install.fairie/home/dot_local/etc/cloudflared/config.yml.tmpl
2023-12-23 11:08:39 +00:00

42 lines
No EOL
1.5 KiB
Cheetah

{{- $baseDomain := (join (join .host.hostname ".") .host.domain) -}}
{{- if eq .host.qubes true -}}
{{- $baseDomain := (join (join .host.hostname "-qube.") .host.domain) -}}
{{- end -}}
---
tunnel: {{ if eq .host.qubes true }}qube{{ else }}host{{ end }}-{{ .host.hostname }}
credentials-file: /usr/local/etc/cloudflared/credentials.json
warp-routing:
enabled: true
ingress:
- hostname: {{ $baseDomain }}
service: https://localhost:8014
- hostname: test.{{ $baseDomain }}
service: hello_world
- hostname: ssh.{{ $baseDomain }}
service: ssh://localhost:{{ .host.ssh.port }}
- hostname: rdp.{{ $baseDomain }}
service: rdp://localhost:3389
- hostname: samba.{{ $baseDomain }}
service: localhost:8445
- hostname: sftp.{{ $baseDomain }}
service: tcp://localhost:2022
- hostname: vnc.{{ $baseDomain }}
service: tcp://localhost:5901
{{- if eq .host.softwareGroup "Kubernetes" }}
- hostname: k8s.{{ .host.domain }}
service: bastion
{{- end }}
# Example of an HTTP request over a Unix socket:
# - hostname: {{ $baseDomain }}
# service: unix:/home/production/echo.sock
# Tunnel the baked-in Hello World test app for testing purposes
# Rules can match the request's path to a regular expression:
# - hostname: static.example.com
# path: \.(jpg|png|css|js)$
# service: https://localhost:8001
# Rules can match the request's hostname to a wildcard character:
# - hostname: "*.example.com"
# service: https://localhost:8002
- service: http_status:404