Update versions.json

cloudflare-tunnel/README.txt

@@ -0,0 +1,69 @@
+Cloudflare Tunnel Template for Dropshell
+=========================================
+
+This template deploys a Cloudflare Tunnel (cloudflared) to securely expose your local services 
+to the internet without opening firewall ports or having a public IP address.
+
+PREREQUISITES
+-------------
+1. A Cloudflare account (free tier works)
+2. A domain added to Cloudflare
+3. A tunnel token from the Cloudflare Zero Trust dashboard
+
+SETUP INSTRUCTIONS
+------------------
+1. Log into Cloudflare Dashboard: https://one.dash.cloudflare.com/
+2. Navigate to: Zero Trust -> Access -> Tunnels
+3. Click "Create a tunnel"
+4. Choose "Cloudflared" and click Next
+5. Name your tunnel (e.g., "my-server-tunnel")
+6. Copy the token from the install command (it's the long string after --token)
+7. Save the tunnel (you'll configure routes in the dashboard later)
+
+CONFIGURATION
+-------------
+Edit config/service.env and set:
+- TUNNEL_TOKEN: Your tunnel token (required)
+- TUNNEL_NAME: A friendly name for logs (optional)
+- EXTRA_ARGS: Additional cloudflared arguments (optional)
+
+ROUTING CONFIGURATION
+--------------------
+After the tunnel is running, configure routes in the Cloudflare dashboard:
+1. Go to your tunnel's configuration page
+2. Click "Configure" 
+3. Add public hostname routes to your local services:
+   - Subdomain: app
+   - Domain: yourdomain.com
+   - Type: HTTP
+   - URL: localhost:8080 (or your service's local address)
+
+FEATURES
+--------
+- Automatic reconnection on network issues
+- No firewall configuration needed
+- Free SSL certificates
+- DDoS protection included
+- Works behind NAT/CGNAT
+- Automatic updates via watchtower
+
+COMMON USE CASES
+---------------
+- Expose web services: Route subdomain.yourdomain.com -> localhost:port
+- SSH access: Configure SSH routes in dashboard
+- Multiple services: Add multiple public hostname routes
+- Internal services: Use private network routes for VPN-like access
+
+TROUBLESHOOTING
+--------------
+- Check logs: ds logs [server] cloudflare-tunnel
+- Verify token: Ensure TUNNEL_TOKEN is set correctly
+- Check dashboard: Verify tunnel shows as "Active" in Cloudflare dashboard
+- Test locally: curl http://localhost:yourport to verify service is running
+
+NOTES
+-----
+- The tunnel will automatically start on system reboot
+- One tunnel can handle multiple services via dashboard routing
+- Token should be kept secret - it provides full tunnel access
+- Free tier allows up to 50 users for private applications

cloudflare-tunnel/config/.template_info.env

@@ -0,0 +1,22 @@
+# DO NOT EDIT THIS FILE FOR YOUR SERVICE!
+# This file is replaced from the template whenever there is an update.
+# Edit the service.env file to make changes.
+
+# Template to use - always required!
+TEMPLATE=cloudflare-tunnel
+REQUIRES_HOST_ROOT=false
+REQUIRES_DOCKER=true
+REQUIRES_DOCKER_ROOT=false
+
+# Service settings
+CONTAINER_NAME=cloudflare-tunnel
+
+# Image settings
+IMAGE_REGISTRY="docker.io"
+IMAGE_REPO="cloudflare/cloudflared"
+IMAGE_TAG="latest"
+
+# Tunnel settings (to be overridden in service.env)
+TUNNEL_TOKEN=""
+TUNNEL_NAME="dropshell-tunnel"
+EXTRA_ARGS=""

cloudflare-tunnel/config/service.env

@@ -0,0 +1,25 @@
+# Service settings for Cloudflare Tunnel
+# Simple configuration - just set your tunnel token!
+
+# Container configuration
+CONTAINER_NAME=cloudflare-tunnel
+IMAGE_REGISTRY=docker.io
+IMAGE_REPO=cloudflare/cloudflared
+IMAGE_TAG=latest
+
+# REQUIRED: Your Cloudflare Tunnel token
+# Get this from: https://one.dash.cloudflare.com/ -> Zero Trust -> Access -> Tunnels
+# Create a tunnel and copy the token from the install command
+TUNNEL_TOKEN=
+
+# Optional: Tunnel name (for identification in logs)
+TUNNEL_NAME=dropshell-tunnel
+
+# Optional: Additional cloudflared arguments
+# Examples:
+# EXTRA_ARGS="--loglevel debug"
+# EXTRA_ARGS="--metrics localhost:2000"
+EXTRA_ARGS=
+
+# Server Settings (usually don't need to change)
+SSH_USER="dropshell"

cloudflare-tunnel/destroy.sh

@@ -0,0 +1,26 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME"
+
+echo "WARNING: This will completely remove the Cloudflare Tunnel container."
+echo "The tunnel configuration in Cloudflare dashboard will remain."
+echo ""
+read -p "Are you sure you want to destroy the Cloudflare Tunnel? (yes/no): " confirm
+
+if [ "$confirm" != "yes" ]; then
+    echo "Destruction cancelled"
+    exit 0
+fi
+
+# Stop and remove the container
+bash ./uninstall.sh
+
+echo ""
+echo "Cloudflare Tunnel has been destroyed."
+echo ""
+echo "To remove the tunnel from Cloudflare completely:"
+echo "1. Go to: https://one.dash.cloudflare.com/"
+echo "2. Navigate to: Zero Trust -> Access -> Tunnels"
+echo "3. Find your tunnel and click the three dots menu"
+echo "4. Select 'Delete'"

cloudflare-tunnel/install.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME" "IMAGE_REGISTRY" "IMAGE_REPO" "IMAGE_TAG" "TUNNEL_TOKEN"
+
+# Check if tunnel token is set
+if [ -z "$TUNNEL_TOKEN" ] || [ "$TUNNEL_TOKEN" = "" ]; then
+    _die "TUNNEL_TOKEN is not set in config/service.env! Please add your Cloudflare Tunnel token."
+fi
+
+# Validate token format (basic check - should be a long base64-ish string)
+if [ ${#TUNNEL_TOKEN} -lt 100 ]; then
+    echo "Warning: TUNNEL_TOKEN seems too short. Ensure you copied the entire token."
+fi
+
+_check_docker_installed || _die "Docker test failed, aborting installation..."
+
+echo "Pulling Cloudflare Tunnel image..."
+docker pull "$IMAGE_REGISTRY/$IMAGE_REPO:$IMAGE_TAG" || _die "Failed to pull image $IMAGE_REGISTRY/$IMAGE_REPO:$IMAGE_TAG"
+
+# Stop and remove existing container if it exists
+if _is_container_exists "$CONTAINER_NAME"; then
+    echo "Removing existing container..."
+    bash ./stop.sh 2>/dev/null || true
+    _remove_container "$CONTAINER_NAME" || true
+fi
+
+# Start the tunnel
+bash ./start.sh || _die "Failed to start Cloudflare Tunnel"
+
+echo ""
+echo "=========================================="
+echo "Cloudflare Tunnel installation complete!"
+echo "=========================================="
+echo ""
+echo "Next steps:"
+echo "1. Check tunnel status: ds status [server] cloudflare-tunnel"
+echo "2. View logs: ds logs [server] cloudflare-tunnel"
+echo "3. Configure routes in Cloudflare dashboard:"
+echo "   https://one.dash.cloudflare.com/ -> Zero Trust -> Access -> Tunnels"
+echo ""
+echo "Your tunnel should appear as 'Active' in the dashboard within 30 seconds."

cloudflare-tunnel/logs.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME"
+
+if ! _is_container_exists "$CONTAINER_NAME"; then
+    echo "Container $CONTAINER_NAME does not exist"
+    exit 1
+fi
+
+# Show logs with follow by default
+echo "Showing logs for Cloudflare Tunnel (Ctrl+C to exit)..."
+echo "======================================================="
+docker logs -f "$CONTAINER_NAME" 2>&1

cloudflare-tunnel/start.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME" "IMAGE_REGISTRY" "IMAGE_REPO" "IMAGE_TAG" "TUNNEL_TOKEN"
+
+# Check if tunnel token is set
+if [ -z "$TUNNEL_TOKEN" ] || [ "$TUNNEL_TOKEN" = "" ]; then
+    _die "TUNNEL_TOKEN is not set in config/service.env! Please add your Cloudflare Tunnel token."
+fi
+
+echo "Starting Cloudflare Tunnel..."
+
+# Build the docker run command
+DOCKER_RUN_CMD="docker run -d \
+    --restart unless-stopped \
+    --name ${CONTAINER_NAME} \
+    --network host \
+    ${IMAGE_REGISTRY}/${IMAGE_REPO}:${IMAGE_TAG} \
+    tunnel --no-autoupdate run --token ${TUNNEL_TOKEN}"
+
+# Add extra arguments if specified
+if [ -n "$EXTRA_ARGS" ]; then
+    DOCKER_RUN_CMD="${DOCKER_RUN_CMD} ${EXTRA_ARGS}"
+fi
+
+# Create and start the container
+if ! _create_and_start_container "$DOCKER_RUN_CMD" "$CONTAINER_NAME"; then
+    _die "Failed to start Cloudflare Tunnel container"
+fi
+
+# Give it a moment to connect
+sleep 2
+
+# Check if the container is still running (didn't crash immediately)
+if ! _is_container_running "$CONTAINER_NAME"; then
+    echo "Container failed to start. Checking logs..."
+    docker logs "$CONTAINER_NAME" 2>&1 | tail -20
+    _die "Cloudflare Tunnel container exited unexpectedly. Check the TUNNEL_TOKEN and logs above."
+fi
+
+echo ""
+echo "Cloudflare Tunnel started successfully!"
+echo "Container: ${CONTAINER_NAME}"
+echo ""
+echo "The tunnel should appear as 'Active' in your Cloudflare dashboard within 30 seconds."
+echo "Configure routes at: https://one.dash.cloudflare.com/ -> Zero Trust -> Access -> Tunnels"

cloudflare-tunnel/status.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME"
+
+echo "Cloudflare Tunnel Status"
+echo "========================"
+
+if ! _is_container_exists "$CONTAINER_NAME"; then
+    echo "Status: NOT INSTALLED"
+    echo ""
+    echo "The Cloudflare Tunnel container does not exist."
+    echo "Run 'ds install [server] cloudflare-tunnel' to set it up."
+    exit 1
+fi
+
+if ! _is_container_running "$CONTAINER_NAME"; then
+    echo "Status: STOPPED"
+    echo ""
+    echo "The Cloudflare Tunnel container exists but is not running."
+    echo "Run 'ds start [server] cloudflare-tunnel' to start it."
+    exit 1
+fi
+
+# Get container details
+CONTAINER_ID=$(_get_container_id "$CONTAINER_NAME")
+CONTAINER_STATUS=$(_get_container_status "$CONTAINER_NAME")
+
+echo "Status: RUNNING"
+echo "Container: $CONTAINER_NAME"
+echo "ID: $CONTAINER_ID"
+echo "State: $CONTAINER_STATUS"
+echo ""
+
+# Show recent logs to check connection status
+echo "Recent connection status:"
+echo "-------------------------"
+docker logs "$CONTAINER_NAME" 2>&1 | grep -E "(Registered|Connected|failed|error)" | tail -5
+
+echo ""
+echo "Dashboard: https://one.dash.cloudflare.com/ -> Zero Trust -> Access -> Tunnels"
+echo "View full logs: ds logs [server] cloudflare-tunnel"
+
+exit 0

cloudflare-tunnel/stop.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME"
+
+if ! _is_container_exists "$CONTAINER_NAME"; then
+    echo "Container $CONTAINER_NAME does not exist"
+    exit 0
+fi
+
+if ! _is_container_running "$CONTAINER_NAME"; then
+    echo "Container $CONTAINER_NAME is not running"
+    exit 0
+fi
+
+echo "Stopping Cloudflare Tunnel..."
+_stop_container "$CONTAINER_NAME" || _die "Failed to stop container $CONTAINER_NAME"
+
+echo "Cloudflare Tunnel stopped"
+echo ""
+echo "Note: The tunnel will show as 'Inactive' in your Cloudflare dashboard."
+echo "Start it again with: ds start [server] cloudflare-tunnel"

cloudflare-tunnel/uninstall.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+source "${AGENT_PATH}/common.sh"
+_check_required_env_vars "CONTAINER_NAME"
+
+echo "Uninstalling Cloudflare Tunnel..."
+
+# Stop the container if running
+if _is_container_running "$CONTAINER_NAME"; then
+    echo "Stopping container $CONTAINER_NAME..."
+    _stop_container "$CONTAINER_NAME" || echo "Warning: Failed to stop container"
+fi
+
+# Remove the container
+if _is_container_exists "$CONTAINER_NAME"; then
+    echo "Removing container $CONTAINER_NAME..."
+    _remove_container "$CONTAINER_NAME" || _die "Failed to remove container"
+fi
+
+echo ""
+echo "Cloudflare Tunnel has been uninstalled."
+echo ""
+echo "Note: The tunnel configuration in your Cloudflare dashboard remains intact."
+echo "You can reinstall anytime using the same TUNNEL_TOKEN."
+echo ""
+echo "To completely remove the tunnel, delete it from:"
+echo "https://one.dash.cloudflare.com/ -> Zero Trust -> Access -> Tunnels"