TUN-3978: Unhide teamnet commands and improve their help
This commit is contained in:
Nuno Diegues
parent
27507ab192
commit
f1ca2de515
|
|
@ -8,7 +8,8 @@
|
|||
|
||||
### New Features
|
||||
|
||||
- none
|
||||
- [Cloudflare One Routing](https://developers.cloudflare.com/cloudflare-one/tutorials/warp-to-tunnel) specific commands
|
||||
now show up in the `cloudflared tunnel route --help` output.
|
||||
|
||||
### Improvements
|
||||
|
||||
|
|
|
|||
|
|
@ -457,14 +457,23 @@ func buildRouteCommand() *cli.Command {
|
|||
return &cli.Command{
|
||||
Name: "route",
|
||||
Action: cliutil.ErrorHandler(routeCommand),
|
||||
Usage: "Define what hostname or load balancer can route to this tunnel",
|
||||
UsageText: "cloudflared tunnel [tunnel command options] route [subcommand options] dns|lb TUNNEL HOSTNAME [LB-POOL]",
|
||||
Description: `The route defines what hostname or load balancer will proxy requests to this tunnel.
|
||||
Usage: "Define which traffic routed from Cloudflare edge to this tunnel: requests to a DNS hostname, to a Cloudflare Load Balancer, or traffic originating from Cloudflare WARP clients",
|
||||
UsageText: "cloudflared tunnel [tunnel command options] route [subcommand options] [dns TUNNEL HOSTNAME]|[lb TUNNEL HOSTNAME LB-POOL]|[ip NETWORK TUNNEL]",
|
||||
Description: `The route command defines how Cloudflare will proxy requests to this tunnel.
|
||||
|
||||
To route a hostname by creating a CNAME to tunnel's address:
|
||||
cloudflared tunnel route dns <tunnel ID> <hostname>
|
||||
To use this tunnel as a load balancer origin, creating pool and load balancer if necessary:
|
||||
cloudflared tunnel route lb <tunnel ID> <load balancer name> <load balancer pool>`,
|
||||
To route a hostname by creating a DNS CNAME record to a tunnel:
|
||||
cloudflared tunnel route dns <tunnel ID or name> <hostname>
|
||||
You can read more at: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/routing-to-tunnel/dns
|
||||
|
||||
To use this tunnel as a load balancer origin, creating pool and load balancer if necessary:
|
||||
cloudflared tunnel route lb <tunnel ID or name> <hostname> <load balancer pool>
|
||||
You can read more at: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/routing-to-tunnel/lb
|
||||
|
||||
For Cloudflare WARP traffic to be routed to your private network, reachable from this tunnel as origins, use:
|
||||
cloudflared tunnel route ip <network CIDR> <tunnel ID or name>
|
||||
Further information about managing Cloudflare WARP traffic to your tunnel is available at:
|
||||
cloudflared tunnel route ip --help
|
||||
`,
|
||||
CustomHelpTemplate: commandHelpTemplate(),
|
||||
Subcommands: []*cli.Command{
|
||||
buildRouteIPSubcommand(),
|
||||
|
|
|
|||
|
|
@ -16,24 +16,23 @@ import (
|
|||
func buildRouteIPSubcommand() *cli.Command {
|
||||
return &cli.Command{
|
||||
Name: "ip",
|
||||
Category: "Tunnel",
|
||||
Usage: "Configure and query private routes",
|
||||
Usage: "Configure and query Cloudflare WARP routing to services or private networks available through this tunnel.",
|
||||
UsageText: "cloudflared tunnel [--config FILEPATH] route COMMAND [arguments...]",
|
||||
Hidden: true,
|
||||
Description: `cloudflared can provision private routes from your private IP space to origins
|
||||
in your corporate network. Users enrolled in your Cloudflare for Teams organization can reach
|
||||
those routes through the Cloudflare Warp client. You can also build rules to determine who
|
||||
can reach certain routes.
|
||||
`,
|
||||
Description: `cloudflared can provision private routes from any IP space to origins in your corporate network.
|
||||
Users enrolled in your Cloudflare for Teams organization can reach those routes through the
|
||||
Cloudflare WARP client. You can also build rules to determine who can reach certain routes.`,
|
||||
Subcommands: []*cli.Command{
|
||||
{
|
||||
Name: "add",
|
||||
Action: cliutil.ErrorHandler(addRouteCommand),
|
||||
Usage: "Add a new Teamnet route to the table",
|
||||
Usage: "Add any new network to the routing table reachable via the tunnel",
|
||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip add [CIDR] [TUNNEL] [COMMENT?]",
|
||||
Description: `Adds a private route to a CIDR in your private IP space. Requests will
|
||||
be sent through the Cloudflare Warp client running on a user's machine, proxied
|
||||
through the specified tunnel, and reach an IP in the given CIDR.`,
|
||||
Description: `Adds any network route space (represented as a CIDR) to your routing table.
|
||||
That network space becomes reachable for requests egressing from a user's machine
|
||||
as long as it is using Cloudflare WARP client and is enrolled in the same account
|
||||
that is running the tunnel chosen here. Further, those requests will be proxied to
|
||||
the specified tunnel, and reach an IP in the given CIDR, as long as that IP is
|
||||
reachable from the tunnel.`,
|
||||
},
|
||||
{
|
||||
Name: "show",
|
||||
|
|
@ -41,20 +40,21 @@ func buildRouteIPSubcommand() *cli.Command {
|
|||
Action: cliutil.ErrorHandler(showRoutesCommand),
|
||||
Usage: "Show the routing table",
|
||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip show [flags]",
|
||||
Description: `Shows your organization's private route table. You can use flags to filter the results.`,
|
||||
Description: `Shows your organization private routing table. You can use flags to filter the results.`,
|
||||
Flags: showRoutesFlags(),
|
||||
},
|
||||
{
|
||||
Name: "delete",
|
||||
Action: cliutil.ErrorHandler(deleteRouteCommand),
|
||||
Usage: "Delete a row from your organization's private routing table",
|
||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip delete [CIDR]",
|
||||
Description: `Deletes the row for a given CIDR from your routing table`,
|
||||
Name: "delete",
|
||||
Action: cliutil.ErrorHandler(deleteRouteCommand),
|
||||
Usage: "Delete a row from your organization's private routing table",
|
||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip delete [CIDR]",
|
||||
Description: `Deletes the row for a given CIDR from your routing table. That portion
|
||||
of your network will no longer be reachable by the WARP clients.`,
|
||||
},
|
||||
{
|
||||
Name: "get",
|
||||
Action: cliutil.ErrorHandler(getRouteByIPCommand),
|
||||
Usage: "Check which row of the routing table matches a given IP",
|
||||
Usage: "Check which row of the routing table matches a given IP.",
|
||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip get [IP]",
|
||||
Description: `Checks which row of the routing table will be used to proxy a given IP.
|
||||
This helps check and validate your config.`,
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ func (p *proxy) Proxy(w connection.ResponseWriter, req *http.Request, sourceConn
|
|||
p.appendTagHeaders(req)
|
||||
if sourceConnectionType == connection.TypeTCP {
|
||||
if p.warpRouting == nil {
|
||||
err := errors.New(`cloudflared received a request from Warp client, but your configuration has disabled ingress from Warp clients. To enable this, set "warp-routing:\n\t enabled: true" in your config.yaml`)
|
||||
err := errors.New(`cloudflared received a request from WARP client, but your configuration has disabled ingress from WARP clients. To enable this, set "warp-routing:\n\t enabled: true" in your config.yaml`)
|
||||
p.log.Error().Msg(err.Error())
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue