Cloudflare Tunnel?
-
jagadeesh-s2104wrote on Jun 18, 2022, 12:03 PM last edited by girish Jun 20, 2022, 3:19 AM
Hello guys!
Is there a way to use cloudflare tunnel/argo with cloudron instead of opening the ports?
Regards,
KK -
@jagadeesh-s2104 a user had some success with argo tunnel as reported here - https://forum.cloudron.io/topic/5714/argo-tunnels . We haven't tried this ourselves.
-
@girish thank you!
-
bigbucketboywrote on Apr 9, 2023, 1:09 AM last edited by bigbucketboy Apr 9, 2023, 1:16 AM
Hello. I was able to get this to work successfully with Cloudflare Tunnels. What I am having a problem with now is that my local Cloudron server is throwing fits when I go and re-sync DNS records. To get Cloudflare Tunnels to work you have to delete the current *.domain.com DNS record in Cloudflare that your Cloudron server automatically creates. Then in the Cloudflare Tunnels settings it creates a CNAME record in place of the old DNS A record that Cloudron automatically created. You do have to check the settings under TLS and disable TLS verify though. At this point it does work. I can access my site and completely disable port 443 on my router. I have zero ports exposed. Essentially Cloudflare Tunnels acts as a Reverse Proxy through the tunnel. I can route all the apps with their sub-domains this way and it works great. My question is, now that you have a little bit of backstory, how can I make Cloudron and the DNS settings Cloudflare Tunnels create work naturally together so that if DNS records re-sync it keeps everything working properly without breaking the site. To my understanding Cloudron does regular DNS checks and makes sure everything can talk to each other. If I do re-sync DNS settings or if the Cloudron server does it automatically itself via it's regular checks the DNS records get overwritten to point back to my public IP address again, instead of the Cloudflare Tunnel, which then breaks the site because the port fordwarding is turned off.
Thanks @girish
-
-
-
@girish So I saw in a previous post you said you can setup Cloudron to use a local IP rather than a public one which I decided to go that route everything still works fine but I had one more question. Will Cloudron update DNS records automatically? Like will my system break after updates or something? Will I also receive an alert from my main my.domain.com notifications saying DNS don’t match? I’m hoping with it set to local it won’t update. If it does I can just VPN into my network and access stuff and fix everything again but I was hoping I wouldn’t have to do this often if at all. Can you shed a little light on this? Thanks!
-
@bigbucketboy the update by itself won't re-setup DNS records, no.
-
@girish great thanks!
-
-
quite unfortunately, i had some isssues with it.
basically what i did is the easiest way, putting the cloudflare tunnel in a docker container.
then, i made it go to my page, of testing, https://wp-test.blindsoft.net.
quite unfortunately, it showed up as bad gateway (502) error. its closed now, so.
what i usually do for things i cant put under cloudflare gateway is i filter the ports to all IPs ports with the exception of cloudflare IP addresses, port443, and my IP, 22 and 443. though keep in mind that if applications are using openid, for whatever reason this may not work. -
*things i cant put under cloudflare tunnels, my bad
-
an example of this not working is https://access.blindsoft.net
-
o nevermind, it might be working this time. my bad there
-
it's fine, a lot of people get that confused
-
FYI, it's also an unlabeled aspect of the UI that's in a 3-dot menu after the reply, quote and upvote button at the bottom of each post.
-
its inlabled? it needs to be labled if my screen reader needs to read it
-
TailScale seems to be working much better in this regard.
-