Skip to content

Instantly share code, notes, and snippets.

@Chaphasilor

Chaphasilor/cloudflare-tunnels.md

Created January 22, 2022 19:04
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save Chaphasilor/01736f965cbf9bcb59d37a0eb293b624 to your computer and use it in GitHub Desktop.
Save Chaphasilor/01736f965cbf9bcb59d37a0eb293b624 to your computer and use it in GitHub Desktop.
Download ZIP
A short guide on how to use Cloudflare Tunnels to securely expose your services to the internet in just a few minutes 🥳
Raw
cloudflare-tunnels.md

How to create a Cloudflare (Argo) Tunnel

Cloudflare Tunnels are a great way to securely expose local services to the internet indefinitely, without releaving your IP address or poking holes in your firewall.
It's basically a reverse ssh tunnel on steroids, free, and offers a rock-solid connection.
Once set up (takes 10 mins tops), you can easily add another exposed service in just 30 seconds by editing a config file and restarting the tunnel.

Requirements:

  • Cloudflare account (free)
  • A domain added to your CF account
  • cloudflared installed
    • once installed, you'll have to authenticate by running cloudflared tunnel login (you might need a browser installed on your system for this)

Using the command line

$ cloudflared tunnel create <tunnel name>
$ cloudflared tunnel run --url <local destination url> <tunnel name>
# once the tunnel is connected:  
$ cloudflared tunnel route dns <tunnel name> <tunnel subdomain to use>.<domain>

This creates a new tunnel, starts it (forwaring the server/service at <local destination url>) and adds a new DNS record for a new subdomain, that handles this tunnel

You can bind a single tunnel to multiple subdomains, just make sure to include all those "hostnames" inside the config file, else you get a 404

Using a configuration file

  1. Create the tunnel like above
    • Make sure to take note of the tunnel's generated UUID (and possibly the path to the tunnel’s credentials file)
  2. Create the config file: 
    tunnel: <tunnel id>
credentials-file: /root/.cloudflared/<tunnel id>.json # also shown during tunnel creation

ingress:
  - hostname: <tunnel subdomain to use>.<domain>
    service: <local destination url> # e.g. http://localhost:80
  - service: http_status:404 # fallback catchall 404 (required)
    • I like to use a single tunnel for all my connections (tunnels use multiple connections for redundency) and place the config file in /etc/cloudflared/config.yaml on linux
  3. Start the tunnel, using the config file: 
    $ cloudflared tunnel --config <path to config file> run <tunnel name>

Create a temporary tunnel

$ cloudflared tunnel --hostname <tunnel subdomain to use>.<domain> --url <local destination url> --name <tunnel name>

This creates a tunnel, runs it, and adds the necessary DNS entries to your account.

Full Documentation & More Info

Check out the official docs at https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/create-tunnel

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment