Using Cloudflare dyn_dns seems to fail #4093
Comments
|
You can not repack a config file with a Frontend section in the client since the Frontend section is only used by the server. |
|
Thanks, so for my use case, I need to deploy the server with cloudflare dyn_dns setup? Cheers |
|
I am not sure what your use case is or how cloud flare tunnels work but it sounds to me like this feature is basically a reverse proxy where cloud flare would forward traffic from an external URL to an internal service. In this case the client really does not need to know about this at all it just connects to the url provided and expects to get the server respond on it. Dynamic DNS is required when you need to serve external URLs on a dynamic IP address terminating on your VM itself. It does not sound to me like this is what is happening here? |
Hi,
I have created a velociraptor server which works on my local cluster.
To avoid opening the network, I have created a tunnel from the server towards cloudflare velociraptor.example.com.
For clarity, I have not setup dyn_dns when I deployed the server.
The cloudflare tunnel has a public hostname of velociraptor.example.com and points towards https://local_ip:8000
Now, I want to package and create the client version on my external asset.
Following the docs, I have downloaded the client.config.yaml file from the GUI and made some changes:
`version:
name: velociraptor
version: 0.73.1
commit: 69c4fac
build_time: "2024-10-14T02:35:03Z"
ci_build_url: https://github.com/Velocidex/velociraptor/actions/runs/11320014012
compiler: go1.23.2
system: linux
architecture: amd64
Client:
server_urls:
ca_certificate: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
nonce: ZhSp917Sp7k=
writeback_darwin: /etc/velociraptor.writeback.yaml
writeback_linux: /etc/velociraptor.writeback.yaml
writeback_windows: $ProgramFiles\Velociraptor\velociraptor.writeback.yaml
level2_writeback_suffix: .bak
tempdir_windows: $ProgramFiles\Velociraptor\Tools
max_poll: 60
nanny_max_connection_delay: 600
windows_installer:
service_name: Velociraptor
install_path: $ProgramFiles\Velociraptor\Velociraptor.exe
service_description: Velociraptor service
darwin_installer:
service_name: com.velocidex.velociraptor
install_path: /usr/local/sbin/velociraptor
version:
name: velociraptor
version: 0.73.1
commit: 69c4fac
build_time: "2024-10-14T02:35:03Z"
ci_build_url: https://github.com/Velocidex/velociraptor/actions/runs/11320014012
compiler: go1.23.2
system: linux
architecture: amd64
server_version:
version: 0.73.1
commit: 69c4fac
build_time: "2024-10-14T02:35:03Z"
max_upload_size: 5242880
local_buffer:
memory_size: 52428800
disk_size: 1073741824
filename_linux: /var/tmp/Velociraptor_Buffer.bin
filename_windows: $TEMP/Velociraptor_Buffer.bin
filename_darwin: /var/tmp/Velociraptor_Buffer.bin
Optional: Dynamic DNS settings if using Cloudflare
**Frontend:
hostname: velociraptor.example.com
dyn_dns:
type: cloudflare
api_token: XXXXXXXXXXXXXXXXXXXXX
zone_name: example.com
**
`
I have created the API token on cloudflare following the doc.
When I run the artifact Server.Utils.CreateMSI with this config file, I have the following error message:
client_repack: Provided config file not valid: No API config
I probably do something wrong, but I could not find any information about the correct setup.
Do I need to deploy the server with dyn_dns?
The text was updated successfully, but these errors were encountered: