aessing/install-Cloudflared.sh

## install-Cloudflared.sh
#!/bin/bash
# =============================================================================
# Install Cloudlflare daemon (cloudflared) on Linux (Ubuntu) - DNS-over-HTTPS
# https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy/
# https://developers.cloudflare.com/argo-tunnel/downloads
# -----------------------------------------------------------------------------
# Developer.......: Andre Essing (https://www.andre-essing.de/)
#                                (https://github.com/aessing)
#                                (https://twitter.com/aessing)
#                                (https://www.linkedin.com/in/aessing/)
# -----------------------------------------------------------------------------
# THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
# EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
# =============================================================================

# Download
wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.deb
sudo chown _apt:root cloudflared-stable-linux-amd64.deb
sudo chmod 700 cloudflared-stable-linux-amd64.deb

# Create a user
sudo useradd -r -M -s /usr/sbin/nologin -c "Cloudflared user" -U cloudflared
sudo passwd -l cloudflared
sudo chage -E 0 cloudflared

# Install
sudo apt-get install ./cloudflared-stable-linux-amd64.deb
sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared
sudo chmod 750 /usr/local/bin/cloudflared

# Configure cloudflared
echo "CLOUDFLARED_OPTS=--address 127.0.0.1 --port 5353 --upstream https://1.1.1.2/dns-query --upstream https://1.0.0.2/dns-query" | sudo tee /etc/default/cloudflared
sudo chown cloudflared:cloudflared /etc/default/cloudflared
sudo chmod 640 /etc/default/cloudflared
sudo chmod 755 /usr/local/bin

# Create startup script
echo '[Unit]
Description=cloudflared DNS over HTTPS proxy
After=syslog.target network-online.target

[Service]
Type=simple
User=cloudflared
EnvironmentFile=/etc/default/cloudflared
ExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTS
Restart=on-failure
RestartSec=10
KillMode=process

[Install]
WantedBy=multi-user.target' | sudo tee /lib/systemd/system/cloudflared.service
sudo chmod 644 /lib/systemd/system/cloudflared.service
sudo chown root:root /lib/systemd/system/cloudflared.service

# Create update script
echo '#!/bin/bash
/usr/local/bin/cloudflared update
sudo systemctl restart cloudflared' | sudo tee /etc/cron.daily/cloudflared-updater
sudo chmod 755 /etc/cron.daily/cloudflared-updater
sudo chown root:root /etc/cron.daily/cloudflared-updater

# Enable cloudflared and start
sudo systemctl enable cloudflared
sudo systemctl start cloudflared
sudo systemctl status cloudflared

# Clean the kitchen
sudo rm -r cloudflared-stable-linux-amd64.deb
	#!/bin/bash
	# =============================================================================
	# Install Cloudlflare daemon (cloudflared) on Linux (Ubuntu) - DNS-over-HTTPS
	# https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy/
	# https://developers.cloudflare.com/argo-tunnel/downloads
	# -----------------------------------------------------------------------------
	# Developer.......: Andre Essing (https://www.andre-essing.de/)
	# (https://github.com/aessing)
	# (https://twitter.com/aessing)
	# (https://www.linkedin.com/in/aessing/)
	# -----------------------------------------------------------------------------
	# THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
	# EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
	# WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
	# =============================================================================

	# Download
	wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.deb
	sudo chown _apt:root cloudflared-stable-linux-amd64.deb
	sudo chmod 700 cloudflared-stable-linux-amd64.deb

	# Create a user
	sudo useradd -r -M -s /usr/sbin/nologin -c "Cloudflared user" -U cloudflared
	sudo passwd -l cloudflared
	sudo chage -E 0 cloudflared

	# Install
	sudo apt-get install ./cloudflared-stable-linux-amd64.deb
	sudo chown cloudflared:cloudflared /usr/local/bin/cloudflared
	sudo chmod 750 /usr/local/bin/cloudflared

	# Configure cloudflared
	echo "CLOUDFLARED_OPTS=--address 127.0.0.1 --port 5353 --upstream https://1.1.1.2/dns-query --upstream https://1.0.0.2/dns-query" \| sudo tee /etc/default/cloudflared
	sudo chown cloudflared:cloudflared /etc/default/cloudflared
	sudo chmod 640 /etc/default/cloudflared
	sudo chmod 755 /usr/local/bin

	# Create startup script
	echo '[Unit]
	Description=cloudflared DNS over HTTPS proxy
	After=syslog.target network-online.target

	[Service]
	Type=simple
	User=cloudflared
	EnvironmentFile=/etc/default/cloudflared
	ExecStart=/usr/local/bin/cloudflared proxy-dns $CLOUDFLARED_OPTS
	Restart=on-failure
	RestartSec=10
	KillMode=process

	[Install]
	WantedBy=multi-user.target' \| sudo tee /lib/systemd/system/cloudflared.service
	sudo chmod 644 /lib/systemd/system/cloudflared.service
	sudo chown root:root /lib/systemd/system/cloudflared.service

	# Create update script
	echo '#!/bin/bash
	/usr/local/bin/cloudflared update
	sudo systemctl restart cloudflared' \| sudo tee /etc/cron.daily/cloudflared-updater
	sudo chmod 755 /etc/cron.daily/cloudflared-updater
	sudo chown root:root /etc/cron.daily/cloudflared-updater

	# Enable cloudflared and start
	sudo systemctl enable cloudflared
	sudo systemctl start cloudflared
	sudo systemctl status cloudflared

	# Clean the kitchen
	sudo rm -r cloudflared-stable-linux-amd64.deb