cloudflare tunnel over GRE

Started by simoneweb, August 13, 2024, 05:27:21 AM

Previous topic - Next topic
how do I install the cloudflared service on opensense and be able to establish a tunnel with cloudflare?

I did found this guide: https://www.jackpearce.co.uk/cloudflared-opnsense/

after the installation I coudn't find this folder: cd /usr/ports/security/cloudflared

The correct path is /usr/ports/net/cloudflared

Just to follow-up with this:

I followed the same aforementioned guide, https://www.jackpearce.co.uk/cloudflared-opnsense/

However, I am getting stuck on the portion:

"nano /usr/local/etc/rc.d/cloudflared modify so that it matches below. We're just removing ${cloudflared_conf} from the command arguments as we're supplying a token instead of using a config.yaml"

I can't seem to get to the config.yaml portion. I followed the steps and was able to do everything prior to without issue. But I guess I'm stuck at step 5

Seems to me there's (now) a typo on the page.

The page used to look like this a couple of months back:

https://web.archive.org/web/20240202030437/https://www.jackpearce.co.uk/cloudflared-opnsense/

You can clearly see that the line

: ${cloudflared_conf:="/usr/local/etc/cloudflared/config.yml"}

is removed in the "/usr/local/etc/rc.d/cloudflared" file.

On the current version though, the line is not removed any more, which contradicts the accompanying text which states "We're just removing ${cloudflared_conf} from the command arguments".

I just added # at the beginning of this line to comment it out – I prefer it to deleting the line.

I'm not sure what you meant by "I can't seem to get to the config.yaml portion" though, so I'm not sure my comment helps.

Dear All,
I was following the same guide on the latest opnsense version, but I struggle due to the following error:

ERR Failed to dial a quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve"

I am trying to start up the service like this:
cloudflared tunnel --post-quantum --no-autoupdate run --token my_token
Any suggestion is highly welcomed!
Thank you in advance!

Found the solution.
Cause: outdated go package

How to fix:

cd /usr/ports/net/cloudflared
make deinstall
make cleanup

EDIT file:   /usr/ports/net/cloudflared/Makefile
FROM         USES=    cpe go:1.22,modules
TO           USES=    cpe go:1.24,modules

make install

cloudflared tunnel --no-autoupdate run --token MY_TOKEN

OPTIONAL (in case of certificate issues) :
Cloudflare Dashboard -> Tunnels -> EDIT tunnel -> Public Hostnames TAB + EDIT -> TLS -> No TLS Verify: ON