feat(funnel): cloudflare quick tunnel embedded subprocess (0.9.5)
Gives the daemon a public HTTPS hostname (`https://<random>.trycloudflare.com`)
so the in-browser player on torrentclaw.com plays cross-network without
Tailscale or port forwarding — the mixed-content block that was breaking
HTTPS-page → HTTP-daemon fetches is gone. Bytes proxy through CloudFlare,
never through TorrentClaw infra (preserves the aggregator legal posture).
New surface:
• `internal/funnel/` package: subprocess wrapper + auto-download for
cloudflared. Linux amd64/arm64/armhf/386 fetched from GitHub releases
on first run, validated by ELF magic + size sanity, O_EXCL partial
write so concurrent daemons don't clobber each other.
• `unarr funnel on/off/status` cobra command (sibling of `unarr vpn`).
• Daemon supervisor goroutine keeps cloudflared up across crashes + CF's
~6h Quick Tunnel rotation. Exponential backoff (2 s → 5 min). On exit
the reported URL is cleared so the web stops handing out a dead host.
• Wire: agent registers/syncs a FunnelURL field; web prefers it over
Tailscale/LAN for in-browser playback (HlsStreamPlayer + Stremio
addon).
Default ON for fresh installs (NAS/Docker get it without terminal-in);
existing configs that pre-date the feature stay off until the operator
opts in with `unarr funnel on`.
Docker image now bundles cloudflared (built per TARGETARCH via buildx).
Also fixed: libx264 'frame MB size > level limit' on anamorphic >16:9
sources. The level we hint to libx264 was derived from height alone,
which busted on 720p cinemascope (1728×720 = 4860 MBs > level 3.1's
3600). Bumped each tier: 720p → 4.0, 1080p → 4.1.
Version: 0.9.4 → 0.9.5.
This commit is contained in:
Deivid Soto
parent
ca7de23a56
commit
88316e7017
15 changed files with 778 additions and 13 deletions
|
|
@ -17,6 +17,7 @@ import (
|
|||
"github.com/torrentclaw/unarr/internal/agent"
|
||||
"github.com/torrentclaw/unarr/internal/config"
|
||||
"github.com/torrentclaw/unarr/internal/engine"
|
||||
"github.com/torrentclaw/unarr/internal/funnel"
|
||||
"github.com/torrentclaw/unarr/internal/library"
|
||||
"github.com/torrentclaw/unarr/internal/library/mediainfo"
|
||||
"github.com/torrentclaw/unarr/internal/usenet/download"
|
||||
|
|
@ -303,6 +304,15 @@ func runDaemonStart() error {
|
|||
}
|
||||
d.UpdateStreamPort(streamSrv.Port())
|
||||
|
||||
// CloudFlare Quick Tunnel — needs the ACTUAL listening port (the
|
||||
// configured port may have been busy and bumped). Spawning here ensures
|
||||
// cloudflared --url points at the right socket. Failures degrade to
|
||||
// Tailscale/LAN only; the supervisor keeps the tunnel up across CF's
|
||||
// periodic rotation + transient cloudflared crashes.
|
||||
if cfg.Download.Funnel.Enabled {
|
||||
go superviseFunnel(ctx, d, streamSrv.Port())
|
||||
}
|
||||
|
||||
// Warn at startup if transcode is enabled but ffmpeg/ffprobe are missing.
|
||||
// HLS sessions get rejected at runtime (see daemon.go ~line 455), but
|
||||
// surfacing it here gives the operator a chance to install ffmpeg before
|
||||
|
|
@ -773,3 +783,54 @@ func runAutoScan(ctx context.Context, cfg config.Config, interval time.Duration,
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
// superviseFunnel keeps a CloudFlare Quick Tunnel up across cloudflared
|
||||
// crashes and CF's ~6h tunnel rotation. On a clean exit (cancellation) it
|
||||
// returns; on a crash it clears the reported URL and respawns with an
|
||||
// exponential backoff so we don't hammer cloudflared into a tight loop when
|
||||
// it can't reach the CF edge.
|
||||
func superviseFunnel(ctx context.Context, d *agent.Daemon, port int) {
|
||||
backoff := 2 * time.Second
|
||||
const maxBackoff = 5 * time.Minute
|
||||
for ctx.Err() == nil {
|
||||
t, err := funnel.Start(ctx, funnel.Config{Port: port})
|
||||
if err != nil {
|
||||
log.Printf("[funnel] could not start CloudFlare tunnel (%v) — retrying in %s", err, backoff)
|
||||
select {
|
||||
case <-time.After(backoff):
|
||||
case <-ctx.Done():
|
||||
return
|
||||
}
|
||||
backoff = min(backoff*2, maxBackoff)
|
||||
continue
|
||||
}
|
||||
log.Printf("[funnel] cloudflared started, waiting for public URL...")
|
||||
go func() {
|
||||
url, werr := t.WaitURL(45 * time.Second)
|
||||
if werr != nil {
|
||||
log.Printf("[funnel] cloudflared did not emit a URL (%v)", werr)
|
||||
return
|
||||
}
|
||||
log.Printf("[funnel] public URL: %s", url)
|
||||
d.SetFunnelURL(url)
|
||||
}()
|
||||
// Block until cloudflared exits (CF rotation, crash, or shutdown).
|
||||
exitErr := <-t.Done()
|
||||
_ = t.Close()
|
||||
d.SetFunnelURL("")
|
||||
if ctx.Err() != nil {
|
||||
return
|
||||
}
|
||||
if exitErr != nil {
|
||||
log.Printf("[funnel] cloudflared exited: %v — restarting in %s", exitErr, backoff)
|
||||
} else {
|
||||
log.Printf("[funnel] cloudflared exited cleanly — restarting in %s", backoff)
|
||||
}
|
||||
select {
|
||||
case <-time.After(backoff):
|
||||
case <-ctx.Done():
|
||||
return
|
||||
}
|
||||
backoff = min(backoff*2, maxBackoff)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
165
internal/cmd/funnel.go
Normal file
165
internal/cmd/funnel.go
Normal file
|
|
@ -0,0 +1,165 @@
|
|||
package cmd
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/fatih/color"
|
||||
"github.com/spf13/cobra"
|
||||
"github.com/torrentclaw/unarr/internal/agent"
|
||||
"github.com/torrentclaw/unarr/internal/config"
|
||||
)
|
||||
|
||||
func newFunnelCmd() *cobra.Command {
|
||||
cmd := &cobra.Command{
|
||||
Use: "funnel",
|
||||
Short: "Expose the daemon over a public HTTPS hostname via CloudFlare Quick Tunnel",
|
||||
Long: `Turn the CloudFlare Quick Tunnel on/off and check its status.
|
||||
|
||||
When on, the daemon spawns cloudflared as a child process and registers a
|
||||
` + "`https://<random>.trycloudflare.com`" + ` hostname tunnelled to its local
|
||||
HLS server. The torrentclaw.com / torrentclaw.to web player picks the tunnel
|
||||
URL first so cross-network playback works from any browser without Tailscale
|
||||
or port forwarding.
|
||||
|
||||
Trade-offs:
|
||||
• Bytes proxy through CloudFlare. We don't relay; CF does. Preserves the
|
||||
TorrentClaw legal posture but means CF sees your traffic shape.
|
||||
• Quick Tunnels are anonymous — no CF account required.
|
||||
• Hostname is random per session and rotates roughly every 6 h.
|
||||
|
||||
Requires the cloudflared binary on PATH. Install:
|
||||
Linux : https://pkg.cloudflare.com (apt) or download from
|
||||
https://github.com/cloudflare/cloudflared/releases
|
||||
macOS : brew install cloudflared
|
||||
Windows: winget install --id Cloudflare.cloudflared`,
|
||||
Example: ` unarr funnel status # is the tunnel up? what's the URL?
|
||||
unarr funnel on # turn it on
|
||||
unarr funnel off # turn it off`,
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
return cmd.Help()
|
||||
},
|
||||
}
|
||||
cmd.AddCommand(newFunnelStatusCmd(), newFunnelOnCmd(), newFunnelOffCmd())
|
||||
return cmd
|
||||
}
|
||||
|
||||
func newFunnelStatusCmd() *cobra.Command {
|
||||
return &cobra.Command{
|
||||
Use: "status",
|
||||
Short: "Show CloudFlare tunnel configuration + live URL",
|
||||
Example: " unarr funnel status",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
return runFunnelStatus()
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func runFunnelStatus() error {
|
||||
bold := color.New(color.Bold)
|
||||
dim := color.New(color.FgHiBlack)
|
||||
green := color.New(color.FgGreen)
|
||||
yellow := color.New(color.FgYellow)
|
||||
cyan := color.New(color.FgCyan)
|
||||
|
||||
cfg := loadConfig()
|
||||
|
||||
fmt.Println()
|
||||
bold.Println(" CloudFlare Quick Tunnel")
|
||||
fmt.Println()
|
||||
|
||||
if !cfg.Download.Funnel.Enabled {
|
||||
dim.Println(" Mode: off")
|
||||
fmt.Println()
|
||||
dim.Println(" Enable with `unarr funnel on` to give the daemon a public HTTPS URL")
|
||||
dim.Println(" so cross-network browser playback works without Tailscale.")
|
||||
fmt.Println()
|
||||
return nil
|
||||
}
|
||||
cyan.Println(" Mode: on")
|
||||
|
||||
state := agent.ReadState()
|
||||
alive := state != nil && isDaemonAlive(state)
|
||||
fmt.Println()
|
||||
switch {
|
||||
case alive && state.FunnelURL != "":
|
||||
green.Println(" ✓ Tunnel ACTIVE")
|
||||
fmt.Printf(" URL: %s\n", state.FunnelURL)
|
||||
fmt.Println()
|
||||
dim.Println(" This URL rotates roughly every 6 h. The web player picks it up")
|
||||
dim.Println(" automatically — no action needed on your side.")
|
||||
case alive:
|
||||
yellow.Println(" ⚠ Daemon is running but the tunnel hasn't registered yet.")
|
||||
dim.Println(" Check `unarr daemon logs` for a [funnel] line. Common cause:")
|
||||
dim.Println(" cloudflared isn't installed on PATH.")
|
||||
default:
|
||||
dim.Println(" Daemon not running — start it (`unarr start`) to bring the tunnel up.")
|
||||
}
|
||||
fmt.Println()
|
||||
return nil
|
||||
}
|
||||
|
||||
func newFunnelOnCmd() *cobra.Command {
|
||||
return &cobra.Command{
|
||||
Use: "on",
|
||||
Short: "Turn the CloudFlare tunnel on",
|
||||
Example: " unarr funnel on",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
return setFunnelEnabled(true)
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func newFunnelOffCmd() *cobra.Command {
|
||||
return &cobra.Command{
|
||||
Use: "off",
|
||||
Short: "Turn the CloudFlare tunnel off",
|
||||
Example: " unarr funnel off",
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
return setFunnelEnabled(false)
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func setFunnelEnabled(enabled bool) error {
|
||||
green := color.New(color.FgGreen)
|
||||
dim := color.New(color.FgHiBlack)
|
||||
|
||||
cfg := loadConfig()
|
||||
if cfg.Download.Funnel.Enabled == enabled {
|
||||
fmt.Println()
|
||||
dim.Printf(" Tunnel is already %s — nothing to do.\n", onOffWord(enabled))
|
||||
fmt.Println()
|
||||
return nil
|
||||
}
|
||||
|
||||
cfg.Download.Funnel.Enabled = enabled
|
||||
|
||||
configPath := config.FilePath()
|
||||
if cfgFile != "" {
|
||||
configPath = cfgFile
|
||||
}
|
||||
if err := config.Save(cfg, configPath); err != nil {
|
||||
return fmt.Errorf("save config: %w", err)
|
||||
}
|
||||
appCfg = cfg
|
||||
|
||||
fmt.Println()
|
||||
green.Printf(" ✓ CloudFlare tunnel %s.\n", onOffWord(enabled))
|
||||
|
||||
// Subprocess is launched/torn down by the daemon at startup; a plain config
|
||||
// reload does not bring it up. Prompt for a restart when the daemon is alive.
|
||||
if state := agent.ReadState(); state != nil && isDaemonAlive(state) {
|
||||
fmt.Println()
|
||||
dim.Println(" The daemon is running. Restart it for this to take effect:")
|
||||
dim.Println(" unarr daemon restart")
|
||||
}
|
||||
fmt.Println()
|
||||
return nil
|
||||
}
|
||||
|
||||
func onOffWord(enabled bool) string {
|
||||
if enabled {
|
||||
return "on"
|
||||
}
|
||||
return "off"
|
||||
}
|
||||
|
|
@ -105,6 +105,8 @@ Source: https://github.com/torrentclaw/unarr`,
|
|||
daemonCmd.GroupID = "daemon"
|
||||
vpnCmd := newVPNCmd()
|
||||
vpnCmd.GroupID = "daemon"
|
||||
funnelCmd := newFunnelCmd()
|
||||
funnelCmd.GroupID = "daemon"
|
||||
|
||||
// System & Diagnostics
|
||||
statsCmd := newStatsCmd()
|
||||
|
|
@ -149,6 +151,7 @@ Source: https://github.com/torrentclaw/unarr`,
|
|||
statusCmd,
|
||||
daemonCmd,
|
||||
vpnCmd,
|
||||
funnelCmd,
|
||||
// System & Diagnostics
|
||||
statsCmd,
|
||||
doctorCmd,
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
package cmd
|
||||
|
||||
// Version is the CLI version. Overridden by goreleaser ldflags at release time.
|
||||
var Version = "0.9.4"
|
||||
var Version = "0.9.5"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue