Cloudflare Tunnels are a great way to securely expose local services to the internet indefinitely, without releaving your IP address or poking holes in your firewall.
It's basically a reverse ssh tunnel on steroids, free, and offers a rock-solid connection.
Once set up (takes 10 mins tops), you can easily add another exposed service in just 30 seconds by editing a config file and restarting the tunnel.
Requirements:
- Cloudflare account (free)
- A domain added to your CF account
cloudflared
installed- once installed, you'll have to authenticate by running
cloudflared tunnel login
(you might need a browser installed on your system for this)
- once installed, you'll have to authenticate by running
$ cloudflared tunnel create <tunnel name>
$ cloudflared tunnel run --url <local destination url> <tunnel name>
# once the tunnel is connected:
$ cloudflared tunnel route dns <tunnel name> <tunnel subdomain to use>.<domain>
This creates a new tunnel, starts it (forwaring the server/service at <local destination url>
) and adds a new DNS record for a new subdomain, that handles this tunnel
You can bind a single tunnel to multiple subdomains, just make sure to include all those "hostnames" inside the config file, else you get a 404
- Create the tunnel like above
- Make sure to take note of the tunnel's generated UUID (and possibly the path to the tunnel’s credentials file)
- Create the config file:
tunnel: <tunnel id> credentials-file: /root/.cloudflared/<tunnel id>.json # also shown during tunnel creation ingress: - hostname: <tunnel subdomain to use>.<domain> service: <local destination url> # e.g. http://localhost:80 - service: http_status:404 # fallback catchall 404 (required)
- I like to use a single tunnel for all my connections (tunnels use multiple connections for redundency) and place the config file in
/etc/cloudflared/config.yaml
on linux
- I like to use a single tunnel for all my connections (tunnels use multiple connections for redundency) and place the config file in
- Start the tunnel, using the config file:
$ cloudflared tunnel --config <path to config file> run <tunnel name>
$ cloudflared tunnel --hostname <tunnel subdomain to use>.<domain> --url <local destination url> --name <tunnel name>
This creates a tunnel, runs it, and adds the necessary DNS entries to your account.
Check out the official docs at https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/create-tunnel