Look into unifying/integrating with the web ui/remotely managed tunnels

[nickchomey]

The addon currently uses the locally managed tunnels approach. But there's also a remotely managed tunnels approach that uses their web ui. https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/remote-management/.

It doesnt seem to use a local config.yaml file, which seems to require restarting the cloudflared systemd service each time routes to backend services are changed.

The idea here is to create a tunnel with the webui, connect it to cloudflared service but then be able to create routes in the cli - perhaps via cloudflare api calls to change the CNAME records. Not sure how the tunnel then updates those - maybe something in the remotely-managed tunnel service monitors the CNAME records and pushes them down to the local cloudflared service?

Though, this would require someone to create a tunnel in the web ui rather than do it all in the CLI. Its not that onerous, but it is something extra.

Yet, we currently already have to go to the webui to create an api token that flarectl uses to modify dns records, so its not that much extra while already there. Yet, we'd still have to create the api token and use flarectl if we want to modify cname records with api calls.

So, the only difference would be whether we create the tunnel in cli or web ui, with the advantage of web being that it should be able to avoid needing to restart the cloudflared service. It doesn't take that long, and surely we are doing this very infrequently, so it doesnt strike me as worth building at this point. I'd be happy to receive a PR for it though

[nickchomey]

cloudflare confirmed that this would be possible but messy

https://discord.com/channels/595317990191398933/1286368168314540072/1286370657453736080

The answer is yes but not cleanly. Local tunnels with their yml configuration came first. The remote managed tunnels simply mangle a json version of the same configuration on every update (you can see exactly what it does in dev tools -> network tab). The endpoint for updating config is https://developers.cloudflare.com/api/operations/cloudflare-tunnel-configuration-put-configuration. You'd have to pull down, modify, push back up config, and then use the DNS API to create tunnel CNAMEs as well

[nickchomey]

This is definitely possible and easy. Just modify the hostname and service fields per route in the json payload and it updates the tunnel routes automatically, without restarting cloudflared or using /etc/cloudflared/config.yml

However, it doesnt change the Zone DNS CNAMEs, so that will need to be done via flarectl or curl. WIll probably get rid of flarectl and just do curl, to simplify things further.