Merge pull request #446 from openziti/tidy-cli-hints

raise an exception if invalid mode for public share

cmd/zrok/reserve.go

@@ -9,6 +9,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"time"
+	"slices"
 )
 
 func init() {
@@ -34,7 +35,7 @@ func newReserveCommand() *reserveCommand {
 	}
 	command := &reserveCommand{cmd: cmd}
 	cmd.Flags().StringArrayVar(&command.frontendSelection, "frontends", []string{"public"}, "Selected frontends to use for the share")
-	cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, <tcpTunnel, udpTunnel>, caddy, drive}")
+	cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode (public|private: proxy, web, caddy, drive) (private: tcpTunnel, udpTunnel)")
 	cmd.Flags().BoolVarP(&command.jsonOutput, "json-output", "j", false, "Emit JSON describing the created reserved share")
 	cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
 	cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]")
@@ -48,8 +49,11 @@ func newReserveCommand() *reserveCommand {
 
 func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 	shareMode := sdk.ShareMode(args[0])
+	privateOnlyModes := []string{"tcpTunnel", "udpTunnel"}
 	if shareMode != sdk.PublicShareMode && shareMode != sdk.PrivateShareMode {
 		tui.Error("invalid sharing mode; expecting 'public' or 'private'", nil)
+	} else if shareMode == sdk.PublicShareMode && slices.Contains(privateOnlyModes, cmd.backendMode) {
+		tui.Error(fmt.Sprintf("invalid sharing mode for a %s share: %s", sdk.PublicShareMode, cmd.backendMode), nil)
 	}
 
 	var target string

cmd/zrok/sharePublic.go

@@ -82,7 +82,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		target = args[0]
 
 	default:
-		tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web}", cmd.backendMode), nil)
+		tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, caddy, drive}", cmd.backendMode), nil)
 	}
 
 	root, err := environment.LoadRoot()

docs/getting-started.md

@@ -293,7 +293,7 @@ Usage:
   zrok share public <target> [flags]
 
 Flags:
-      --backend-mode string      The backend mode {proxy, web} (default "proxy")
+      --backend-mode string      The backend mode {proxy, web, caddy, drive} (default "proxy")
       --basic-auth stringArray   Basic authentication users (<username:password>,...)
       --frontends stringArray    Selected frontends to use for the share (default [public])
       --headless                 Disable TUI and run headless

docs/guides/self-hosting/oauth/configuring-oauth.md

@@ -120,14 +120,14 @@ Both the `google` and `github` providers accept a `client_id` and `client_secret
 
 With your public frontend configured to support OAuth, you can test this by creating a public share. There are new command line options to support this:
 
-```
+```text
 $ zrok share public
 Error: accepts 1 arg(s), received 0
 Usage:
   zrok share public <target> [flags]
 
 Flags:
-  -b, --backend-mode string               The backend mode {proxy, web, caddy} (default "proxy")
+  -b, --backend-mode string               The backend mode {proxy, web, caddy, drive} (default "proxy")
       --basic-auth stringArray            Basic authentication users (<username:password>,...)
       --frontends stringArray             Selected frontends to use for the share (default [public])
       --headless                          Disable TUI and run headless
@@ -150,7 +150,6 @@ The `--oauth-check-interval` flag specifies how frequently the authentication mu
 
 An example public share:
 
+```text
+zrok share public --backend-mode web --oauth-provider github --oauth-email-domains zrok.io ~/public
 ```
-$ zrok share public --backend-mode web --oauth-provider github --oauth-email-domains zrok.io ~/public
-```
-