Skip to content

Commit add0ea4

Browse files
hhftechnologyhhftechnology
committed
Update main.go
1 parent ef92ec0 commit add0ea4

File tree

1 file changed

+27
-12
lines changed

1 file changed

+27
-12
lines changed

main.go

Lines changed: 27 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@ import (
2929
// - CLOUDFLARE_ZONE_ID: Cloudflare zone ID for DNS records
3030
// - TRAEFIK_API_ENDPOINT: Traefik API endpoint URL (e.g., http://localhost:8080)
3131
// - TRAEFIK_ENTRYPOINTS: Comma-separated list of Traefik entrypoints to watch (e.g., "web,websecure")
32+
// OR
33+
// - TRAEFIK_ENTRYPOINT: (Legacy) Single Traefik entrypoint to watch (e.g., "web")
3234
// - TRAEFIK_SERVICE_ENDPOINT: Service endpoint for tunnel traffic
3335

3436
// Config holds application configuration loaded from environment variables
@@ -85,6 +87,12 @@ func loadConfig() (*Config, error) {
8587
for _, ep := range strings.Split(entrypointsStr, ",") {
8688
entrypoints = append(entrypoints, strings.TrimSpace(ep))
8789
}
90+
} else {
91+
// Backward compatibility for TRAEFIK_ENTRYPOINT
92+
singleEntrypoint := os.Getenv("TRAEFIK_ENTRYPOINT")
93+
if singleEntrypoint != "" {
94+
entrypoints = append(entrypoints, singleEntrypoint)
95+
}
8896
}
8997

9098
config := &Config{
@@ -116,7 +124,7 @@ func loadConfig() (*Config, error) {
116124
missing = append(missing, "TRAEFIK_API_ENDPOINT")
117125
}
118126
if len(config.TraefikEntrypoints) == 0 {
119-
missing = append(missing, "TRAEFIK_ENTRYPOINTS")
127+
missing = append(missing, "TRAEFIK_ENTRYPOINTS or TRAEFIK_ENTRYPOINT")
120128
}
121129
if config.TraefikServiceEndpoint == "" {
122130
missing = append(missing, "TRAEFIK_SERVICE_ENDPOINT")
@@ -252,8 +260,8 @@ func buildIngressRules(routers []Router, config *Config) ([]cloudflare.Unvalidat
252260
continue
253261
}
254262

255-
// Only use routes with the specified entrypoint
256-
if !containsEntrypoint(router.EntryPoints, config.TraefikEntrypoint) {
263+
// Only use routes with one of the specified entrypoints
264+
if !hasMatchingEntrypoint(router.EntryPoints, config.TraefikEntrypoints) {
257265
continue
258266
}
259267

@@ -306,15 +314,15 @@ func hasTLSEnabled(router Router) bool {
306314
func syncTunnelConfig(ctx context.Context, cloudflareClient *cloudflare.API, config *Config, ingress []cloudflare.UnvalidatedIngressRule) error {
307315
return retryOperation(3, func() error {
308316
// Get Current tunnel config
309-
accountIdentifier := cloudflare.AccountIdentifier(config.CloudflareAccountID)
310-
tunnelConfig, err := cloudflareClient.GetTunnelConfiguration(ctx, accountIdentifier, config.CloudflareTunnelID)
317+
accountRC := cloudflare.AccountIdentifier(config.CloudflareAccountID)
318+
tunnelConfig, err := cloudflareClient.GetTunnelConfiguration(ctx, accountRC, config.CloudflareTunnelID)
311319
if err != nil {
312320
return fmt.Errorf("failed to get current tunnel configuration: %w", err)
313321
}
314322

315323
// Update config with new ingress rules
316324
tunnelConfig.Config.Ingress = ingress
317-
_, err = cloudflareClient.UpdateTunnelConfiguration(ctx, accountIdentifier, cloudflare.TunnelConfigurationParams{
325+
_, err = cloudflareClient.UpdateTunnelConfiguration(ctx, accountRC, cloudflare.TunnelConfigurationParams{
318326
TunnelID: config.CloudflareTunnelID,
319327
Config: tunnelConfig.Config,
320328
})
@@ -345,7 +353,7 @@ func syncDNSRecords(ctx context.Context, cloudflareClient *cloudflare.API, confi
345353
}
346354

347355
// ensureDNSRecord ensures that a DNS record exists and is correctly configured
348-
func ensureDNSRecord(ctx context.Context, cloudflareClient *cloudflare.API, zoneIdentifier cloudflare.ZoneIdentifier, domain, tunnelDomain string) error {
356+
func ensureDNSRecord(ctx context.Context, cloudflareClient *cloudflare.API, zoneIdentifier *cloudflare.ResourceContainer, domain, tunnelDomain string) error {
349357
return retryOperation(3, func() error {
350358
// Create record template
351359
var proxied bool = true
@@ -447,11 +455,18 @@ func pollTraefikRouters(ctx context.Context, client *resty.Client, interval time
447455
return ch
448456
}
449457

450-
// containsEntrypoint checks if a slice of strings contains a specific entrypoint
451-
func containsEntrypoint(entrypoints []string, targetEntrypoint string) bool {
452-
for _, entrypoint := range entrypoints {
453-
if entrypoint == targetEntrypoint {
454-
return true
458+
// hasMatchingEntrypoint checks if any of the router's entrypoints match our allowed list
459+
func hasMatchingEntrypoint(routerEntrypoints []string, allowedEntrypoints []string) bool {
460+
// If no allowed entrypoints specified, accept all
461+
if len(allowedEntrypoints) == 0 {
462+
return true
463+
}
464+
465+
for _, routerEP := range routerEntrypoints {
466+
for _, allowedEP := range allowedEntrypoints {
467+
if routerEP == allowedEP {
468+
return true
469+
}
455470
}
456471
}
457472
return false

0 commit comments

Comments
 (0)