Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ivoronin/labelflared
This tool defines cloudflared ingress rules using Docker container labels
https://github.com/ivoronin/labelflared
Last synced: 5 days ago
JSON representation
This tool defines cloudflared ingress rules using Docker container labels
- Host: GitHub
- URL: https://github.com/ivoronin/labelflared
- Owner: ivoronin
- Created: 2023-05-03T11:36:12.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-05-05T11:59:26.000Z (over 1 year ago)
- Last Synced: 2024-06-21T04:52:25.584Z (5 months ago)
- Language: Go
- Size: 21.5 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
labelflared
===========
This tool assists in operating cloudflared within a standalone docker or docker-compose environment.
It enables the definition of cloudflared ingress rules using container labels.
It works by keeping an eye on the containers for changes, using a token and the container's label values to create a configuration file for cloudflared, and then restarting the cloudflared container to apply the new configuration.
Example docker-compose.yml
==========================
```yml
version: '3'
services:
cloudflared:
container_name: cloudflared
image: cloudflare/cloudflared:2023.4.2
volumes:
- "cloudflared_config:/etc/cloudflared"
command: tunnel --no-autoupdate run
labels:
- "labelflared.cloudflared"
depends_on:
labelflared:
condition: service_healthy
restart: on-failure
labelflared:
container_name: labelflared
image: labelflared
volumes:
- "cloudflared_config:/etc/cloudflared"
- "/var/run/docker.sock:/var/run/docker.sock"
healthcheck:
test: ["CMD", "test", "-s", "/etc/cloudflared/config.yml"]
interval: '5s'
environment:
CLOUDFLARED_TOKEN: ""
restart: on-failure
vaultwarden:
container_name: vaultwarden
image: vaultwarden/server:1.27.0
volumes:
- "/data/vaultwarden/data:/data"
environment:
SIGNUPS_ALLOWED: "false"
WEBSOCKET_ENABLED: "true"
SMTP_HOST: "smtp.example.com"
SMTP_PORT: "465"
SMTP_SECURITY: "force_tls"
SMTP_FROM: "[email protected]"
DOMAIN: "https://bitwarden.example.com"
ADMIN_TOKEN: "<...>"
restart: on-failure
labels:
- "labelflared.ingress.vaultwarden-websocket.hostname=bitwarden.example.com"
- "labelflared.ingress.vaultwarden-websocket.port=3012"
- "labelflared.ingress.vaultwarden-websocket.path=/notifications/hub"
- "labelflared.ingress.vaultwarden-websocket.priority=1000"
- "labelflared.ingress.vaultwarden-web.hostname=bitwarden.example.com"
- "labelflared.ingress.vaultwarden-web.port=80"
volumes:
cloudflared_config:
name: "cloudflared_config"
```
Environment Variables
=====================
- `CLOUDFLARED_TOKEN` - Base64 encoded cloudflared token. Required.
- `CLOUDFLARED_CONFIG_DIR` - Path to cloudflared config directory. Defaults to `/etc/cloudflared`.
- `LABEL_PREFIX` - Initial segment of a label that you can alter to form distinct sets of containers and their corresponding cloudflared instances. Defaults to `labelflared`.
- `SETTLEDOWN_TIMEOUT` - time in seconds to wait for things to stop changing before updating cloudflared configuration. Defaults to 5.
Label Syntax
============
cloudflared container must have `labelflared.cloudflared` label.
Service containers can have one or multiple ingress rules defined:
- `labelflared.ingress..protocol` - defaults to `http`
- `labelflared.ingress..hostname` - required if no `path` is set
- `labelflared.ingress..port` - defaults to `80`
- `labelflared.ingress..path` - required if no `hostname` is set
- `labelflared.ingress..priority` - the higher the number, the greater the rule's priority. defaults to `0`