Cloudflare/Argo Tunnel: Difference between revisions

Latest revision as of 03:22, 24 February 2025

Argo Tunnel

cat << EXE \| sudo bash mkdir -p /home/system/ SYS_USERS='chorke-com-argo chorke-org-argo shahed-biz-argo' for SYS_USER in \${SYS_USERS};do SYS_GROUP="\${SYS_USER}" if ! id -g \${SYS_USER} &>/dev/null;then addgroup --quiet --system \${SYS_GROUP};fi if ! id -u \${SYS_USER} &>/dev/null;then adduser --quiet --system --ingroup \${SYS_GROUP} --home /home/system/\${SYS_USER} --shell /bin/bash --disabled-password \${SYS_USER} chage -m 99999 -M 99999 -E -1 -I -1 \${SYS_USER} mkdir /home/system/\${SYS_USER}/.ssh touch /home/system/\${SYS_USER}/.ssh/config touch /home/system/\${SYS_USER}/.ssh/authorized_keys chown -R \${SYS_USER}:\${SYS_GROUP} /home/system/\${SYS_USER}/ chmod 600 /home/system/\${SYS_USER}/.ssh/authorized_keys chmod 600 /home/system/\${SYS_USER}/.ssh/config chmod 700 /home/system/\${SYS_USER}/.ssh fi done echo && ls -alh /home/system//.ssh/ echo && cat /etc/passwd\|awk -F : '\$3 >= 120 && \$3 < 900 {printf("%-6s » %s\n", \$3, \$1)}'\|sort -h echo && cat /etc/group \|awk -F : '\$3 >= 120 && \$3 < 900 {printf("%-6s » %s\n", \$3, \$1)}'\|sort -h && echo EXE

cat << EXE \| sudo bash mkdir -p /var/log/cloudflared/chorke.com chown chorke-com-argo:chorke-com-argo \ -R /var/log/cloudflared/chorke.com EXE	cat << EXE \| sudo bash mkdir -p /var/log/cloudflared/chorke.org chown chorke-org-argo:chorke-org-argo \ -R /var/log/cloudflared/chorke.org EXE	cat << EXE \| sudo bash mkdir -p /var/log/cloudflared/shahed.biz chown shahed-biz-argo:shahed-biz-argo \ -R /var/log/cloudflared/shahed.biz EXE

sudo -i -u chorke-com-argo LOGGER_BASE=/var/log/cloudflared/chorke.com	sudo -i -u chorke-org-argo LOGGER_BASE=/var/log/cloudflared/chorke.org	sudo -i -u shahed-biz-argo LOGGER_BASE=/var/log/cloudflared/shahed.biz

CONFIG_BASE=${HOME}/.cloudflared AUTHNZ_BASE=${HOME}/.cloudflared CONFIG_FILE=${CONFIG_BASE}/argo.yml LOGGER_FILE=${LOGGER_BASE}/argo.log AUTHNZ_FILE=${AUTHNZ_BASE}/argo.json cloudflared tunnel login cd ~/.cloudflared/ cloudflared tunnel create shahed-aa-${USER} cloudflared tunnel list --output=json\|jq -r '.[].name' ln -s ${CONFIG_BASE}/3d1105e6-e8f4-403e-9b2d-3367947e0a9e.json ${AUTHNZ_FILE} cloudflared tunnel route dns shahed-aa-${USER} aa

cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} ingress: - service: http://localhost hostname: aa.chorke.com - service: http_status:404 warp-routing: enabled: false # icmpv4-src: 10.19.83.68 private_network: - 10.19.83.0/24 dns: - 1.1.1.1 - 8.8.8.8 - 10.19.83.100 loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML	cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} ingress: - service: http://localhost hostname: aa.chorke.org - service: http_status:404 warp-routing: enabled: false # icmpv4-src: 10.19.83.68 private_network: - 10.19.83.0/24 dns: - 1.1.1.1 - 8.8.8.8 - 10.19.83.100 loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML	cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} ingress: - service: http://localhost hostname: aa.shahed.biz - service: http_status:404 warp-routing: enabled: true # icmpv4-src: 10.19.83.68 private_network: - 10.19.83.0/24 dns: - 1.1.1.1 - 8.8.8.8 - 10.19.83.100 loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML

cat <<'ENV'\|tee -a ${HOME}/.bashrc >/dev/null # cloudflare tunnel config export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml ENV cat <<'ENV'\|tee -a ${HOME}/.profile >/dev/null if [ -f ${HOME}/.bashrc ]; then . ${HOME}/.bashrc fi ENV source ~/.profile cat ~/.cloudflared/argo.yml cloudflared tunnel run shahed-aa-${USER} exit

SYSTEM_FILE=cloudflared@chorke.com.service SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} cat << INI \| sudo tee ${SYSTEM_PATH} >/dev/null [Unit] Description=cloudflared After=network-online.target Wants=network-online.target [Service] Group=chorke-com-argo User=chorke-com-argo TimeoutStartSec=0 Type=notify ExecStart=/usr/bin/cloudflared --no-autoupdate \ --config /home/system/chorke-com-argo/\ .cloudflared/argo.yml tunnel run Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target INI	SYSTEM_FILE=cloudflared@chorke.org.service SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} cat << INI \| sudo tee ${SYSTEM_PATH} >/dev/null [Unit] Description=cloudflared After=network-online.target Wants=network-online.target [Service] Group=chorke-org-argo User=chorke-org-argo TimeoutStartSec=0 Type=notify ExecStart=/usr/bin/cloudflared --no-autoupdate \ --config /home/system/chorke-org-argo/\ .cloudflared/argo.yml tunnel run Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target INI	SYSTEM_FILE=cloudflared@shahed.biz.service SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} cat << INI \| sudo tee ${SYSTEM_PATH} >/dev/null [Unit] Description=cloudflared After=network-online.target Wants=network-online.target [Service] Group=shahed-biz-argo User=shahed-biz-argo TimeoutStartSec=0 Type=notify ExecStart=/usr/bin/cloudflared --no-autoupdate \ --config /home/system/shahed-biz-argo/\ .cloudflared/argo.yml tunnel run Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target INI

cat << EXE \| sudo bash systemctl daemon-reload systemctl enable cloudflared@chorke.com.service systemctl start cloudflared@chorke.com.service systemctl status cloudflared@chorke.com.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl enable cloudflared@chorke.org.service systemctl start cloudflared@chorke.org.service systemctl status cloudflared@chorke.org.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl enable cloudflared@shahed.biz.service systemctl start cloudflared@shahed.biz.service systemctl status cloudflared@shahed.biz.service EXE

tail -n100 \ -f /var/log/cloudflared/chorke.com/argo.log journalctl -xeu cloudflared@chorke.com.service	tail -n100 \ -f /var/log/cloudflared/chorke.org/argo.log journalctl -xeu cloudflared@chorke.org.service	tail -n100 \ -f /var/log/cloudflared/shahed.biz/argo.log journalctl -xeu cloudflared@shahed.biz.service

cat << EXE \| sudo bash systemctl daemon-reload systemctl disable cloudflared@chorke.com.service systemctl stop cloudflared@chorke.com.service systemctl status cloudflared@chorke.com.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl disable cloudflared@chorke.org.service systemctl stop cloudflared@chorke.org.service systemctl status cloudflared@chorke.org.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl disable cloudflared@shahed.biz.service systemctl stop cloudflared@shahed.biz.service systemctl status cloudflared@shahed.biz.service EXE

WARP Routing

Skipped » Find More » 👆

cloudflared tunnel create shahed-aa-${USER} cloudflared tunnel list --output=json\|jq -r '.[].name' ln -s ${CONFIG_BASE}/56f034e2-7fc7-4423-8db3-1e9db8a24ca3.json ${AUTHNZ_FILE}

cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} warp-routing: enabled: true loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML

cat <<'ENV'\|tee -a ${HOME}/.bashrc >/dev/null # cloudflare tunnel config export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml ENV cat <<'ENV'\|tee -a ${HOME}/.profile >/dev/null if [ -f ${HOME}/.bashrc ]; then . ${HOME}/.bashrc fi ENV source ~/.profile cat ~/.cloudflared/argo.yml cloudflared tunnel run shahed-aa-${USER} exit

Skipped » Find More » 👆

VIRT Routing

Skipped » Find More » 👆

cat << INI \| sudo tee /etc/systemd/system/warp0.service >/dev/null [Unit] Description=Cloudflared WARP Routing Virtual Interface After=network.target [Service] Type=oneshot ExecStart=/usr/sbin/ip link add warp0 type dummy ExecStartPost=/usr/sbin/ip addr add 10.20.40.1/32 dev warp0 ExecStartPost=/usr/sbin/ip link set warp0 up ExecStop=/usr/sbin/ip link delete warp0 RemainAfterExit=yes [Install] WantedBy=multi-user.target INI

cat << EXE \| sudo bash systemctl enable warp0.service systemctl start warp0.service systemctl status warp0.service EXE sudo systemctl enable --now warp0.service sudo systemctl disable --now warp0.service

		cloudflared tunnel route \ ip add 10.20.40.1/32 shahed-aa-shahed-biz-argo

# ping interval ping 10.20.40.1 -i 10	# ping interval & times ping 10.20.40.1 -i 10 -c 6	# ssh through warp routing ssh -qt chorke@10.20.40.1 bash

Skipped » Find More » 👆

Playground

cat /usr/local/etc/cloudflared/config.yml ls -lah ~/.cloudflare-warp ls -lah ~/cloudflare-warp	sudo cloudflared service uninstall systemctl status cloudflared journalctl -xeu cloudflared	tail -n100 -f /var/log/cloudflared.log sudo systemctl daemon-reload ps aux\|grep cloudflared

ls -alh /etc/systemd/system\|grep cloudflared ls -alh /etc/systemd/system\|grep minikube ls -alh /etc/systemd/system\|grep minio	ls -lah /usr/local/etc/cloudflared/ ls -lah /etc/cloudflared/ ls -lah ~/.cloudflared/	sudo ln -s /etc/cloudflared/chorke.com-config.yml \ /etc/cloudflared/config.yml ls -lah /etc/cloudflared/

cloudflared access \ ssh-config --hostname aa.chorke.com	ssh-keygen -t ed25519 -C "argo@chorke.org" \ -f ~/.ssh/argo.chorke.org_ed25519	echo 'id -g'\|sudo -i -u ${USER} bash echo 'id -ng'\|sudo -i -u ${USER} bash

cat /proc/sys/net/ipv4/ping_group_range sysctl net.ipv4.ping_group_range	echo '0 10000'\|\ sudo tee /proc/sys/net/ipv4/ping_group_range	cat /etc/sysctl.conf sudo sysctl -p

warp-cli disconnect warp-cli connect warp-cli status	telnet 10.19.83.68 5432 telnet 10.19.83.68 3306 telnet 10.19.83.68 22	nmap 10.19.83.68 --reason -Pn -p22,3306,5432 nmap 10.19.83.68 --reason -Pn --top 20 tail -n100 -f /var/log/kern.log

hostname hostnamectl nmcli general hostname sudo hostnamectl set-hostname chorke-aa sudo systemctl restart systemd-hostnamed	# shahed-ab » avoid conflict own ip sudo warp-cli add-exclude 10.20.40.2 # hetzner-aa » avoid conflict own ip sudo warp-cli add-exclude 10.20.41.1

References

Cloudflare » Zero Trust » Connections Cloudflare » Zero Trust » Services Cloudflare » Zero Trust » Devices Cloudflare » Zero Trust » Tunnel Cloudflare » Zero Trust » gRPC Cloudflare » Zero Trust » RDP Cloudflare » Zero Trust » SMB Cloudflare » Zero Trust » SSH Cloudflare » Tunnel Cloudflare » SSH	Cloudflare » Zero Trust » Connect private networks Cloudflare » Zero Trust » SSH » Access for Infra Cloudflare » Zero Trust » Devices » Agentless Cloudflare » Zero Trust » Devices » WARP Cloudflare » Zero Trust » SSH » Connect

Cloudflare » Profile » API Tokens Cloudflare » WARP Connector Cloudflare » Access » Chorke Cloudflare » WARP Host Cloudflare

Linux Containers PostgreSQL OpenLDAP OpenVPN HAProxy MySQL Helm CIDR UFW Port	Cloud Computing Cost Tunnel » Cloudflare Google Cloud CLI Tunnel » Ngrok Tunnel » Local Terraform AWS CLI Ansible AWS K8s	CIDR » Restrict access to single IP SSH » Public Key Authentication SSH » Port Forwarding CIDR » 10.20.40.1/32 CIDR » 10.20.40.1/24 CIDR » 10.19.83.1/32 CIDR » 10.19.83.1/24 Linux User Creation

cat << EXE \| sudo bash mkdir -p /home/system/ SYS_USERS='chorke-com-argo chorke-org-argo shahed-biz-argo' for SYS_USER in \${SYS_USERS};do SYS_GROUP="\${SYS_USER}" if ! id -g \${SYS_USER} &>/dev/null;then addgroup --quiet --system \${SYS_GROUP};fi if ! id -u \${SYS_USER} &>/dev/null;then adduser --quiet --system --ingroup \${SYS_GROUP} --home /home/system/\${SYS_USER} --shell /bin/bash --disabled-password \${SYS_USER} chage -m 99999 -M 99999 -E -1 -I -1 \${SYS_USER} mkdir /home/system/\${SYS_USER}/.ssh touch /home/system/\${SYS_USER}/.ssh/config touch /home/system/\${SYS_USER}/.ssh/authorized_keys chown -R \${SYS_USER}:\${SYS_GROUP} /home/system/\${SYS_USER}/ chmod 600 /home/system/\${SYS_USER}/.ssh/authorized_keys chmod 600 /home/system/\${SYS_USER}/.ssh/config chmod 700 /home/system/\${SYS_USER}/.ssh fi done echo && ls -alh /home/system//.ssh/ echo && cat /etc/passwd\|awk -F : '\$3 >= 120 && \$3 < 900 {printf("%-6s » %s\n", \$3, \$1)}'\|sort -h echo && cat /etc/group \|awk -F : '\$3 >= 120 && \$3 < 900 {printf("%-6s » %s\n", \$3, \$1)}'\|sort -h && echo EXE

cat << EXE \| sudo bash mkdir -p /var/log/cloudflared/chorke.com chown chorke-com-argo:chorke-com-argo \ -R /var/log/cloudflared/chorke.com EXE	cat << EXE \| sudo bash mkdir -p /var/log/cloudflared/chorke.org chown chorke-org-argo:chorke-org-argo \ -R /var/log/cloudflared/chorke.org EXE	cat << EXE \| sudo bash mkdir -p /var/log/cloudflared/shahed.biz chown shahed-biz-argo:shahed-biz-argo \ -R /var/log/cloudflared/shahed.biz EXE

sudo -i -u chorke-com-argo LOGGER_BASE=/var/log/cloudflared/chorke.com	sudo -i -u chorke-org-argo LOGGER_BASE=/var/log/cloudflared/chorke.org	sudo -i -u shahed-biz-argo LOGGER_BASE=/var/log/cloudflared/shahed.biz

CONFIG_BASE=${HOME}/.cloudflared AUTHNZ_BASE=${HOME}/.cloudflared CONFIG_FILE=${CONFIG_BASE}/argo.yml LOGGER_FILE=${LOGGER_BASE}/argo.log AUTHNZ_FILE=${AUTHNZ_BASE}/argo.json cloudflared tunnel login cd ~/.cloudflared/ cloudflared tunnel create shahed-aa-${USER} cloudflared tunnel list --output=json\|jq -r '.[].name' ln -s ${CONFIG_BASE}/3d1105e6-e8f4-403e-9b2d-3367947e0a9e.json ${AUTHNZ_FILE} cloudflared tunnel route dns shahed-aa-${USER} aa

cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} ingress: - service: http://localhost hostname: aa.chorke.com - service: http_status:404 warp-routing: enabled: false # icmpv4-src: 10.19.83.68 private_network: - 10.19.83.0/24 dns: - 1.1.1.1 - 8.8.8.8 - 10.19.83.100 loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML	cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} ingress: - service: http://localhost hostname: aa.chorke.org - service: http_status:404 warp-routing: enabled: false # icmpv4-src: 10.19.83.68 private_network: - 10.19.83.0/24 dns: - 1.1.1.1 - 8.8.8.8 - 10.19.83.100 loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML	cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} ingress: - service: http://localhost hostname: aa.shahed.biz - service: http_status:404 warp-routing: enabled: true # icmpv4-src: 10.19.83.68 private_network: - 10.19.83.0/24 dns: - 1.1.1.1 - 8.8.8.8 - 10.19.83.100 loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML

cat <<'ENV'\|tee -a ${HOME}/.bashrc >/dev/null # cloudflare tunnel config export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml ENV cat <<'ENV'\|tee -a ${HOME}/.profile >/dev/null if [ -f ${HOME}/.bashrc ]; then . ${HOME}/.bashrc fi ENV source ~/.profile cat ~/.cloudflared/argo.yml cloudflared tunnel run shahed-aa-${USER} exit

SYSTEM_FILE=cloudflared@chorke.com.service SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} cat << INI \| sudo tee ${SYSTEM_PATH} >/dev/null [Unit] Description=cloudflared After=network-online.target Wants=network-online.target [Service] Group=chorke-com-argo User=chorke-com-argo TimeoutStartSec=0 Type=notify ExecStart=/usr/bin/cloudflared --no-autoupdate \ --config /home/system/chorke-com-argo/\ .cloudflared/argo.yml tunnel run Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target INI	SYSTEM_FILE=cloudflared@chorke.org.service SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} cat << INI \| sudo tee ${SYSTEM_PATH} >/dev/null [Unit] Description=cloudflared After=network-online.target Wants=network-online.target [Service] Group=chorke-org-argo User=chorke-org-argo TimeoutStartSec=0 Type=notify ExecStart=/usr/bin/cloudflared --no-autoupdate \ --config /home/system/chorke-org-argo/\ .cloudflared/argo.yml tunnel run Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target INI	SYSTEM_FILE=cloudflared@shahed.biz.service SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} cat << INI \| sudo tee ${SYSTEM_PATH} >/dev/null [Unit] Description=cloudflared After=network-online.target Wants=network-online.target [Service] Group=shahed-biz-argo User=shahed-biz-argo TimeoutStartSec=0 Type=notify ExecStart=/usr/bin/cloudflared --no-autoupdate \ --config /home/system/shahed-biz-argo/\ .cloudflared/argo.yml tunnel run Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target INI

cat << EXE \| sudo bash systemctl daemon-reload systemctl enable cloudflared@chorke.com.service systemctl start cloudflared@chorke.com.service systemctl status cloudflared@chorke.com.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl enable cloudflared@chorke.org.service systemctl start cloudflared@chorke.org.service systemctl status cloudflared@chorke.org.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl enable cloudflared@shahed.biz.service systemctl start cloudflared@shahed.biz.service systemctl status cloudflared@shahed.biz.service EXE

tail -n100 \ -f /var/log/cloudflared/chorke.com/argo.log journalctl -xeu cloudflared@chorke.com.service	tail -n100 \ -f /var/log/cloudflared/chorke.org/argo.log journalctl -xeu cloudflared@chorke.org.service	tail -n100 \ -f /var/log/cloudflared/shahed.biz/argo.log journalctl -xeu cloudflared@shahed.biz.service

cat << EXE \| sudo bash systemctl daemon-reload systemctl disable cloudflared@chorke.com.service systemctl stop cloudflared@chorke.com.service systemctl status cloudflared@chorke.com.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl disable cloudflared@chorke.org.service systemctl stop cloudflared@chorke.org.service systemctl status cloudflared@chorke.org.service EXE	cat << EXE \| sudo bash systemctl daemon-reload systemctl disable cloudflared@shahed.biz.service systemctl stop cloudflared@shahed.biz.service systemctl status cloudflared@shahed.biz.service EXE

Skipped » Find More » 👆

cloudflared tunnel create shahed-aa-${USER} cloudflared tunnel list --output=json\|jq -r '.[].name' ln -s ${CONFIG_BASE}/56f034e2-7fc7-4423-8db3-1e9db8a24ca3.json ${AUTHNZ_FILE}

cat << YML \| tee ${CONFIG_FILE} >/dev/null --- tunnel: shahed-aa-${USER} credentials-file: ${AUTHNZ_FILE} warp-routing: enabled: true loglevel: info logfile: ${LOGGER_FILE} heartbeat: interval: 10s max_retries: 3 restart: true YML

cat <<'ENV'\|tee -a ${HOME}/.bashrc >/dev/null # cloudflare tunnel config export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml ENV cat <<'ENV'\|tee -a ${HOME}/.profile >/dev/null if [ -f ${HOME}/.bashrc ]; then . ${HOME}/.bashrc fi ENV source ~/.profile cat ~/.cloudflared/argo.yml cloudflared tunnel run shahed-aa-${USER} exit

Skipped » Find More » 👆

Cloudflare/Argo Tunnel: Difference between revisions

Latest revision as of 03:22, 24 February 2025

Contents

Argo Tunnel

WARP Routing

VIRT Routing

Playground

References

Navigation menu

@@ Line 1: / Line 1: @@
 ==Argo Tunnel==
 {|
-| valign="top" |
-<syntaxhighlight lang="bash">
-sudo su
-cd /root/.cloudflared/
-cloudflared tunnel login
-mv cert.pem ./certs/chorke.com.pem
-</syntaxhighlight>
-| valign="top" |
-<syntaxhighlight lang="bash">
-sudo su
-cd /root/.cloudflared/
-cloudflared tunnel login
-mv cert.pem ./certs/chorke.org.pem
-</syntaxhighlight>
-| valign="top" |
-<syntaxhighlight lang="bash">
-sudo su
-cd /root/.cloudflared/
-cloudflared tunnel login
-mv cert.pem ./certs/shahed.biz.pem
-</syntaxhighlight>
-|-
 | colspan="3" |
-----
-|-
-| valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+cat << EXE | sudo bash
-/root/.cloudflared/certs/chorke.com.pem \
+mkdir -p /home/system/
-tunnel create aa-chorke-com-argo
+SYS_USERS='chorke-com-argo chorke-org-argo shahed-biz-argo'
-</syntaxhighlight>
+for SYS_USER in \${SYS_USERS};do
+  SYS_GROUP="\${SYS_USER}"
+  if ! id -g \${SYS_USER} &>/dev/null;then addgroup --quiet --system \${SYS_GROUP};fi
+  if ! id -u \${SYS_USER} &>/dev/null;then
+    adduser --quiet --system  --ingroup \${SYS_GROUP} --home /home/system/\${SYS_USER} --shell /bin/bash --disabled-password \${SYS_USER}
+    chage -m 99999 -M 99999 -E -1 -I -1 \${SYS_USER}
-| valign="top" |
+    mkdir /home/system/\${SYS_USER}/.ssh
-<syntaxhighlight lang="bash">
+    touch /home/system/\${SYS_USER}/.ssh/config
-cloudflared --origincert=\
+    touch /home/system/\${SYS_USER}/.ssh/authorized_keys
-/root/.cloudflared/certs/chorke.org.pem \
-tunnel create aa-chorke-org-argo
-</syntaxhighlight>
-| valign="top" |
+    chown -R \${SYS_USER}:\${SYS_GROUP} /home/system/\${SYS_USER}/
-<syntaxhighlight lang="bash">
+    chmod 600 /home/system/\${SYS_USER}/.ssh/authorized_keys
-cloudflared --origincert=\
+    chmod 600 /home/system/\${SYS_USER}/.ssh/config
-/root/.cloudflared/certs/shahed.biz.pem \
+    chmod 700 /home/system/\${SYS_USER}/.ssh
-tunnel create aa-shahed-biz-argo
+  fi
-</syntaxhighlight>
+done
-|-
+echo && ls -alh /home/system/*/.ssh/*
-| colspan="3" |
+echo && cat /etc/passwd|awk -F : '\$3 >= 120 && \$3 < 900 {printf("%-6s » %s\n", \$3, \$1)}'|sort -h
-----
+echo && cat /etc/group |awk -F : '\$3 >= 120 && \$3 < 900 {printf("%-6s » %s\n", \$3, \$1)}'|sort -h && echo
-|-
+EXE
-| valign="top" |
-<syntaxhighlight lang="bash">
-mv certs/ccc2684a-*.json \
- ./auths/chorke.com.json
-</syntaxhighlight>
-| valign="top" |
-<syntaxhighlight lang="bash">
-mv certs/621edb67-*.json \
- ./auths/chorke.org.json
-</syntaxhighlight>
-| valign="top" |
-<syntaxhighlight lang="bash">
-mv certs/249a5a7c-*.json \
- ./auths/shahed.biz.json
 </syntaxhighlight>
@@ Line 78: / Line 36: @@
 | valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+cat << EXE | sudo bash
-/root/.cloudflared/certs/chorke.com.pem \
+mkdir -p /var/log/cloudflared/chorke.com
-tunnel list --output=json|jq -r '.[].name'
+chown  chorke-com-argo:chorke-com-argo \
+      -R /var/log/cloudflared/chorke.com
+EXE
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+cat << EXE | sudo bash
-/root/.cloudflared/certs/chorke.org.pem \
+mkdir -p /var/log/cloudflared/chorke.org
-tunnel list --output=json|jq -r '.[].name'
+chown  chorke-org-argo:chorke-org-argo \
+      -R /var/log/cloudflared/chorke.org
+EXE
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+cat << EXE | sudo bash
-/root/.cloudflared/certs/shahed.biz.pem \
+mkdir -p /var/log/cloudflared/shahed.biz
-tunnel list --output=json|jq -r '.[].name'
+chown  shahed-biz-argo:shahed-biz-argo \
+      -R /var/log/cloudflared/shahed.biz
+EXE
 </syntaxhighlight>
@@ Line 103: / Line 67: @@
 | valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+sudo -i -u chorke-com-argo
-/root/.cloudflared/certs/chorke.com.pem \
+LOGGER_BASE=/var/log/cloudflared/chorke.com
-tunnel route dns aa-chorke-com-argo aa
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+sudo -i -u chorke-org-argo
-/root/.cloudflared/certs/chorke.org.pem \
+LOGGER_BASE=/var/log/cloudflared/chorke.org
-tunnel route dns aa-chorke-org-argo aa
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+sudo -i -u shahed-biz-argo
-/root/.cloudflared/certs/shahed.biz.pem \
+LOGGER_BASE=/var/log/cloudflared/shahed.biz
-tunnel route dns aa-shahed-biz-argo aa
 </syntaxhighlight>
@@ Line 128: / Line 89: @@
 | colspan="3" |
 <syntaxhighlight lang="bash">
-CONFIG_BASE=/etc/cloudflared
+CONFIG_BASE=${HOME}/.cloudflared
-LOGGER_BASE=/var/log/cloudflared
+AUTHNZ_BASE=${HOME}/.cloudflared
-AUTHNZ_BASE=/root/.cloudflared/auths
+CONFIG_FILE=${CONFIG_BASE}/argo.yml
+LOGGER_FILE=${LOGGER_BASE}/argo.log
+AUTHNZ_FILE=${AUTHNZ_BASE}/argo.json
-cat << EXE | sudo bash
+cloudflared tunnel login
-mkdir -p ${CONFIG_BASE}/
+cd ~/.cloudflared/
-mkdir -p ${LOGGER_BASE}/
-mkdir -p /root/.cloudflared/{cert,auth}s/
+cloudflared tunnel create shahed-aa-${USER}
-EXE
+cloudflared tunnel list --output=json|jq -r '.[].name'
+ln -s ${CONFIG_BASE}/3d1105e6-e8f4-403e-9b2d-3367947e0a9e.json ${AUTHNZ_FILE}
+cloudflared tunnel route dns shahed-aa-${USER} aa
 </syntaxhighlight>
@@ Line 145: / Line 110: @@
 | valign="top" |
 <syntaxhighlight lang="yaml">
-LOGGER_FILE=${LOGGER_BASE}/chorke.com.log
+cat << YML | tee ${CONFIG_FILE} >/dev/null
-AUTHNZ_FILE=${AUTHNZ_BASE}/chorke.com.json
-CONFIG_FILE=${CONFIG_BASE}/chorke.com-config.yml
-cat << YML | sudo tee ${CONFIG_FILE} >/dev/null
 ---
-tunnel: aa-chorke-com-argo
+tunnel: shahed-aa-${USER}
 credentials-file: ${AUTHNZ_FILE}
 ingress:
    - service: http://localhost
-    hostname: aa.chorke.com
-    path: /*
-  - service: ssh://localhost:22
-    hostname: aa.chorke.com
-  - service: tcp://localhost:3306
-    hostname: aa.chorke.com
-  - service: tcp://localhost:5432
      hostname: aa.chorke.com
    - service: http_status:404
 warp-routing:
-   enabled: true
+   enabled: false
+# icmpv4-src: 10.19.83.68
 private_network:
@@ Line 189: / Line 145: @@
 | valign="top" |
-<syntaxhighlight lang="yaml">
+<syntaxhighlight lang="yaml" line>
-LOGGER_FILE=${LOGGER_BASE}/chorke.org.log
+cat << YML | tee ${CONFIG_FILE} >/dev/null
-AUTHNZ_FILE=${AUTHNZ_BASE}/chorke.org.json
-CONFIG_FILE=${CONFIG_BASE}/chorke.org-config.yml
-cat << YML | sudo tee ${CONFIG_FILE} >/dev/null
 ---
-tunnel: aa-chorke-org-argo
+tunnel: shahed-aa-${USER}
 credentials-file: ${AUTHNZ_FILE}
 ingress:
    - service: http://localhost
-    hostname: aa.chorke.org
-    path: /*
-  - service: ssh://localhost:22
-    hostname: aa.chorke.org
-  - service: tcp://localhost:3306
-    hostname: aa.chorke.org
-  - service: tcp://localhost:5432
      hostname: aa.chorke.org
    - service: http_status:404
 warp-routing:
-   enabled: true
+   enabled: false
+# icmpv4-src: 10.19.83.68
 private_network:
@@ Line 235: / Line 182: @@
 | valign="top" |
 <syntaxhighlight lang="yaml">
-LOGGER_FILE=${LOGGER_BASE}/shahed-biz.log
+cat << YML | tee ${CONFIG_FILE} >/dev/null
-AUTHNZ_FILE=${AUTHNZ_BASE}/shahed.biz.json
-CONFIG_FILE=${CONFIG_BASE}/shahed.biz-config.yml
-cat << YML | sudo tee ${CONFIG_FILE} >/dev/null
 ---
-tunnel: aa-shahed-biz-argo
+tunnel: shahed-aa-${USER}
 credentials-file: ${AUTHNZ_FILE}
 ingress:
    - service: http://localhost
-    hostname: aa.shahed.biz
-    path: /*
-  - service: ssh://localhost:22
-    hostname: aa.shahed.biz
-  - service: tcp://localhost:3306
-    hostname: aa.shahed.biz
-  - service: tcp://localhost:5432
      hostname: aa.shahed.biz
    - service: http_status:404
@@ Line 258: / Line 194: @@
 warp-routing:
    enabled: true
+# icmpv4-src: 10.19.83.68
 private_network:
@@ Line 282: / Line 220: @@
 ----
 |-
-| valign="top" |
+| colspan="3" |
 <syntaxhighlight lang="bash">
-sudo cloudflared tunnel \
+cat <<'ENV'|tee -a ${HOME}/.bashrc >/dev/null
---config /etc/cloudflared/chorke.com-config.yml \
+# cloudflare tunnel config
-run aa-chorke-com-argo
+export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml
-</syntaxhighlight>
+ENV
-| valign="top" |
+cat <<'ENV'|tee -a ${HOME}/.profile >/dev/null
-<syntaxhighlight lang="bash">
+if [ -f ${HOME}/.bashrc ]; then
-sudo cloudflared tunnel \
+    . ${HOME}/.bashrc
---config /etc/cloudflared/chorke.org-config.yml \
+fi
-run aa-chorke-org-argo
+ENV
-</syntaxhighlight>
-| valign="top" |
+source ~/.profile
-<syntaxhighlight lang="bash">
+   cat ~/.cloudflared/argo.yml
-sudo cloudflared tunnel \
+cloudflared tunnel run shahed-aa-${USER}
---config /etc/cloudflared/shahed.biz-config.yml \
+exit
-run aa-shahed-biz-argo
 </syntaxhighlight>
@@ Line 319: / Line 255: @@
 [Service]
+Group=chorke-com-argo
+User=chorke-com-argo
 TimeoutStartSec=0
 Type=notify
 ExecStart=/usr/bin/cloudflared --no-autoupdate \
---config /etc/cloudflared/chorke.com-config.yml \
+--config /home/system/chorke-com-argo/\
-tunnel run
+.cloudflared/argo.yml tunnel run
 Restart=on-failure
 RestartSec=5s
@@ Line 333: / Line 271: @@
 | valign="top" |
-<syntaxhighlight lang="ini">
+<syntaxhighlight lang="ini" line>
 SYSTEM_FILE=cloudflared@chorke.org.service
 SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE}
@@ Line 344: / Line 282: @@
 [Service]
+Group=chorke-org-argo
+User=chorke-org-argo
 TimeoutStartSec=0
 Type=notify
 ExecStart=/usr/bin/cloudflared --no-autoupdate \
---config /etc/cloudflared/chorke.org-config.yml \
+--config /home/system/chorke-org-argo/\
-tunnel run
+.cloudflared/argo.yml tunnel run
 Restart=on-failure
 RestartSec=5s
@@ Line 369: / Line 309: @@
 [Service]
+Group=shahed-biz-argo
+User=shahed-biz-argo
 TimeoutStartSec=0
 Type=notify
 ExecStart=/usr/bin/cloudflared --no-autoupdate \
---config /etc/cloudflared/shahed.biz-config.yml \
+--config /home/system/shahed-biz-argo/\
-tunnel run
+.cloudflared/argo.yml tunnel run
 Restart=on-failure
 RestartSec=5s
@@ Line 423: / Line 365: @@
 <syntaxhighlight lang="bash">
 tail -n100 \
--f /var/log/cloudflared/chorke.com.log
+-f /var/log/cloudflared/chorke.com/argo.log
 journalctl -xeu cloudflared@chorke.com.service
 </syntaxhighlight>
@@ Line 430: / Line 372: @@
 <syntaxhighlight lang="bash">
 tail -n100 \
--f /var/log/cloudflared/chorke.org.log
+-f /var/log/cloudflared/chorke.org/argo.log
 journalctl -xeu cloudflared@chorke.org.service
 </syntaxhighlight>
@@ Line 437: / Line 379: @@
 <syntaxhighlight lang="bash">
 tail -n100 \
--f /var/log/cloudflared/shahed-biz.log
+-f /var/log/cloudflared/shahed.biz/argo.log
 journalctl -xeu cloudflared@shahed.biz.service
 </syntaxhighlight>
@@ Line 486: / Line 428: @@
 ----
 |-
-| valign="top" |
+| colspan="3" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+cloudflared tunnel create shahed-aa-${USER}
-/root/.cloudflared/certs/chorke.com.pem \
+cloudflared tunnel list --output=json|jq -r '.[].name'
-tunnel create ab-chorke-com-argo
+ln -s ${CONFIG_BASE}/56f034e2-7fc7-4423-8db3-1e9db8a24ca3.json ${AUTHNZ_FILE}
 </syntaxhighlight>
-| valign="top" |
+|-
-<syntaxhighlight lang="bash">
+| colspan="3" |
-cloudflared --origincert=\
+----
-/root/.cloudflared/certs/chorke.org.pem \
+|-
-tunnel create ab-chorke-org-argo
+| colspan="3" |
+<syntaxhighlight lang="yaml">
+cat << YML | tee ${CONFIG_FILE} >/dev/null
+---
+tunnel: shahed-aa-${USER}
+credentials-file: ${AUTHNZ_FILE}
+warp-routing:
+  enabled: true
+loglevel: info
+logfile: ${LOGGER_FILE}
+heartbeat:
+  interval: 10s
+  max_retries: 3
+restart: true
+YML
 </syntaxhighlight>
-| valign="top" |
+|-
+| colspan="3" |
+----
+|-
+| colspan="3" |
 <syntaxhighlight lang="bash">
-cloudflared --origincert=\
+cat <<'ENV'|tee -a ${HOME}/.bashrc >/dev/null
-/root/.cloudflared/certs/shahed.biz.pem \
+# cloudflare tunnel config
-tunnel create ab-shahed-biz-argo
+export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml
+ENV
+cat <<'ENV'|tee -a ${HOME}/.profile >/dev/null
+if [ -f ${HOME}/.bashrc ]; then
+    . ${HOME}/.bashrc
+fi
+ENV
+source ~/.profile
+   cat ~/.cloudflared/argo.yml
+cloudflared tunnel run shahed-aa-${USER}
+exit
 </syntaxhighlight>
@@ Line 511: / Line 487: @@
 ----
 |-
-| valign="top" |
+| colspan="3" |
-<syntaxhighlight lang="bash">
+[[Cloudflare/Argo_Tunnel#Argo Tunnel|Skipped » Find More » 👆]]
-mv certs/56f034e2-*.json \
- ./auths/chorke.com.json
-</syntaxhighlight>
-| valign="top" |
+|}
-<syntaxhighlight lang="bash">
-mv certs/472fe18e-*.json \
- ./auths/chorke.org.json
-</syntaxhighlight>
-| valign="top" |
+==VIRT Routing==
-<syntaxhighlight lang="bash">
+{|
-mv certs/030320f3-*.json \
+| colspan="3" |
- ./auths/shahed.biz.json
+[[Cloudflare/Argo_Tunnel#Argo Tunnel|Skipped » Find More » 👆]]
-</syntaxhighlight>
 |-
@@ Line 533: / Line 501: @@
 ----
 |-
-| valign="top" |
+| colspan="3" |
-<syntaxhighlight lang="bash">
+<syntaxhighlight lang="ini">
-cloudflared --origincert=\
+cat << INI | sudo tee /etc/systemd/system/warp0.service >/dev/null
-/root/.cloudflared/certs/chorke.com.pem \
+[Unit]
-tunnel list --output=json|jq -r '.[].name'
+Description=Cloudflared WARP Routing Virtual Interface
-</syntaxhighlight>
+After=network.target
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/ip link add warp0 type dummy
+ExecStartPost=/usr/sbin/ip addr add 10.20.40.1/32 dev warp0
+ExecStartPost=/usr/sbin/ip link set warp0 up
+ExecStop=/usr/sbin/ip link delete warp0
+RemainAfterExit=yes
-| valign="top" |
+[Install]
-<syntaxhighlight lang="bash">
+WantedBy=multi-user.target
-cloudflared --origincert=\
-/root/.cloudflared/certs/chorke.org.pem \
-tunnel list --output=json|jq -r '.[].name'
-</syntaxhighlight>
-| valign="top" |
+INI
-<syntaxhighlight lang="bash">
-cloudflared --origincert=\
-/root/.cloudflared/certs/shahed.biz.pem \
-tunnel list --output=json|jq -r '.[].name'
 </syntaxhighlight>
@@ Line 560: / Line 528: @@
 | colspan="3" |
 <syntaxhighlight lang="bash">
-CONFIG_BASE=/etc/cloudflared
-LOGGER_BASE=/var/log/cloudflared
-AUTHNZ_BASE=/root/.cloudflared/auths
 cat << EXE | sudo bash
-mkdir -p ${CONFIG_BASE}/
+systemctl enable  warp0.service
-mkdir -p ${LOGGER_BASE}/
+systemctl start   warp0.service
-mkdir -p /root/.cloudflared/{cert,auth}s/
+systemctl status  warp0.service
 EXE
+sudo systemctl enable  --now warp0.service
+sudo systemctl disable --now warp0.service
 </syntaxhighlight>
@@ Line 576: / Line 543: @@
 |-
 | valign="top" |
-<syntaxhighlight lang="yaml">
-LOGGER_FILE=${LOGGER_BASE}/chorke.com.log
-AUTHNZ_FILE=${AUTHNZ_BASE}/chorke.com.json
-CONFIG_FILE=${CONFIG_BASE}/chorke.com-config.yml
-cat << YML | sudo tee ${CONFIG_FILE} >/dev/null
----
-tunnel: ab-chorke-com-argo
-credentials-file: ${AUTHNZ_FILE}
-warp-routing:
-  enabled: true
-loglevel: info
-logfile: ${LOGGER_FILE}
-heartbeat:
-  interval: 10s
-  max_retries: 3
-restart: true
-YML
-</syntaxhighlight>
 | valign="top" |
-<syntaxhighlight lang="yaml">
-LOGGER_FILE=${LOGGER_BASE}/chorke.org.log
-AUTHNZ_FILE=${AUTHNZ_BASE}/chorke.org.json
-CONFIG_FILE=${CONFIG_BASE}/chorke.org-config.yml
-cat << YML | sudo tee ${CONFIG_FILE} >/dev/null
----
-tunnel: ab-chorke-org-argo
-credentials-file: ${AUTHNZ_FILE}
-warp-routing:
-  enabled: true
-loglevel: info
-logfile: ${LOGGER_FILE}
-heartbeat:
-  interval: 10s
-  max_retries: 3
-restart: true
-YML
-</syntaxhighlight>
 | valign="top" |
-<syntaxhighlight lang="yaml">
+<syntaxhighlight lang="bash">
-LOGGER_FILE=${LOGGER_BASE}/shahed-biz.log
+cloudflared tunnel route \
-AUTHNZ_FILE=${AUTHNZ_BASE}/shahed.biz.json
+ip add 10.20.40.1/32 shahed-aa-shahed-biz-argo
-CONFIG_FILE=${CONFIG_BASE}/shahed.biz-config.yml
-cat << YML | sudo tee ${CONFIG_FILE} >/dev/null
----
-tunnel: ab-shahed-biz-argo
-credentials-file: ${AUTHNZ_FILE}
-warp-routing:
-  enabled: true
-loglevel: info
-logfile: ${LOGGER_FILE}
-heartbeat:
-  interval: 10s
-  max_retries: 3
-restart: true
-YML
 </syntaxhighlight>
 |-
 | colspan="3" |
@@ Line 656: / Line 557: @@
 | valign="top" |
 <syntaxhighlight lang="bash">
-sudo cloudflared tunnel \
+# ping interval
---config /etc/cloudflared/chorke.com-config.yml \
+ping 10.20.40.1 -i 10
-run ab-chorke-com-argo
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
-sudo cloudflared tunnel \
+# ping interval & times
---config /etc/cloudflared/chorke.org-config.yml \
+ping 10.20.40.1 -i 10 -c 6
-run ab-chorke-org-argo
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
-sudo cloudflared tunnel \
+# ssh through warp routing
---config /etc/cloudflared/shahed.biz-config.yml \
+ssh -qt chorke@10.20.40.1 bash
-run ab-shahed-biz-argo
 </syntaxhighlight>
@@ Line 741: / Line 639: @@
 ssh-config --hostname aa.chorke.com
 </syntaxhighlight>
 | valign="top" |
 <syntaxhighlight lang="bash">
@@ Line 749: / Line 648: @@
 | valign="top" |
 <syntaxhighlight lang="bash">
+echo 'id  -g'|sudo -i -u ${USER} bash
+echo 'id -ng'|sudo -i -u ${USER} bash
+</syntaxhighlight>
+|-
+| colspan="3" |
+----
+|-
+| valign="top" |
+<syntaxhighlight lang="bash">
+cat /proc/sys/net/ipv4/ping_group_range
+sysctl net.ipv4.ping_group_range
+</syntaxhighlight>
+| valign="top" |
+<syntaxhighlight lang="bash">
+echo '0 10000'|\
+sudo tee /proc/sys/net/ipv4/ping_group_range
+</syntaxhighlight>
+| valign="top" |
+<syntaxhighlight lang="bash">
+cat /etc/sysctl.conf
+sudo sysctl -p
+</syntaxhighlight>
+|-
+| colspan="3" |
+----
+|-
+| valign="top" |
+<syntaxhighlight lang="bash">
+warp-cli disconnect
+warp-cli connect
+warp-cli status
+</syntaxhighlight>
+| valign="top" |
+<syntaxhighlight lang="bash">
+telnet 10.19.83.68 5432
+telnet 10.19.83.68 3306
+telnet 10.19.83.68 22
+</syntaxhighlight>
+| valign="top" |
+<syntaxhighlight lang="bash">
+nmap 10.19.83.68 --reason -Pn -p22,3306,5432
+nmap 10.19.83.68 --reason -Pn --top 20
+tail -n100 -f /var/log/kern.log
 </syntaxhighlight>
+|-
+| colspan="3" |
+----
+|-
+| valign="top" |
+<syntaxhighlight lang="bash">
+hostname
+hostnamectl
+nmcli general hostname
+sudo hostnamectl set-hostname chorke-aa
+sudo systemctl restart systemd-hostnamed
+</syntaxhighlight>
+| valign="top" |
+<syntaxhighlight lang="bash">
+# shahed-ab » avoid conflict own ip
+sudo warp-cli add-exclude 10.20.40.2
+# hetzner-aa » avoid conflict own ip
+sudo warp-cli add-exclude 10.20.41.1
+</syntaxhighlight>
+| valign="top" |
+<syntaxhighlight lang="bash">
+</syntaxhighlight>
 |}
@@ Line 770: / Line 743: @@
 |valign="top"|
+* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/cloudflared/ Cloudflare » Zero Trust » Connect private networks]
+* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access/ Cloudflare » Zero Trust » SSH » Access for Infra]
 * [https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/agentless/ Cloudflare » Zero Trust » Devices » Agentless]
 * [https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/ Cloudflare » Zero Trust » Devices » WARP]
+* [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-warp-to-tunnel/ Cloudflare » Zero Trust » SSH » Connect]
 |valign="top"|
@@ Line 780: / Line 756: @@
 |-
 |valign="top"|
+* [https://dash.cloudflare.com/profile/api-tokens Cloudflare » Profile » API Tokens]
 * [[Cloudflare/WARP Connector|Cloudflare » WARP Connector]]
 * [https://chorke.cloudflareaccess.com Cloudflare » Access » Chorke]
+* [[Cloudflare/WARP Host|Cloudflare » WARP Host]]
 * [[Cloudflare]]

Cloudflare/Argo Tunnel: Difference between revisions

Latest revision as of 03:22, 24 February 2025

Argo Tunnel

WARP Routing

VIRT Routing

Playground

References

Navigation menu

Search