by explicit tunnel provisioning/login flows, not every ServiceOffer mutation.

func GetTunnelURL 

func GetTunnelURL(cfg *config.Config) (string, error)

GetTunnelURL parses cloudflared logs to extract the quick tunnel URL.

func InjectBaseURL added in v0.8.0 

func InjectBaseURL(cfg *config.Config, tunnelURL string) error

InjectBaseURL sets AGENT_BASE_URL on the default Hermes deployment so that monetize.py uses the tunnel URL in registration JSON.

func IsQuickTunnelHealthy added in v0.9.0 

func IsQuickTunnelHealthy(cfg *config.Config) bool

IsQuickTunnelHealthy reports whether a quick (anonymous *.trycloudflare.com) tunnel is currently serving — pod is Running and a URL has been captured from its logs. Returns false for persistent (DNS) tunnels and for any failure mode (no kubeconfig, no pod, no URL).

Used by `obol stack up` to skip the cloudflared chart sync when the URL would otherwise be invalidated. Persistent tunnels survive helmfile sync because the chart renders replicas: 1 for them; quick tunnels do not, so re-syncing the chart kills the running pod and rotates the URL.

func Login 

func Login(cfg *config.Config, u *ui.UI, opts LoginOptions) error

Login provisions a locally-managed tunnel using `cloudflared tunnel login` (browser auth), then writes the required credentials/config into Kubernetes and upgrades the cloudflared Helm release so the in-cluster connector runs the locally-managed tunnel.

Docs: - Create a locally-managed tunnel: https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/do-more-with-tunnels/local-management/create-local-tunnel/ - Configuration file for published apps: https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/do-more-with-tunnels/local-management/configuration-file/ - `origincert` run parameter (locally-managed tunnels): https://developers.cloudflare.com/cloudflare-one/networks/connectors/cloudflare-tunnel/configure-tunnels/cloudflared-parameters/run-parameters/

func Logs 

func Logs(cfg *config.Config, follow bool) error

Logs displays cloudflared logs.

func Provision 

func Provision(cfg *config.Config, u *ui.UI, opts ProvisionOptions) error

Provision provisions a persistent Cloudflare Tunnel routed via a proxied DNS record.

Based on Cloudflare's "Create a tunnel (API)" guide: - POST /accounts/$ACCOUNT_ID/cfd_tunnel - PUT /accounts/$ACCOUNT_ID/cfd_tunnel/$TUNNEL_ID/configurations - POST /zones/$ZONE_ID/dns_records (proxied CNAME to <tunnel-id>.cfargotunnel.com)

func Restart 

func Restart(cfg *config.Config, u *ui.UI) error

Restart restarts the cloudflared deployment and propagates the new tunnel URL to dependent resources (obol-stack-config ConfigMap, agent overlay, storefront HTTPRoute hostname pin). Quick tunnels get a new URL on every restart, so dependents must be refreshed or sell flows break:

  • skill.md / services.json embed the stale base URL until the controller observes the ConfigMap change
  • the storefront HTTPRoute is hostname-pinned; without an update it points at the old tunnel hostname and traffic to the new hostname's `/` falls through to the frontend catch-all

func Status 

func Status(cfg *config.Config, u *ui.UI) error

Status displays the current tunnel status and URL.

func Stop added in v0.8.0 

func Stop(cfg *config.Config, u *ui.UI) error

Stop scales the cloudflared deployment to 0 replicas.

func SyncAgentBaseURL added in v0.8.0 

func SyncAgentBaseURL(cfg *config.Config, tunnelURL string) error

SyncAgentBaseURL patches AGENT_BASE_URL in the default Hermes deployment and runs helmfile sync to apply the change. It is a no-op if the obol-agent deployment directory does not exist (agent not yet initialized).

func SyncTunnelConfigMap added in v0.8.0 

func SyncTunnelConfigMap(cfg *config.Config, tunnelURL string) error

SyncTunnelConfigMap creates or patches the obol-stack-config ConfigMap in the obol-frontend namespace with the current tunnel URL. The frontend reads this ConfigMap to construct the correct dashboard URL.

func WaitReady added in v0.9.0 

func WaitReady(cfg *config.Config, u *ui.UI) (string, error)

WaitReady scales the cloudflared deployment up if needed, then polls until BOTH the deployment rollout is complete AND a public *.trycloudflare.com URL has been captured from the pod logs. The budget is bounded by waitReadyTimeout (defaultWaitReadyTimeout / FLOW_TUNNEL_TIMEOUT). On timeout it returns an error that names both subjects (deployment + URL) so callers can distinguish a half-baked tunnel from a missing one.

Side effects on success: injects AGENT_BASE_URL into the agent deployment and writes the tunnel URL to the obol-frontend ConfigMap consumed by the serviceoffer-controller for ERC-8004 registration metadata.

Types

type LoginOptions 

type LoginOptions struct {
	Hostname string
}

type ProvisionOptions 

type ProvisionOptions struct {
	Hostname  string
	AccountID string
	ZoneID    string
	APIToken  string
}

ProvisionOptions configures `obol tunnel provision`.

type TunnelState added in v0.8.0 

type TunnelState = tunnelState

TunnelState is an exported alias so other packages (agent, openclaw) can read tunnel state without reaching into unexported types.

func LoadTunnelState added in v0.8.0 

func LoadTunnelState(cfg *config.Config) (*TunnelState, error)

LoadTunnelState reads the persisted tunnel state from disk. Returns (nil, nil) if no state file exists.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.