cloud: additional tunnel check

2026-02-03 06:03:27 +00:00 · 2024-12-07 18:37:16 -08:00
parent 9b504a280f
commit c2d45e4357
4 changed files with 1700 additions and 616 deletions
--- a/plugins/cloud/README.md
+++ b/plugins/cloud/README.md
@@ -56,13 +56,13 @@ Scrypted Cloud automatically creates a login free tunnel for remote access.

 The following steps are only necessary if you want to associate the tunnel with your existing Cloudflare account to manage it remotely.

-1. Create the Tunnel in the [Cloudflare Zero Trust Dashboard](https://one.dash.cloudflare.com).
-2. Copy the token shown for the tunnel shown in the `install [token]` command. For example, if you see `cloudflared service install eyJhI344aA...`, then `eyJhI344aA...` is the token you need to copy.
-3. Paste the token into the Cloud Plugin Advanced Settings.
-4. Add a `Public Hostname` to the tunnel.
-    * Choose a (sub)domain.
-    * Service `Type` is `HTTPS` and `URL` is `localhost:port`. Replace the port with `Forward Port` from Cloud Plugin Settings.
-    * Expand `Additional Application Settings` -> `TLS` menus and enable `No TLS Verify`.
+1. Navigate to the Cloud Plugin's Cloudflare Settings.
+2. Enter the Cloudflare subdomain, e.g. `scrypted.example.org`.
+3. Open the authorization link printed in the Log in a browser.
+4. Log in to Cloudflare if prompted. Then open the authorization link again.
+5. Select the domain for the specified the subdomain.
+6. Authorization should now be complete.

-5. Reload Cloud Plugin.
-6. Verify Cloudflare successfully connected by observing the `Console` Logs.
+::: info
+Visiting the authorization link twice as directed in the above instructions may be necessary. Cloudflare will not prompt a with a list of domains unless the browser session is already logged in.
+:::
--- a/plugins/cloud/package-lock.json
+++ b/plugins/cloud/package-lock.json
--- a/plugins/cloud/package.json
+++ b/plugins/cloud/package.json
@@ -37,7 +37,7 @@
      ]
   },
   "dependencies": {
-      "@eneris/push-receiver": "^4.2.0",
+      "@eneris/push-receiver": "^4.3.0",
      "@scrypted/common": "file:../../common",
      "@scrypted/sdk": "file:../../sdk",
      "bpmux": "^8.2.1",
@@ -48,10 +48,9 @@
   },
   "devDependencies": {
      "@types/http-proxy": "^1.17.15",
-      "@types/ip": "^1.1.3",
      "@types/nat-upnp": "^1.1.5",
-      "@types/node": "^22.5.2",
+      "@types/node": "^22.10.1",
      "ts-node": "^10.9.2"
   },
-   "version": "0.2.47"
+   "version": "0.2.48"
 }
--- a/plugins/cloud/src/main.ts
+++ b/plugins/cloud/src/main.ts
@@ -183,6 +183,7 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
                    this.storageSettings.values.cloudflaredTunnelCredentials = undefined;
                this.doCloudflaredLogin(nv);
            },
+            console: true,
        },
        cloudflaredTunnelLoginUrl: {
            group: 'Cloudflare',
@@ -1056,6 +1057,7 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings,
                            if ((line.includes('Unregistered tunnel connection')
                                || line.includes('Connection terminated error')
                                || line.includes('Register tunnel error')
+                                || line.includes('Failed to serve tunnel')
                                || line.includes('Failed to get tunnel'))
                                && deferred.finished) {
                                this.console.warn('Cloudflare registration failed after tunnel started. The old tunnel may be invalid. Terminating.');