Skip to content

Instantly share code, notes, and snippets.

@aessing
Last active November 6, 2023 23:22
Show Gist options
  • Save aessing/b3395db31a9feb076e6602d53135560c to your computer and use it in GitHub Desktop.
Save aessing/b3395db31a9feb076e6602d53135560c to your computer and use it in GitHub Desktop.
Install Cloudlflare daemon (cloudflared) on Linux (Ubuntu) - DNS-over-HTTPS
#!/bin/bash
# =============================================================================
# Install Cloudlflare daemon (cloudflared) on Linux (Ubuntu) - DNS-over-HTTPS
# https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy/
# https://developers.cloudflare.com/argo-tunnel/downloads
# -----------------------------------------------------------------------------
# Developer.......: Andre Essing (https://www.andre-essing.de/)
# (https://github.com/aessing)
# (https://twitter.com/aessing)
# (https://www.linkedin.com/in/aessing/)
# -----------------------------------------------------------------------------
# THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
# EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
# =============================================================================
# Download
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.deb
sudo chown _apt:root cloudflared-stable-linux-amd64.deb
sudo chmod 700 cloudflared-stable-linux-amd64.deb
# Create a user
sudo useradd -r -M -s /usr/sbin/nologin -c "Cloudflared user" -U cloudflared
sudo passwd -l cloudflared
sudo chage -E 0 cloudflared
# Install
sudo apt-get install ./cloudflared-stable-linux-amd64.deb
sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared
sudo chmod 750 /usr/local/bin/cloudflared
# Configure cloudflared
echo "CLOUDFLARED_OPTS=--address 127.0.0.1 --port 5353 --upstream https://1.1.1.2/dns-query --upstream https://1.0.0.2/dns-query" | sudo tee /etc/default/cloudflared
sudo chown cloudflared:cloudflared /etc/default/cloudflared
sudo chmod 640 /etc/default/cloudflared
sudo chmod 755 /usr/local/bin
# Create startup script
echo '[Unit]
Description=cloudflared DNS over HTTPS proxy
After=syslog.target network-online.target
[Service]
Type=simple
User=cloudflared
EnvironmentFile=/etc/default/cloudflared
ExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTS
Restart=on-failure
RestartSec=10
KillMode=process
[Install]
WantedBy=multi-user.target' | sudo tee /lib/systemd/system/cloudflared.service
sudo chmod 644 /lib/systemd/system/cloudflared.service
sudo chown root:root /lib/systemd/system/cloudflared.service
# Create update script
echo '#!/bin/bash
/usr/local/bin/cloudflared update
sudo systemctl restart cloudflared' | sudo tee /etc/cron.daily/cloudflared-updater
sudo chmod 755 /etc/cron.daily/cloudflared-updater
sudo chown root:root /etc/cron.daily/cloudflared-updater
# Enable cloudflared and start
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflared
# Clean the kitchen
sudo rm -r cloudflared-stable-linux-amd64.deb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment