mirror of
https://github.com/openziti/zrok.git
synced 2024-11-28 19:14:07 +01:00
Merge branch 'main' into docker-multi-share
This commit is contained in:
commit
1332f2cb60
20
.github/workflows/build-wheels.yml
vendored
20
.github/workflows/build-wheels.yml
vendored
@ -14,18 +14,18 @@ jobs:
|
|||||||
matrix:
|
matrix:
|
||||||
spec:
|
spec:
|
||||||
- { name: 'linux x86_64', runner: ubuntu-20.04, target: manylinux_2_27_x86_64 }
|
- { name: 'linux x86_64', runner: ubuntu-20.04, target: manylinux_2_27_x86_64 }
|
||||||
- { name: 'macOS x86_64', runner: macos-11, target: macosx_10_14_x86_64 }
|
- { name: 'macOS x86_64', runner: macos-12, target: macosx_10_14_x86_64 }
|
||||||
- { name: 'Windows x86_64', runner: windows-2019, target: win_amd64 }
|
- { name: 'Windows x86_64', runner: windows-2019, target: win_amd64 }
|
||||||
name: building ${{ matrix.spec.name }}
|
name: building ${{ matrix.spec.name }}
|
||||||
runs-on: ${{ matrix.spec.runner }}
|
runs-on: ${{ matrix.spec.runner }}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- name: Setup Python
|
- name: Setup Python
|
||||||
uses: actions/setup-python@v3
|
uses: actions/setup-python@v5
|
||||||
with:
|
with:
|
||||||
python-version: '3.x'
|
python-version: '3.x'
|
||||||
|
|
||||||
@ -39,10 +39,10 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
python setup.py sdist
|
python setup.py sdist
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v4
|
||||||
if: startsWith(matrix.spec.name, 'linux')
|
if: startsWith(matrix.spec.name, 'linux')
|
||||||
with:
|
with:
|
||||||
name: zrok_sdk
|
name: zrok_sdk_${{ matrix.spec.target }}
|
||||||
path: ${{ github.workspace }}/sdk/python/sdk/zrok/dist/*
|
path: ${{ github.workspace }}/sdk/python/sdk/zrok/dist/*
|
||||||
|
|
||||||
publish:
|
publish:
|
||||||
@ -52,15 +52,17 @@ jobs:
|
|||||||
id-token: write
|
id-token: write
|
||||||
steps:
|
steps:
|
||||||
- name: Download artifacts
|
- name: Download artifacts
|
||||||
uses: actions/download-artifact@v3
|
uses: actions/download-artifact@v4
|
||||||
with:
|
with:
|
||||||
path: download
|
path: ./download
|
||||||
|
merge-multiple: true
|
||||||
|
pattern: zrok_sdk_*
|
||||||
|
|
||||||
- name: check
|
- name: check
|
||||||
run: |
|
run: |
|
||||||
ls -lR download
|
ls -lR ./download/
|
||||||
mkdir dist
|
mkdir dist
|
||||||
cp download/*/* dist
|
cp ./download/* ./dist/
|
||||||
|
|
||||||
- name: Publish wheels (TestPYPI)
|
- name: Publish wheels (TestPYPI)
|
||||||
uses: pypa/gh-action-pypi-publish@release/v1
|
uses: pypa/gh-action-pypi-publish@release/v1
|
||||||
|
20
.github/workflows/ci-build.yml
vendored
20
.github/workflows/ci-build.yml
vendored
@ -19,15 +19,15 @@ jobs:
|
|||||||
name: Build Linux AMD64 CLI
|
name: Build Linux AMD64 CLI
|
||||||
runs-on: ubuntu-20.04
|
runs-on: ubuntu-20.04
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: setup-go
|
- name: setup-go
|
||||||
uses: actions/setup-go@v3
|
uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: '>=1.21.3'
|
go-version-file: ./go.mod
|
||||||
|
|
||||||
- name: setup-node
|
- name: setup-node
|
||||||
uses: actions/setup-node@v3
|
uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 18.x
|
node-version: 18.x
|
||||||
|
|
||||||
@ -72,7 +72,7 @@ jobs:
|
|||||||
echo go_bin="$(go env GOPATH)/bin" >> $GITHUB_OUTPUT
|
echo go_bin="$(go env GOPATH)/bin" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
- name: upload build artifact
|
- name: upload build artifact
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: linux-amd64
|
name: linux-amd64
|
||||||
path: ${{ steps.solve_go_bin.outputs.go_bin }}/zrok
|
path: ${{ steps.solve_go_bin.outputs.go_bin }}/zrok
|
||||||
@ -92,25 +92,25 @@ jobs:
|
|||||||
echo branch_tag=$(sed 's/[^a-z0-9_-]/__/gi' <<< "${GITHUB_REF#refs/heads/}") >> $GITHUB_OUTPUT
|
echo branch_tag=$(sed 's/[^a-z0-9_-]/__/gi' <<< "${GITHUB_REF#refs/heads/}") >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
- name: Checkout Workspace
|
- name: Checkout Workspace
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Download Branch Build Artifact
|
- name: Download Branch Build Artifact
|
||||||
uses: actions/download-artifact@v3
|
uses: actions/download-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: linux-amd64
|
name: linux-amd64
|
||||||
path: ./dist/amd64/linux/
|
path: ./dist/amd64/linux/
|
||||||
|
|
||||||
- name: Set Up QEMU
|
- name: Set Up QEMU
|
||||||
uses: docker/setup-qemu-action@v2
|
uses: docker/setup-qemu-action@v3
|
||||||
with:
|
with:
|
||||||
platforms: amd64,arm64
|
platforms: amd64,arm64
|
||||||
|
|
||||||
- name: Set Up Docker BuildKit
|
- name: Set Up Docker BuildKit
|
||||||
id: buildx
|
id: buildx
|
||||||
uses: docker/setup-buildx-action@v2
|
uses: docker/setup-buildx-action@v3
|
||||||
|
|
||||||
- name: Login to Docker Hub
|
- name: Login to Docker Hub
|
||||||
uses: docker/login-action@v2
|
uses: docker/login-action@v3
|
||||||
with:
|
with:
|
||||||
username: ${{ vars.DOCKER_HUB_API_USER || secrets.DOCKER_HUB_API_USER }}
|
username: ${{ vars.DOCKER_HUB_API_USER || secrets.DOCKER_HUB_API_USER }}
|
||||||
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
|
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
|
||||||
|
4
.github/workflows/deploy-doc-site.yml
vendored
4
.github/workflows/deploy-doc-site.yml
vendored
@ -14,9 +14,9 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
- uses: actions/setup-node@v3
|
- uses: actions/setup-node@v4
|
||||||
name: setup npm
|
name: setup npm
|
||||||
with:
|
with:
|
||||||
node-version: 18
|
node-version: 18
|
||||||
|
4
.github/workflows/node-sdk.yml
vendored
4
.github/workflows/node-sdk.yml
vendored
@ -38,7 +38,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Get current zrok repo tag
|
- name: Get current zrok repo tag
|
||||||
id: tag
|
id: tag
|
||||||
run: echo ::set-output name=TAG::$(git describe --tags --abbrev=0)
|
run: echo "TAG=$(git describe --tags --abbrev=0)" | tee -a $GITHUB_OUTPUT
|
||||||
|
|
||||||
- name: Update zrok NodeJS-SDK's package.json version based on current zrok repo git tag
|
- name: Update zrok NodeJS-SDK's package.json version based on current zrok repo git tag
|
||||||
if: github.ref_type == 'tag'
|
if: github.ref_type == 'tag'
|
||||||
@ -49,7 +49,7 @@ jobs:
|
|||||||
- name: Setup .npmrc
|
- name: Setup .npmrc
|
||||||
if: github.ref_type == 'tag'
|
if: github.ref_type == 'tag'
|
||||||
# Setup .npmrc file to prepare for possible publish to npm
|
# Setup .npmrc file to prepare for possible publish to npm
|
||||||
uses: actions/setup-node@v1
|
uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: ${{ matrix.node-version }}
|
node-version: ${{ matrix.node-version }}
|
||||||
registry-url: 'https://registry.npmjs.org'
|
registry-url: 'https://registry.npmjs.org'
|
||||||
|
29
.github/workflows/publish-docker-images.yml
vendored
29
.github/workflows/publish-docker-images.yml
vendored
@ -27,7 +27,7 @@ jobs:
|
|||||||
echo "zrok_semver=${zrok_semver#v}" | tee -a $GITHUB_OUTPUT
|
echo "zrok_semver=${zrok_semver#v}" | tee -a $GITHUB_OUTPUT
|
||||||
|
|
||||||
- name: Checkout Workspace
|
- name: Checkout Workspace
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Create the Release Arch Dirs
|
- name: Create the Release Arch Dirs
|
||||||
run: |
|
run: |
|
||||||
@ -36,36 +36,38 @@ jobs:
|
|||||||
done
|
done
|
||||||
|
|
||||||
- name: Download Linux AMD64 Release Artifact
|
- name: Download Linux AMD64 Release Artifact
|
||||||
uses: dsaltares/fetch-gh-release-asset@master
|
uses: dsaltares/fetch-gh-release-asset@1.1.2
|
||||||
with:
|
with:
|
||||||
version: tags/v${{ steps.semver.outputs.zrok_semver }}
|
version: tags/v${{ steps.semver.outputs.zrok_semver }}
|
||||||
file: zrok_${{ steps.semver.outputs.zrok_semver }}_linux_amd64.tar.gz
|
file: zrok.*_linux_amd64.tar.gz
|
||||||
target: dist/amd64/linux/zrok_${{ steps.semver.outputs.zrok_semver }}_linux_amd64.tar.gz
|
regex: true
|
||||||
|
target: dist/amd64/linux/zrok_linux_amd64.tar.gz
|
||||||
|
|
||||||
- name: Download Linux ARM64 Release Artifact
|
- name: Download Linux ARM64 Release Artifact
|
||||||
uses: dsaltares/fetch-gh-release-asset@master
|
uses: dsaltares/fetch-gh-release-asset@1.1.2
|
||||||
with:
|
with:
|
||||||
version: tags/v${{ steps.semver.outputs.zrok_semver }}
|
version: tags/v${{ steps.semver.outputs.zrok_semver }}
|
||||||
file: zrok_${{ steps.semver.outputs.zrok_semver }}_linux_arm64.tar.gz
|
file: zrok.*_linux_arm64.tar.gz
|
||||||
target: dist/arm64/linux/zrok_${{ steps.semver.outputs.zrok_semver }}_linux_arm64.tar.gz
|
regex: true
|
||||||
|
target: dist/arm64/linux/zrok_linux_arm64.tar.gz
|
||||||
|
|
||||||
- name: Unpack the Release Artifacts
|
- name: Unpack the Release Artifacts
|
||||||
run: |
|
run: |
|
||||||
for TGZ in dist/{amd,arm}64/linux; do
|
for TGZ in dist/{amd,arm}64/linux; do
|
||||||
tar -xvzf ${TGZ}/zrok_*.tar.gz -C ${TGZ}
|
tar -xvzf ${TGZ}/*.tar.gz -C ${TGZ}
|
||||||
done
|
done
|
||||||
|
|
||||||
- name: Set Up QEMU
|
- name: Set Up QEMU
|
||||||
uses: docker/setup-qemu-action@v2
|
uses: docker/setup-qemu-action@v3
|
||||||
with:
|
with:
|
||||||
platforms: amd64,arm64
|
platforms: amd64,arm64
|
||||||
|
|
||||||
- name: Set Up Docker BuildKit
|
- name: Set Up Docker BuildKit
|
||||||
id: buildx
|
id: buildx
|
||||||
uses: docker/setup-buildx-action@v2
|
uses: docker/setup-buildx-action@v3
|
||||||
|
|
||||||
- name: Login to Docker Hub
|
- name: Login to Docker Hub
|
||||||
uses: docker/login-action@v2
|
uses: docker/login-action@v3
|
||||||
with:
|
with:
|
||||||
username: ${{ vars.DOCKER_HUB_API_USER || secrets.DOCKER_HUB_API_USER }}
|
username: ${{ vars.DOCKER_HUB_API_USER || secrets.DOCKER_HUB_API_USER }}
|
||||||
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
|
password: ${{ secrets.DOCKER_HUB_API_TOKEN }}
|
||||||
@ -76,8 +78,9 @@ jobs:
|
|||||||
ZROK_CONTAINER_IMAGE_TAG: ${{ steps.semver.outputs.zrok_semver }}
|
ZROK_CONTAINER_IMAGE_TAG: ${{ steps.semver.outputs.zrok_semver }}
|
||||||
id: tagprep_cli
|
id: tagprep_cli
|
||||||
run: |
|
run: |
|
||||||
echo DOCKER_TAGS="${ZROK_CONTAINER_IMAGE_REPO}:${ZROK_CONTAINER_IMAGE_TAG},${ZROK_CONTAINER_IMAGE_REPO}:latest" \
|
DOCKER_TAGS="${ZROK_CONTAINER_IMAGE_REPO}:${ZROK_CONTAINER_IMAGE_TAG}"
|
||||||
| tee -a $GITHUB_OUTPUT
|
DOCKER_TAGS+=",${ZROK_CONTAINER_IMAGE_REPO}:latest"
|
||||||
|
echo "DOCKER_TAGS=${DOCKER_TAGS}" | tee -a $GITHUB_OUTPUT
|
||||||
|
|
||||||
# this is the CLI image with the Linux binary for each
|
# this is the CLI image with the Linux binary for each
|
||||||
# arch that was downloaded in ./dist/
|
# arch that was downloaded in ./dist/
|
||||||
|
112
.github/workflows/release.yml
vendored
112
.github/workflows/release.yml
vendored
@ -21,18 +21,18 @@ jobs:
|
|||||||
- run: sudo apt update
|
- run: sudo apt update
|
||||||
- run: sudo apt-get install gcc-multilib g++-multilib
|
- run: sudo apt-get install gcc-multilib g++-multilib
|
||||||
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- run: git fetch --force --tags
|
- run: git fetch --force --tags
|
||||||
|
|
||||||
- uses: actions/setup-go@v3
|
- uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: '>=1.21.3'
|
go-version-file: ./go.mod
|
||||||
cache: true
|
cache: true
|
||||||
|
|
||||||
- uses: actions/setup-node@v3
|
- uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 18.x
|
node-version: 18.x
|
||||||
|
|
||||||
@ -44,21 +44,21 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
CI: "true"
|
CI: "true"
|
||||||
|
|
||||||
- uses: goreleaser/goreleaser-action@v5
|
- uses: goreleaser/goreleaser-action@v6
|
||||||
with:
|
with:
|
||||||
distribution: goreleaser
|
distribution: goreleaser
|
||||||
version: latest
|
version: '~> v2'
|
||||||
args: release --skip=publish --config .goreleaser-linux.yml
|
args: release --skip=publish --config .goreleaser-linux.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: release-builds
|
name: release-builds-linux-amd64
|
||||||
path: ./dist/*.gz
|
path: ./dist/*.gz
|
||||||
|
|
||||||
- name: Configure jFrog CLI
|
- name: Configure jFrog CLI
|
||||||
uses: jfrog/setup-jfrog-cli@v3
|
uses: jfrog/setup-jfrog-cli@v4
|
||||||
with:
|
with:
|
||||||
version: ${{ env.JFROG_CLI_VERSION }}
|
version: ${{ env.JFROG_CLI_VERSION }}
|
||||||
env:
|
env:
|
||||||
@ -91,18 +91,18 @@ jobs:
|
|||||||
- run: sudo apt update
|
- run: sudo apt update
|
||||||
- run: sudo apt-get install gcc-aarch64-linux-gnu
|
- run: sudo apt-get install gcc-aarch64-linux-gnu
|
||||||
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- run: git fetch --force --tags
|
- run: git fetch --force --tags
|
||||||
|
|
||||||
- uses: actions/setup-go@v3
|
- uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: '>=1.21.3'
|
go-version-file: ./go.mod
|
||||||
cache: true
|
cache: true
|
||||||
|
|
||||||
- uses: actions/setup-node@v3
|
- uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 18.x
|
node-version: 18.x
|
||||||
|
|
||||||
@ -114,21 +114,21 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
CI: "true"
|
CI: "true"
|
||||||
|
|
||||||
- uses: goreleaser/goreleaser-action@v2
|
- uses: goreleaser/goreleaser-action@v6
|
||||||
with:
|
with:
|
||||||
distribution: goreleaser
|
distribution: goreleaser
|
||||||
version: latest
|
version: '~> v2'
|
||||||
args: release --skip=publish --config .goreleaser-linux-arm64.yml
|
args: release --skip=publish --config .goreleaser-linux-arm64.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: release-builds
|
name: release-builds-linux-arm64
|
||||||
path: ./dist/*.gz
|
path: ./dist/*.gz
|
||||||
|
|
||||||
- name: Configure jFrog CLI
|
- name: Configure jFrog CLI
|
||||||
uses: jfrog/setup-jfrog-cli@v3
|
uses: jfrog/setup-jfrog-cli@v4
|
||||||
with:
|
with:
|
||||||
version: ${{ env.JFROG_CLI_VERSION }}
|
version: ${{ env.JFROG_CLI_VERSION }}
|
||||||
env:
|
env:
|
||||||
@ -161,18 +161,18 @@ jobs:
|
|||||||
- run: sudo apt update
|
- run: sudo apt update
|
||||||
- run: sudo apt-get install gcc-arm-linux-gnueabi
|
- run: sudo apt-get install gcc-arm-linux-gnueabi
|
||||||
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- run: git fetch --force --tags
|
- run: git fetch --force --tags
|
||||||
|
|
||||||
- uses: actions/setup-go@v3
|
- uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: '>=1.21.3'
|
go-version-file: ./go.mod
|
||||||
cache: true
|
cache: true
|
||||||
|
|
||||||
- uses: actions/setup-node@v3
|
- uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 18.x
|
node-version: 18.x
|
||||||
|
|
||||||
@ -184,21 +184,21 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
CI: "true"
|
CI: "true"
|
||||||
|
|
||||||
- uses: goreleaser/goreleaser-action@v2
|
- uses: goreleaser/goreleaser-action@v6
|
||||||
with:
|
with:
|
||||||
distribution: goreleaser
|
distribution: goreleaser
|
||||||
version: latest
|
version: '~> v2'
|
||||||
args: release --skip=publish --config .goreleaser-linux-armhf.yml
|
args: release --skip=publish --config .goreleaser-linux-armhf.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: release-builds
|
name: release-builds-linux-arm
|
||||||
path: ./dist/*.gz
|
path: ./dist/*.gz
|
||||||
|
|
||||||
- name: Configure jFrog CLI
|
- name: Configure jFrog CLI
|
||||||
uses: jfrog/setup-jfrog-cli@v3
|
uses: jfrog/setup-jfrog-cli@v4
|
||||||
with:
|
with:
|
||||||
version: ${{ env.JFROG_CLI_VERSION }}
|
version: ${{ env.JFROG_CLI_VERSION }}
|
||||||
env:
|
env:
|
||||||
@ -235,18 +235,18 @@ jobs:
|
|||||||
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
|
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
|
||||||
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
|
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
|
||||||
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- run: git fetch --force --tags
|
- run: git fetch --force --tags
|
||||||
|
|
||||||
- uses: actions/setup-go@v3
|
- uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: '>=1.21.3'
|
go-version-file: ./go.mod
|
||||||
cache: true
|
cache: true
|
||||||
|
|
||||||
- uses: actions/setup-node@v3
|
- uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 18.x
|
node-version: 18.x
|
||||||
|
|
||||||
@ -258,19 +258,19 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
CI: "true"
|
CI: "true"
|
||||||
|
|
||||||
- uses: goreleaser/goreleaser-action@v2
|
- uses: goreleaser/goreleaser-action@v6
|
||||||
with:
|
with:
|
||||||
distribution: goreleaser
|
distribution: goreleaser
|
||||||
version: latest
|
version: '~> v2'
|
||||||
args: release --skip=publish --config .goreleaser-darwin.yml
|
args: release --skip=publish --config .goreleaser-darwin.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
AC_USERNAME: ${{ secrets.AC_USERNAME }}
|
AC_USERNAME: ${{ secrets.AC_USERNAME }}
|
||||||
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
|
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: release-builds
|
name: release-builds-darwin
|
||||||
path: ./dist/*.gz
|
path: ./dist/*.gz
|
||||||
|
|
||||||
build-windows:
|
build-windows:
|
||||||
@ -280,18 +280,18 @@ jobs:
|
|||||||
- run: sudo apt update
|
- run: sudo apt update
|
||||||
- run: sudo apt-get install gcc-mingw-w64-x86-64
|
- run: sudo apt-get install gcc-mingw-w64-x86-64
|
||||||
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
fetch-depth: 0
|
fetch-depth: 0
|
||||||
|
|
||||||
- run: git fetch --force --tags
|
- run: git fetch --force --tags
|
||||||
|
|
||||||
- uses: actions/setup-go@v3
|
- uses: actions/setup-go@v5
|
||||||
with:
|
with:
|
||||||
go-version: '>=1.21.3'
|
go-version-file: ./go.mod
|
||||||
cache: true
|
cache: true
|
||||||
|
|
||||||
- uses: actions/setup-node@v3
|
- uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 18.x
|
node-version: 18.x
|
||||||
|
|
||||||
@ -303,48 +303,56 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
CI: "true"
|
CI: "true"
|
||||||
|
|
||||||
- uses: goreleaser/goreleaser-action@v2
|
- uses: goreleaser/goreleaser-action@v6
|
||||||
with:
|
with:
|
||||||
distribution: goreleaser
|
distribution: goreleaser
|
||||||
version: latest
|
version: '~> v2'
|
||||||
args: release --skip=publish --config .goreleaser-windows.yml
|
args: release --skip=publish --config .goreleaser-windows.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
- uses: actions/upload-artifact@v3
|
- uses: actions/upload-artifact@v4
|
||||||
with:
|
with:
|
||||||
name: release-builds
|
name: release-builds-windows
|
||||||
path: ./dist/*.gz
|
path: ./dist/*.gz
|
||||||
|
|
||||||
publish-release:
|
publish-release:
|
||||||
# allow skipped but not failed
|
# allow skipped but not failed
|
||||||
if: ${{
|
if: ${{
|
||||||
!cancelled()
|
!cancelled()
|
||||||
&& (needs.build-linux-amd64.result == 'success' || needs.build-linux-amd64.result == 'skipped')
|
&& (needs.build-linux-amd64.result == 'success')
|
||||||
&& (needs.build-linux-arm.result == 'success' || needs.build-linux-amd.result == 'skipped')
|
&& (needs.build-linux-arm.result == 'success')
|
||||||
&& (needs.build-linux-arm64.result == 'success' || needs.build-linux-amd64.result == 'skipped')
|
&& (needs.build-linux-arm64.result == 'success')
|
||||||
&& (needs.build-darwin.result == 'success' || needs.build-darwin.result == 'skipped')
|
&& (needs.build-darwin.result == 'success' || needs.build-darwin.result == 'skipped')
|
||||||
&& (needs.build-windows.result == 'success' || needs.build-windows.result == 'skipped')
|
&& (needs.build-windows.result == 'success' || needs.build-windows.result == 'skipped')
|
||||||
}}
|
}}
|
||||||
needs: [build-linux-amd64, build-linux-arm, build-linux-arm64, build-darwin, build-windows]
|
needs:
|
||||||
|
- build-linux-amd64
|
||||||
|
- build-linux-arm
|
||||||
|
- build-linux-arm64
|
||||||
|
- build-darwin
|
||||||
|
- build-windows
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
- run: |
|
- run: |
|
||||||
mkdir -p ./automated-release-build
|
mkdir -p ./automated-release-build
|
||||||
|
|
||||||
- uses: actions/download-artifact@v3
|
- uses: actions/download-artifact@v4
|
||||||
with:
|
with:
|
||||||
path: ./automated-release-build
|
path: ./automated-release-build
|
||||||
|
merge-multiple: true
|
||||||
|
pattern: release-builds-*
|
||||||
|
|
||||||
- run: |
|
- run: |
|
||||||
mv ./automated-release-build/release-builds/* ./automated-release-build/
|
ls -lAR ./automated-release-build/
|
||||||
rm -rf ./automated-release-build/release-builds
|
|
||||||
shasum ./automated-release-build/* > ./automated-release-build/checksums.txt
|
shasum ./automated-release-build/* > ./automated-release-build/checksums.txt
|
||||||
|
|
||||||
- uses: goreleaser/goreleaser-action@v3
|
- uses: goreleaser/goreleaser-action@v6
|
||||||
with:
|
with:
|
||||||
|
distribution: goreleaser
|
||||||
|
version: '~> v2'
|
||||||
args: release --config .goreleaser-release.yml
|
args: release --config .goreleaser-release.yml
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
@ -112,6 +112,9 @@ nfpms:
|
|||||||
- dst: /lib/systemd/system/
|
- dst: /lib/systemd/system/
|
||||||
src: ./nfpm/zrok-share.service
|
src: ./nfpm/zrok-share.service
|
||||||
|
|
||||||
|
- dst: /etc/systemd/system/zrok-share.service.d/override.conf
|
||||||
|
src: ./nfpm/zrok-share.service.override.conf
|
||||||
|
|
||||||
- dst: /opt/openziti/etc/zrok
|
- dst: /opt/openziti/etc/zrok
|
||||||
type: dir
|
type: dir
|
||||||
file_info:
|
file_info:
|
||||||
|
@ -112,6 +112,9 @@ nfpms:
|
|||||||
- dst: /lib/systemd/system/
|
- dst: /lib/systemd/system/
|
||||||
src: ./nfpm/zrok-share.service
|
src: ./nfpm/zrok-share.service
|
||||||
|
|
||||||
|
- dst: /etc/systemd/system/zrok-share.service.d/override.conf
|
||||||
|
src: ./nfpm/zrok-share.service.override.conf
|
||||||
|
|
||||||
- dst: /opt/openziti/etc/zrok
|
- dst: /opt/openziti/etc/zrok
|
||||||
type: dir
|
type: dir
|
||||||
file_info:
|
file_info:
|
||||||
|
@ -108,6 +108,9 @@ nfpms:
|
|||||||
- dst: /lib/systemd/system/
|
- dst: /lib/systemd/system/
|
||||||
src: ./nfpm/zrok-share.service
|
src: ./nfpm/zrok-share.service
|
||||||
|
|
||||||
|
- dst: /etc/systemd/system/zrok-share.service.d/override.conf
|
||||||
|
src: ./nfpm/zrok-share.service.override.conf
|
||||||
|
|
||||||
- dst: /opt/openziti/etc/zrok
|
- dst: /opt/openziti/etc/zrok
|
||||||
type: dir
|
type: dir
|
||||||
file_info:
|
file_info:
|
||||||
|
@ -2,10 +2,16 @@
|
|||||||
|
|
||||||
## v0.4.34
|
## v0.4.34
|
||||||
|
|
||||||
|
FEATURE: Linux service support for all private share modes (contribution from Stefan Adelbert @stefanadelbert)
|
||||||
|
|
||||||
FIX: Fix for mixing limited and unlimited (-1) resource counts in the limits system (https://github.com/openziti/zrok/issues/680)
|
FIX: Fix for mixing limited and unlimited (-1) resource counts in the limits system (https://github.com/openziti/zrok/issues/680)
|
||||||
|
|
||||||
CHANGE: add Docker compose example for multiple share containers using the same enabled environment in [compose.override.yml](./docker/compose/zrok-public-reserved/compose.override.yml)
|
CHANGE: add Docker compose example for multiple share containers using the same enabled environment in [compose.override.yml](./docker/compose/zrok-public-reserved/compose.override.yml)
|
||||||
|
|
||||||
|
CHANGE: bump many GitHub Actions that were using deprecated distributions of Node.js
|
||||||
|
|
||||||
|
CHANGE: bump macOS runner for Node SDK from macos-11 to macos-12
|
||||||
|
|
||||||
## v0.4.33
|
## v0.4.33
|
||||||
|
|
||||||
FIX: Fix for log message in `Agent.CanAccessShare` (`"account '#%d' over frontends per share limit '%d'"`), which was not returning the correct limit value.
|
FIX: Fix for log message in `Agent.CanAccessShare` (`"account '#%d' over frontends per share limit '%d'"`), which was not returning the correct limit value.
|
||||||
|
@ -54,9 +54,12 @@ fi
|
|||||||
exit 1
|
exit 1
|
||||||
}
|
}
|
||||||
|
|
||||||
# default mode is reserved (public), override mode is temp-public, i.e., "share public" without a reserved subdomain
|
# default mode is 'reserved-public', override modes are reserved-private, temp-public, temp-private.
|
||||||
|
: "${ZROK_FRONTEND_MODE:=reserved-public}"
|
||||||
if [[ "${ZROK_FRONTEND_MODE:-}" == temp-public ]]; then
|
if [[ "${ZROK_FRONTEND_MODE:-}" == temp-public ]]; then
|
||||||
ZROK_CMD="share public --headless ${ZROK_VERBOSE:-}"
|
ZROK_CMD="share public --headless ${ZROK_VERBOSE:-}"
|
||||||
|
elif [[ "${ZROK_FRONTEND_MODE:-}" == temp-private ]]; then
|
||||||
|
ZROK_CMD="share private --headless ${ZROK_VERBOSE:-}"
|
||||||
elif [[ -s ~/.zrok/reserved.json ]]; then
|
elif [[ -s ~/.zrok/reserved.json ]]; then
|
||||||
ZROK_RESERVED_TOKEN="$(jq -r '.token' ~/.zrok/reserved.json 2>/dev/null)"
|
ZROK_RESERVED_TOKEN="$(jq -r '.token' ~/.zrok/reserved.json 2>/dev/null)"
|
||||||
if [[ -z "${ZROK_RESERVED_TOKEN}" || "${ZROK_RESERVED_TOKEN}" == null ]]; then
|
if [[ -z "${ZROK_RESERVED_TOKEN}" || "${ZROK_RESERVED_TOKEN}" == null ]]; then
|
||||||
@ -73,8 +76,13 @@ elif [[ -s ~/.zrok/reserved.json ]]; then
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
else
|
elif [[ "${ZROK_FRONTEND_MODE:-}" == reserved-public ]]; then
|
||||||
ZROK_CMD="reserve public --json-output ${ZROK_VERBOSE:-}"
|
ZROK_CMD="reserve public --json-output ${ZROK_VERBOSE:-}"
|
||||||
|
elif [[ "${ZROK_FRONTEND_MODE:-}" == reserved-private ]]; then
|
||||||
|
ZROK_CMD="reserve private --json-output ${ZROK_VERBOSE:-}"
|
||||||
|
else
|
||||||
|
echo "ERROR: invalid value for ZROK_FRONTEND_MODE '${ZROK_FRONTEND_MODE}'" >&2
|
||||||
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
[[ -n "${ZROK_BACKEND_MODE:-}" ]] || {
|
[[ -n "${ZROK_BACKEND_MODE:-}" ]] || {
|
||||||
@ -88,12 +96,12 @@ case "${ZROK_BACKEND_MODE}" in
|
|||||||
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an HTTP URL" >&2
|
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an HTTP URL" >&2
|
||||||
exit 1
|
exit 1
|
||||||
else
|
else
|
||||||
echo "INFO: validated backend mode ${ZROK_BACKEND_MODE} and target ${ZROK_TARGET}"
|
echo "INFO: validated backend mode '${ZROK_BACKEND_MODE}' and target '${ZROK_TARGET}'"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
caddy)
|
caddy)
|
||||||
if ! [[ "${ZROK_TARGET}" =~ ^/ ]]; then
|
if ! [[ "${ZROK_TARGET}" =~ ^/ ]]; then
|
||||||
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path." >&2
|
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path" >&2
|
||||||
exit 1
|
exit 1
|
||||||
elif ! [[ -f "${ZROK_TARGET}" && -r "${ZROK_TARGET}" ]]; then
|
elif ! [[ -f "${ZROK_TARGET}" && -r "${ZROK_TARGET}" ]]; then
|
||||||
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not a readable regular file" >&2
|
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not a readable regular file" >&2
|
||||||
@ -104,7 +112,7 @@ case "${ZROK_BACKEND_MODE}" in
|
|||||||
;;
|
;;
|
||||||
web|drive)
|
web|drive)
|
||||||
if ! [[ "${ZROK_TARGET}" =~ ^/ ]]; then
|
if ! [[ "${ZROK_TARGET}" =~ ^/ ]]; then
|
||||||
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path." >&2
|
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path" >&2
|
||||||
exit 1
|
exit 1
|
||||||
elif ! [[ -d "${ZROK_TARGET}" && -r "${ZROK_TARGET}" ]]; then
|
elif ! [[ -d "${ZROK_TARGET}" && -r "${ZROK_TARGET}" ]]; then
|
||||||
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not a readable directory" >&2
|
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not a readable directory" >&2
|
||||||
@ -113,13 +121,41 @@ case "${ZROK_BACKEND_MODE}" in
|
|||||||
echo "INFO: validated backend mode ${ZROK_BACKEND_MODE} and target ${ZROK_TARGET}"
|
echo "INFO: validated backend mode ${ZROK_BACKEND_MODE} and target ${ZROK_TARGET}"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
tcpTunnel|udpTunnel|socks|vpn)
|
||||||
|
if ! [[ "${ZROK_FRONTEND_MODE}" =~ -private$ ]]; then
|
||||||
|
echo "ERROR: ZROK_BACKEND_MODE='${ZROK_BACKEND_MODE}' is a private share backend mode and cannot be used with ZROK_FRONTEND_MODE='${ZROK_FRONTEND_MODE}'" >&2
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
case "${ZROK_BACKEND_MODE}" in
|
||||||
|
tcpTunnel|udpTunnel)
|
||||||
|
echo "INFO: ${ZROK_BACKEND_MODE} backend mode has target '${ZROK_TARGET}'"
|
||||||
|
;;
|
||||||
|
vpn)
|
||||||
|
if [[ -n "${ZROK_TARGET}" ]]; then
|
||||||
|
ZROK_SVC_FILE=/etc/systemd/system/zrok-share.service.d/override.conf
|
||||||
|
if ! grep -qE '^AmbientCapabilities=CAP_NET_ADMIN' "${ZROK_SVC_FILE}"; then
|
||||||
|
echo "ERROR: you must uncomment 'AmbientCapabilities=CAP_NET_ADMIN' in '${ZROK_SVC_FILE}'"\
|
||||||
|
"and run 'systemctl daemon-reload' to enable VPN mode" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
socks)
|
||||||
|
if [[ -n "${ZROK_TARGET}" ]]; then
|
||||||
|
echo "WARNING: ZROK_TARGET='${ZROK_TARGET}' is ignored with ZROK_BACKEND_MODE='${ZROK_BACKEND_MODE}'" >&2
|
||||||
|
unset ZROK_TARGET
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
;;
|
||||||
*)
|
*)
|
||||||
echo "WARNING: ZROK_BACKEND_MODE='${ZROK_BACKEND_MODE}' is not a recognized mode for a zrok public share."\
|
echo "WARNING: ZROK_BACKEND_MODE='${ZROK_BACKEND_MODE}' is not a recognized mode for a zrok public share."\
|
||||||
" ZROK_TARGET value will not validated before running." >&2
|
" ZROK_TARGET value will not validated before running." >&2
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
[[ -n "${ZROK_UNIQUE_NAME:-}" ]] && {
|
[[ "${ZROK_FRONTEND_MODE:-}" =~ ^reserved- && -n "${ZROK_UNIQUE_NAME:-}" ]] && {
|
||||||
ZROK_CMD+=" --unique-name ${ZROK_UNIQUE_NAME}"
|
ZROK_CMD+=" --unique-name ${ZROK_UNIQUE_NAME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -142,8 +178,9 @@ fi
|
|||||||
|
|
||||||
echo "INFO: running: zrok ${ZROK_CMD}"
|
echo "INFO: running: zrok ${ZROK_CMD}"
|
||||||
|
|
||||||
if [[ "${ZROK_FRONTEND_MODE:-}" == temp-public ]]; then
|
if [[ "${ZROK_FRONTEND_MODE:-}" =~ ^temp- ]]; then
|
||||||
# share until exit
|
# frontend mode starts with 'temp-', so is temporary.
|
||||||
|
# share without reserving until exit.
|
||||||
exec zrok ${ZROK_CMD}
|
exec zrok ${ZROK_CMD}
|
||||||
else
|
else
|
||||||
# reserve and continue
|
# reserve and continue
|
||||||
|
@ -17,48 +17,65 @@ ZROK_ENABLE_TOKEN=""
|
|||||||
#
|
#
|
||||||
ZROK_ENVIRONMENT_NAME=""
|
ZROK_ENVIRONMENT_NAME=""
|
||||||
|
|
||||||
# You MUST set this if not using the default zrok.io API endpoint
|
# You MUST set this if not using the default API endpoint
|
||||||
#ZROK_API_ENDPOINT="https://api.zrok.io"
|
#ZROK_API_ENDPOINT="https://api.zrok.io"
|
||||||
|
|
||||||
#
|
#
|
||||||
## ZROK BACKEND TARGET
|
## ZROK BACKEND MODE AND TARGET
|
||||||
#
|
#
|
||||||
# You MUST define the backend target and mode. The frontend URL will be provisioned when the service starts. You MAY
|
# You MUST define the backend target and mode. The frontend URL will be provisioned when the service starts. You MAY
|
||||||
# change ZROK_TARGET and frontend URL will remain the same after a restart as long as the backend mode and frontend
|
# change ZROK_TARGET and frontend URL will remain the same after a restart as long as the backend mode and frontend
|
||||||
# authentication options are the same. Options that require provisioning a new frontend URL when changed are marked with
|
# authentication options are the same. Options that require provisioning a new frontend URL when changed are marked with
|
||||||
# WARNING. You may delete /var/lib/zrok-share/.zrok/reserved.json and restart the service to provision a new frontend URL.
|
# WARNING. You may delete /var/lib/zrok-share/.zrok/reserved.json and restart the service to provision a new frontend URL.
|
||||||
|
|
||||||
#
|
#
|
||||||
|
## BACKEND MODES THAT WORK WITH PUBLIC AND PRIVATE HTTP SHARES
|
||||||
|
#
|
||||||
|
|
||||||
# backend-mode "proxy" (default): share a backend web server URL that's reachable by this host; must begin with 'http://' or
|
# backend-mode "proxy" (default): share a backend web server URL that's reachable by this host; must begin with 'http://' or
|
||||||
# 'https://'; must accept the HOST header of the proxy frontend. Check out backend mode "caddy" if you need more control.
|
# 'https://'; must accept the HOST header of the proxy frontend. Check out backend mode "caddy" if you need more control.
|
||||||
ZROK_TARGET="" # e.g., http://127.0.0.1:3000
|
|
||||||
ZROK_BACKEND_MODE="proxy"
|
ZROK_BACKEND_MODE="proxy"
|
||||||
|
ZROK_TARGET="" # e.g., http://127.0.0.1:3000
|
||||||
# if defined, an https share's backend server certificate will not be verified with backend-mode 'proxy'
|
# if defined, an https share's backend server certificate will not be verified with backend-mode 'proxy'
|
||||||
# NOTE: changing this value does not require provisioning a new frontend URL
|
# NOTE: changing this value does not require provisioning a new frontend URL
|
||||||
#ZROK_INSECURE="--insecure"
|
#ZROK_INSECURE="--insecure"
|
||||||
|
|
||||||
# backend-mode "web": run a web server and share a static HTML directory that's present on this host. Must be an
|
# backend-mode "web": run a web server and share a static HTML directory that's present on this host. Must be an
|
||||||
# absolute path to a directory that is readable by 'other'
|
# absolute path to a directory that is readable by 'other'
|
||||||
#ZROK_TARGET="/var/www/html"
|
|
||||||
#ZROK_BACKEND_MODE="web"
|
#ZROK_BACKEND_MODE="web"
|
||||||
|
#ZROK_TARGET="/var/www/html"
|
||||||
|
|
||||||
# backend-mode "drive": run a WebDAV file server sharing a directory that's present on this host. Must be an absolute
|
# backend-mode "drive": run a WebDAV file server sharing a directory that's present on this host. Must be an absolute
|
||||||
# path to a directory that is readable by 'other'
|
# path to a directory that is readable by 'other'
|
||||||
#ZROK_TARGET="/usr/share/doc"
|
|
||||||
#ZROK_BACKEND_MODE="drive"
|
#ZROK_BACKEND_MODE="drive"
|
||||||
|
#ZROK_TARGET="/usr/share/doc"
|
||||||
|
|
||||||
# backend-mode "caddy": run an embedded Caddy server configured by the supplied Caddyfile. Must be an absolute path that
|
# backend-mode "caddy": run an embedded Caddy server configured by the supplied Caddyfile. Must be an absolute path that
|
||||||
# is readable by 'other'.
|
# is readable by 'other'.
|
||||||
#ZROK_TARGET="/opt/openziti/etc/zrok/multiple_upstream.Caddyfile"
|
|
||||||
#ZROK_BACKEND_MODE="caddy"
|
#ZROK_BACKEND_MODE="caddy"
|
||||||
|
#ZROK_TARGET="/opt/openziti/etc/zrok/multiple_upstream.Caddyfile"
|
||||||
|
|
||||||
# DEBUG log level
|
#
|
||||||
# NOTE: changing this value does not require provisioning a new frontend URL
|
## BACKEND MODES THAT ONLY WORK WITH PRIVATE SHARES
|
||||||
#ZROK_VERBOSE="--verbose"
|
#
|
||||||
|
|
||||||
# you MAY set additional command-line options for the share; see "zrok reserve public --help" for hints
|
# you MUST set ZROK_FRONTEND_MODE to 'reserved-private' or 'temp-private' to use private share backend modes
|
||||||
# WARNING: changes take effect the next time the frontend URL is reserved
|
|
||||||
# NOTE: basic auth and oauth are mutually exclusive
|
#ZROK_BACKEND_MODE="tcpTunnel"
|
||||||
ZROK_SHARE_OPTS=""
|
#ZROK_TARGET="127.0.0.1:25565"
|
||||||
|
|
||||||
|
#ZROK_BACKEND_MODE="udpTunnel"
|
||||||
|
#ZROK_TARGET="127.0.0.1:53"
|
||||||
|
|
||||||
|
# you MUST grant NET_ADMIN capability to the service to enable vpn mode, e.g., run these two commands:
|
||||||
|
# sed -Ei 's/.*AmbientCapabilities=CAP_NET_ADMIN/AmbientCapabilities=CAP_NET_ADMIN/' /etc/systemd/system/zrok-share.service.d/override.conf
|
||||||
|
# systemctl daemon-reload
|
||||||
|
#ZROK_BACKEND_MODE="vpn"
|
||||||
|
#ZROK_TARGET="172.16.0.1/12"
|
||||||
|
|
||||||
|
# there is no target for socks mode because the share is only a dynamic exit for the proxy client
|
||||||
|
#ZROK_BACKEND_MODE="socks"
|
||||||
|
#ZROK_TARGET=""
|
||||||
|
|
||||||
#
|
#
|
||||||
## ZROK FRONTEND
|
## ZROK FRONTEND
|
||||||
@ -86,3 +103,17 @@ ZROK_SHARE_OPTS=""
|
|||||||
# set if self-hosting zrok and not using only the default frontend name 'public'; must be a space-separated list
|
# set if self-hosting zrok and not using only the default frontend name 'public'; must be a space-separated list
|
||||||
# WARNING: changes take effect the next time the frontend URL is reserved
|
# WARNING: changes take effect the next time the frontend URL is reserved
|
||||||
#ZROK_FRONTENDS="public"
|
#ZROK_FRONTENDS="public"
|
||||||
|
|
||||||
|
# you MAY set to change the frontend mode: reserved-public (default), reserved-private, temp-public, temp-private
|
||||||
|
#ZROK_FRONTEND_MODE="reserved-public"
|
||||||
|
|
||||||
|
#
|
||||||
|
## OPTIONS
|
||||||
|
#
|
||||||
|
|
||||||
|
# DEBUG log level
|
||||||
|
# NOTE: changing this value does not require provisioning a new frontend URL
|
||||||
|
#ZROK_VERBOSE="--verbose"
|
||||||
|
|
||||||
|
# you MAY set additional command-line options for the share; see "zrok reserve public --help" for hints
|
||||||
|
ZROK_SHARE_OPTS=""
|
||||||
|
10
nfpm/zrok-share.service.override.conf
Normal file
10
nfpm/zrok-share.service.override.conf
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Service]
|
||||||
|
|
||||||
|
#
|
||||||
|
## extra permissions
|
||||||
|
#
|
||||||
|
|
||||||
|
# allow adding tun device and IP routes and iptables rules; required when ZROK_BACKEND_MODE=vpn
|
||||||
|
# AmbientCapabilities=CAP_NET_ADMIN
|
||||||
|
|
||||||
|
# you must run 'systemctl daemon-reload' after modifying this file
|
Loading…
Reference in New Issue
Block a user