From d02566b5e5718bb5e9dddab593f3f14aff0844a0 Mon Sep 17 00:00:00 2001 From: amcconnellcloud <108154097+amcconnellcloud@users.noreply.github.com> Date: Tue, 23 Aug 2022 16:07:33 -0700 Subject: [PATCH 1/2] Update server.tpl Adding and editing script so that it runs properly --- terraform-zerotrust-ssh-http-gcp/server.tpl | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/terraform-zerotrust-ssh-http-gcp/server.tpl b/terraform-zerotrust-ssh-http-gcp/server.tpl index 658a597..d47d61f 100644 --- a/terraform-zerotrust-ssh-http-gcp/server.tpl +++ b/terraform-zerotrust-ssh-http-gcp/server.tpl @@ -1,6 +1,7 @@ # Script to install Cloudflare Tunnel and Docker resources # Docker configuration cd /tmp +sudo apt-get install software-properties-common # Retrieveing the docker repository for this OS curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable" @@ -20,10 +21,10 @@ services: EOF # cloudflared configuration -cd +cd ~ # The package for this OS is retrieved -wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-amd64.deb -sudo dpkg -i cloudflared-stable-linux-amd64.deb +wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb +sudo dpkg -i cloudflared-linux-amd64.deb # A local user directory is first created before we can install the tunnel as a system service mkdir ~/.cloudflared touch ~/.cloudflared/cert.json @@ -61,4 +62,4 @@ sudo cloudflared service install sudo cp -via ~/.cloudflared/cert.json /etc/cloudflared/ # Now we can bring up our container(s) with docker-compose and then start the tunnel cd /tmp -sudo docker-compose up -d && sudo service cloudflared start \ No newline at end of file +sudo docker-compose up -d && sudo systemctl start cloudflared From fa7f6228bb558f123ca85e212fc0de4e7623c118 Mon Sep 17 00:00:00 2001 From: amcconnellcloud <108154097+amcconnellcloud@users.noreply.github.com> Date: Tue, 23 Aug 2022 16:09:02 -0700 Subject: [PATCH 2/2] Update bootstrap.tf update to reflect current interactions with terraform and API (uses token instead of key) --- terraform-zerotrust-ssh-http-gcp/bootstrap.tf | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/terraform-zerotrust-ssh-http-gcp/bootstrap.tf b/terraform-zerotrust-ssh-http-gcp/bootstrap.tf index b8e60bf..cca4acb 100644 --- a/terraform-zerotrust-ssh-http-gcp/bootstrap.tf +++ b/terraform-zerotrust-ssh-http-gcp/bootstrap.tf @@ -1,8 +1,7 @@ # Providers provider "cloudflare" { - email = var.cloudflare_email account_id = var.cloudflare_account_id - api_key = var.cloudflare_token + api_token = var.cloudflare_token } provider "google" { project = var.gcp_project_id @@ -53,4 +52,4 @@ variable "cloudflare_email" { variable "cloudflare_token" { description = "The Cloudflare user's API token." type = string -} \ No newline at end of file +}