From 1ade7743e63cc80c33f6b1f39d1894cc89beae37 Mon Sep 17 00:00:00 2001 From: Jakob Meier Date: Mon, 24 Jul 2023 14:43:34 +0200 Subject: [PATCH] cloudflare: new role used to setup cloudflare tunnel docker container, with provided token NOTE: domain configuration has to be done in the cloudflare zero trust dashboard --- roles/cloudflare/defaults/main.yml | 2 ++ roles/cloudflare/tasks/main.yml | 3 +++ roles/cloudflare/tasks/setup.yml | 7 +++++++ run.yml | 10 ++++++++++ 4 files changed, 22 insertions(+) create mode 100644 roles/cloudflare/defaults/main.yml create mode 100644 roles/cloudflare/tasks/main.yml create mode 100644 roles/cloudflare/tasks/setup.yml diff --git a/roles/cloudflare/defaults/main.yml b/roles/cloudflare/defaults/main.yml new file mode 100644 index 0000000..f66243a --- /dev/null +++ b/roles/cloudflare/defaults/main.yml @@ -0,0 +1,2 @@ +--- +cloudflare_tunnel_token: "changeme" diff --git a/roles/cloudflare/tasks/main.yml b/roles/cloudflare/tasks/main.yml new file mode 100644 index 0000000..f9c866b --- /dev/null +++ b/roles/cloudflare/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- name: Setup cloudflare tunnel docker image + ansible.builtin.include_tasks: setup.yml diff --git a/roles/cloudflare/tasks/setup.yml b/roles/cloudflare/tasks/setup.yml new file mode 100644 index 0000000..4d76d40 --- /dev/null +++ b/roles/cloudflare/tasks/setup.yml @@ -0,0 +1,7 @@ +--- +- name: Setup Cloudflare Tunnel connector + community.docker.docker_container: + name: cloudflared + image: cloudflare/cloudflared:latest + restart_policy: unless-stopped + command: tunnel --no-autoupdate run --token {{ cloudflare_tunnel_token }} diff --git a/run.yml b/run.yml index 01b4f19..2235c9f 100644 --- a/run.yml +++ b/run.yml @@ -21,3 +21,13 @@ roles: - role: nextcloud tags: cloud + +############################################ +# SETUP CLOUDFLARE TUNNEL +# used to circumvent NAT restrictions +############################################ +- name: Setup cloudflare tunnel + hosts: ananas + roles: + - role: cloudflare + tags: tunnel -- 2.38.5