Last active
November 6, 2023 23:22
-
-
Save aessing/b3395db31a9feb076e6602d53135560c to your computer and use it in GitHub Desktop.
Install Cloudlflare daemon (cloudflared) on Linux (Ubuntu) - DNS-over-HTTPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# ============================================================================= | |
# Install Cloudlflare daemon (cloudflared) on Linux (Ubuntu) - DNS-over-HTTPS | |
# https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy/ | |
# https://developers.cloudflare.com/argo-tunnel/downloads | |
# ----------------------------------------------------------------------------- | |
# Developer.......: Andre Essing (https://www.andre-essing.de/) | |
# (https://github.com/aessing) | |
# (https://twitter.com/aessing) | |
# (https://www.linkedin.com/in/aessing/) | |
# ----------------------------------------------------------------------------- | |
# THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, | |
# EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED | |
# WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. | |
# ============================================================================= | |
# Download | |
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.deb | |
sudo chown _apt:root cloudflared-stable-linux-amd64.deb | |
sudo chmod 700 cloudflared-stable-linux-amd64.deb | |
# Create a user | |
sudo useradd -r -M -s /usr/sbin/nologin -c "Cloudflared user" -U cloudflared | |
sudo passwd -l cloudflared | |
sudo chage -E 0 cloudflared | |
# Install | |
sudo apt-get install ./cloudflared-stable-linux-amd64.deb | |
sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared | |
sudo chmod 750 /usr/local/bin/cloudflared | |
# Configure cloudflared | |
echo "CLOUDFLARED_OPTS=--address 127.0.0.1 --port 5353 --upstream https://1.1.1.2/dns-query --upstream https://1.0.0.2/dns-query" | sudo tee /etc/default/cloudflared | |
sudo chown cloudflared:cloudflared /etc/default/cloudflared | |
sudo chmod 640 /etc/default/cloudflared | |
sudo chmod 755 /usr/local/bin | |
# Create startup script | |
echo '[Unit] | |
Description=cloudflared DNS over HTTPS proxy | |
After=syslog.target network-online.target | |
[Service] | |
Type=simple | |
User=cloudflared | |
EnvironmentFile=/etc/default/cloudflared | |
ExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTS | |
Restart=on-failure | |
RestartSec=10 | |
KillMode=process | |
[Install] | |
WantedBy=multi-user.target' | sudo tee /lib/systemd/system/cloudflared.service | |
sudo chmod 644 /lib/systemd/system/cloudflared.service | |
sudo chown root:root /lib/systemd/system/cloudflared.service | |
# Create update script | |
echo '#!/bin/bash | |
/usr/local/bin/cloudflared update | |
sudo systemctl restart cloudflared' | sudo tee /etc/cron.daily/cloudflared-updater | |
sudo chmod 755 /etc/cron.daily/cloudflared-updater | |
sudo chown root:root /etc/cron.daily/cloudflared-updater | |
# Enable cloudflared and start | |
sudo systemctl enable cloudflared | |
sudo systemctl start cloudflared | |
sudo systemctl status cloudflared | |
# Clean the kitchen | |
sudo rm -r cloudflared-stable-linux-amd64.deb |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment