I know the feeling - I'm a scrappy one man team doing what I'm doing. I'd really like to get something going using zrok one way or another. All the parts are there, just need to put them together. I'd be happy to contribute anything I come up with.
@qrkourier I had a little crack at adapting zrok-share.bash to cater for private shares. Very few changes and it should be backwards compatible. Patch looks like,
diff --git a/nfpm/zrok-share.bash b/nfpm/zrok-share.bash
index a0480d3d..ec7ed03e 100644
--- a/nfpm/zrok-share.bash
+++ b/nfpm/zrok-share.bash
@@ -54,9 +54,12 @@ fi
exit 1
}
-# default mode is reserved (public), override mode is temp-public, i.e., "share public" without a reserved subdomain
+# default mode is 'temp-public' (unreserved), override modes are temp-private, reserved-public, reserved-private.
+: "${ZROK_FRONTEND_MODE:-temp-public}"
if [[ "${ZROK_FRONTEND_MODE:-}" == temp-public ]]; then
ZROK_CMD="share public --headless ${ZROK_VERBOSE:-}"
+elif [[ "${ZROK_FRONTEND_MODE:-}" == temp-private ]]; then
+ ZROK_CMD="share private --headless ${ZROK_VERBOSE:-}"
elif [[ -s ~/.zrok/reserved.json ]]; then
ZROK_RESERVED_TOKEN="$(jq -r '.token' ~/.zrok/reserved.json 2>/dev/null)"
if [[ -z "${ZROK_RESERVED_TOKEN}" || "${ZROK_RESERVED_TOKEN}" == null ]]; then
@@ -73,8 +76,13 @@ elif [[ -s ~/.zrok/reserved.json ]]; then
exit 0
fi
fi
-else
+elif [[ "${ZROK_FRONTEND_MODE:-}" == reserved-public ]]; then
ZROK_CMD="reserve public --json-output ${ZROK_VERBOSE:-}"
+elif [[ "${ZROK_FRONTEND_MODE:-}" == reserved-private ]]; then
+ ZROK_CMD="reserve private --json-output ${ZROK_VERBOSE:-}"
+else
+ echo "ERROR: invalid value for ZROK_FRONTEND_MODE '${ZROK_FRONTEND_MODE}'" >&2
+ exit 1
fi
[[ -n "${ZROK_BACKEND_MODE:-}" ]] || {
@@ -88,12 +96,12 @@ case "${ZROK_BACKEND_MODE}" in
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an HTTP URL" >&2
exit 1
else
- echo "INFO: validated backend mode ${ZROK_BACKEND_MODE} and target ${ZROK_TARGET}"
+ echo "INFO: validated backend mode '${ZROK_BACKEND_MODE}' and target '${ZROK_TARGET}'"
fi
;;
caddy)
if ! [[ "${ZROK_TARGET}" =~ ^/ ]]; then
- echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path." >&2
+ echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path" >&2
exit 1
elif ! [[ -f "${ZROK_TARGET}" && -r "${ZROK_TARGET}" ]]; then
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not a readable regular file" >&2
@@ -104,7 +112,7 @@ case "${ZROK_BACKEND_MODE}" in
;;
web|drive)
if ! [[ "${ZROK_TARGET}" =~ ^/ ]]; then
- echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path." >&2
+ echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not an absolute filesystem path" >&2
exit 1
elif ! [[ -d "${ZROK_TARGET}" && -r "${ZROK_TARGET}" ]]; then
echo "ERROR: ZROK_TARGET='${ZROK_TARGET}' is not a readable directory" >&2
@@ -142,8 +150,9 @@ fi
echo "INFO: running: zrok ${ZROK_CMD}"
-if [[ "${ZROK_FRONTEND_MODE:-}" == temp-public ]]; then
- # share until exit
+if [[ "${ZROK_FRONTEND_MODE:-}" =~ ^temp- ]]; then
+ # frontend mode starts with 'temp-', so is temporary.
+ # share without reserving until exit.
exec zrok ${ZROK_CMD}
else
# reserve and continue
diff --git a/nfpm/zrok-share.env b/nfpm/zrok-share.env
index 323f5b8c..b600e98c 100644
--- a/nfpm/zrok-share.env
+++ b/nfpm/zrok-share.env
@@ -83,6 +83,6 @@ ZROK_SHARE_OPTS=""
# NOTE: basic auth and oauth are mutually exclusive
#ZROK_BASIC_AUTH=""
-# set if self-hosting zrok and not using only the default frontend name 'public'; must be a space-separated list
+# you MAY set to change the frontend mode: temp-public (default), temp-private, reserved-public, reserved-private
# WARNING: changes take effect the next time the frontend URL is reserved
-#ZROK_FRONTENDS="public"
+#ZROK_FRONTEND_MODE="temp-public"
Happy to push to a branch if that's easier.
1 Like
This looks promising and I'm inclined to adopt your patch. I'll be able to test it next week. If you fork zrok in GitHub and send a signed commit I'll be able to preserve your authorship and add you to contributors.
This looks like it will stop the gap until zrok 0.5 brings headless daemon mode, which (if my dreams come true) will allow centrally provisioning shares through the console without new configuration of the daemon for each share.
Thank you for the contribution. It's available in the latest release.
1 Like