From 5c9ba4646f3e2246cbeeae8feee3e85a2b4a833d Mon Sep 17 00:00:00 2001 From: iUnknwn Date: Wed, 15 Jan 2020 16:28:35 -0800 Subject: [PATCH 1/5] Add instuctions for updating cloudflared binary. Adds a section to the DNS-Over-HTTPS guide with instructions for how to ensure the cloudflared daemon is kept up-to-date. --- docs/guides/dns-over-https.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docs/guides/dns-over-https.md b/docs/guides/dns-over-https.md index 793d9ba5a..bab4283eb 100644 --- a/docs/guides/dns-over-https.md +++ b/docs/guides/dns-over-https.md @@ -223,3 +223,23 @@ sudo systemctl daemon-reload After the above, don't forget to change the DNS back to something else in Pi-hole's DNS settings! [^guide]: Based on [this guide by Ben Dews | bendews.com](https://bendews.com/posts/implement-dns-over-https/) + +### Updating Cloudflared + +The `cloudflared` tool will not receive updates through the package manager, but it can be instrcted to update itself. + +To do this, create the following script, and place it in `/etc/cron.weekly/cloudflared-updater.sh`: + +```bash +cloudflared update +systemctl restart cloudflared +``` + +Adjust permissions: + +```bash +sudo chmod +x /etc/cron.weekly/cloudflared-updater.sh +sudo chown root:root /etc/cron.weekly/cloudflared-updater.sh +``` + +The system will now attempt to update the cloudflared binary automatically, once per week. \ No newline at end of file From 70d0d13c892cf3b51803b28dae5a6adbb45c26a3 Mon Sep 17 00:00:00 2001 From: iUnknwn Date: Sat, 1 Feb 2020 22:35:17 -0800 Subject: [PATCH 2/5] Provided manual updating steps for Cloudflared Changed documentation to first list manual method to update the cloudflared binary, and then have a subsequent paragraph on automatic updating if desired by the user. Also, while small, added a note that cloudflared will work with other DoH providers (was useful when there was a cloudflare outage in my region). --- docs/guides/dns-over-https.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/docs/guides/dns-over-https.md b/docs/guides/dns-over-https.md index bab4283eb..38cfe7d17 100644 --- a/docs/guides/dns-over-https.md +++ b/docs/guides/dns-over-https.md @@ -60,10 +60,12 @@ sudo useradd -s /usr/sbin/nologin -r -M cloudflared Proceed to create a configuration file for `cloudflared` by copying the following in to `/etc/default/cloudflared`. This file contains the command-line options that get passed to cloudflared on startup: ```bash -# Commandline args for cloudflared +# Commandline args for cloudflared, using Cloudflare DNS CLOUDFLARED_OPTS=--port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query ``` +**Note:** The `cloudflared` binary will work with other DoH providers (for example, you could use https://8.8.8.8/dns-query for Google DNS). + Update the permissions for the configuration file and `cloudflared` binary to allow access for the cloudflared user: ```bash @@ -226,16 +228,16 @@ After the above, don't forget to change the DNS back to something else in Pi-hol ### Updating Cloudflared -The `cloudflared` tool will not receive updates through the package manager, but it can be instrcted to update itself. - -To do this, create the following script, and place it in `/etc/cron.weekly/cloudflared-updater.sh`: +The `cloudflared` tool will not receive updates through the package manager, however it can be updated +manually by running these commands: ```bash cloudflared update systemctl restart cloudflared ``` -Adjust permissions: +If you want to have the system update `cloudflared` automatically, simply place the update commands in the +file `/etc/cron.weekly/cloudflared-updater.sh`, and adjust permissions: ```bash sudo chmod +x /etc/cron.weekly/cloudflared-updater.sh From 7f7312a82646ada22111792ade0297c48f8e700e Mon Sep 17 00:00:00 2001 From: iUnknwn Date: Sat, 1 Feb 2020 22:40:44 -0800 Subject: [PATCH 3/5] Minor correction - command missing sudo prefix Forgot to add sudo in front of the cloudflared/systemd command. Fixed in this commit. --- docs/guides/dns-over-https.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/guides/dns-over-https.md b/docs/guides/dns-over-https.md index 38cfe7d17..298d20ae3 100644 --- a/docs/guides/dns-over-https.md +++ b/docs/guides/dns-over-https.md @@ -232,8 +232,8 @@ The `cloudflared` tool will not receive updates through the package manager, how manually by running these commands: ```bash -cloudflared update -systemctl restart cloudflared +sudo cloudflared update +sudo systemctl restart cloudflared ``` If you want to have the system update `cloudflared` automatically, simply place the update commands in the From 3e2a96b80a424d996b2eaa8711b002ff95406612 Mon Sep 17 00:00:00 2001 From: iUnknwn Date: Sat, 18 Apr 2020 15:26:23 -0700 Subject: [PATCH 4/5] Add changes requested by XhmikosR --- docs/guides/dns-over-https.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/guides/dns-over-https.md b/docs/guides/dns-over-https.md index 298d20ae3..9cd2c022b 100644 --- a/docs/guides/dns-over-https.md +++ b/docs/guides/dns-over-https.md @@ -64,7 +64,7 @@ Proceed to create a configuration file for `cloudflared` by copying the followin CLOUDFLARED_OPTS=--port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query ``` -**Note:** The `cloudflared` binary will work with other DoH providers (for example, you could use https://8.8.8.8/dns-query for Google DNS). +**Note:** The `cloudflared` binary will work with other DoH providers (for example, you could use `https://8.8.8.8/dns-query` for Google DNS). Update the permissions for the configuration file and `cloudflared` binary to allow access for the cloudflared user: @@ -244,4 +244,4 @@ sudo chmod +x /etc/cron.weekly/cloudflared-updater.sh sudo chown root:root /etc/cron.weekly/cloudflared-updater.sh ``` -The system will now attempt to update the cloudflared binary automatically, once per week. \ No newline at end of file +The system will now attempt to update the cloudflared binary automatically, once per week. \ No newline at end of file From 3337b2aa9ae529d3d81df305cf0ab2cd33fd9077 Mon Sep 17 00:00:00 2001 From: iUnknwn Date: Sun, 19 Apr 2020 17:38:56 -0700 Subject: [PATCH 5/5] Merge instructions for automatic cloudflared updates via cron --- docs/guides/dns-over-https.md | 48 +++++++++++++++++------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/docs/guides/dns-over-https.md b/docs/guides/dns-over-https.md index 9cd2c022b..0c1e382cc 100644 --- a/docs/guides/dns-over-https.md +++ b/docs/guides/dns-over-https.md @@ -13,6 +13,8 @@ Along with releasing their DNS service [1.1.1.1](https://blog.cloudflare.com/ann In the following sections, we will be covering how to install and configure this tool on `Pi-hole`. +**Note:** The `cloudflared` binary will work with other DoH providers (for example, you could use `https://8.8.8.8/dns-query` for Google's DNS-Over-HTTPS service). + ### Installing `cloudflared` The installation is fairly straightforward, however, be aware of what architecture you are installing on (`amd64` or `arm`). @@ -64,8 +66,6 @@ Proceed to create a configuration file for `cloudflared` by copying the followin CLOUDFLARED_OPTS=--port 5053 --upstream https://1.1.1.1/dns-query --upstream https://1.0.0.1/dns-query ``` -**Note:** The `cloudflared` binary will work with other DoH providers (for example, you could use `https://8.8.8.8/dns-query` for Google DNS). - Update the permissions for the configuration file and `cloudflared` binary to allow access for the cloudflared user: ```bash @@ -179,7 +179,13 @@ Finally, configure Pi-hole to use the local `cloudflared` service as the upstrea ### Updating `cloudflared` -#### Manual way +The `cloudflared` tool will not receive updates through the package manager. However, you should keep the program update to date. You can either do this manually, or via a cron script. + +The procedure for updating depends on how you configured the `cloudflared` binary. + +#### If you configured cloudflared with your own service files + +If you configured `cloudflared` manually (by writing a systemd unit yourself), to update the binary you'll simply redownload the binary from the same link, and repeat the install procedure. ```bash wget https://bin.equinox.io/c/VdrWdbjqyF/cloudflared-stable-linux-arm.tgz @@ -192,13 +198,27 @@ cloudflared -v sudo systemctl status cloudflared ``` -#### Automatic way +#### If you configued cloudflared via `service install` + +If you configured `cloudflared` using their `service install` command, then you can use the built in update command. ```bash sudo cloudflared update sudo systemctl restart cloudflared ``` +#### Automating Cloudflared Updates + +If you want to have the system update `cloudflared` automatically, simply place the update commands for your configuration method in the +file `/etc/cron.weekly/cloudflared-updater.sh`, and adjust permissions: + +```bash +sudo chmod +x /etc/cron.weekly/cloudflared-updater.sh +sudo chown root:root /etc/cron.weekly/cloudflared-updater.sh +``` + +The system will now attempt to update the cloudflared binary automatically, once per week. + ### Uninstalling `cloudflared` #### If installed the manual way @@ -225,23 +245,3 @@ sudo systemctl daemon-reload After the above, don't forget to change the DNS back to something else in Pi-hole's DNS settings! [^guide]: Based on [this guide by Ben Dews | bendews.com](https://bendews.com/posts/implement-dns-over-https/) - -### Updating Cloudflared - -The `cloudflared` tool will not receive updates through the package manager, however it can be updated -manually by running these commands: - -```bash -sudo cloudflared update -sudo systemctl restart cloudflared -``` - -If you want to have the system update `cloudflared` automatically, simply place the update commands in the -file `/etc/cron.weekly/cloudflared-updater.sh`, and adjust permissions: - -```bash -sudo chmod +x /etc/cron.weekly/cloudflared-updater.sh -sudo chown root:root /etc/cron.weekly/cloudflared-updater.sh -``` - -The system will now attempt to update the cloudflared binary automatically, once per week. \ No newline at end of file