Skip to content

Instantly share code, notes, and snippets.

@adamelliotfields

adamelliotfields/tunnel.md

Created May 5, 2024 16:56
Show Gist options
  • Save adamelliotfields/9e3610eecef19be5d38b87a2caec4912 to your computer and use it in GitHub Desktop.
Save adamelliotfields/9e3610eecef19be5d38b87a2caec4912 to your computer and use it in GitHub Desktop.
Download ZIP
Cloudflare Tunnel Instructions
Raw
tunnel.md

Cloudflare Tunnel Instructions

This assumes you have a free Cloudflare account and you're already using it as your DNS provider. Also, this is going to be using cloudflared directly on-demand, rather than an always-on systemd service. Based on the official tutorial.

Install cloudflared

Note that you don't need to install the systemd service.

# mac
brew install cloudflared

# linux
curl -fsSLo cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflared.deb

Authenticate with Cloudflare

Run this and click the link in your terminal. If you have multiple domains (origins), you'll be prompted to choose one.

cloudflared login

Click the Authorize button to proceed. This creates ~/.cloudflared/cert.pem. As long as that exists, you're logged in.

Create a tunnel

This creates ~/.cloudflared/<UUID>.json and prints the UUID so you can copy it. If you go to one.dash.cloudflare.com and click "Tunnels", you'll see your tunnel and its UUID with a status of Inactive.

cloudflared tunnel create tun

Now store the UUID in a variable:

uuid=<YOUR_UUID>

And run this to create a config.yml file:

cat <<EOF | tee ~/.cloudflared/config.yml > /dev/null
url: http://localhost:8000
tunnel: $uuid
credentials-file: $HOME/.cloudflared/$uuid.json
EOF

Note that you only need 1 config file; it can support multiple tunnels.

Tip

I prefer to just change the url/port of the tunnel rather than create many.

Assign a subdomain

This creates the CNAME record for your subdomain. Replace tun.example.com with your own.

cloudflared tunnel route dns tun tun.example.com

Go to dash.cloudflare.com and click "DNS Records". You should see the new CNAME record with the content being the UUID of the tunnel.

Run the tunnel

First run an app:

cd tmp
touch index.html
echo "<h1>Hello, world!</h1>" > index.html
python -m http.server

Now run the tunnel (in a new terminal):

cloudflared tunnel run tun

Go to tun.example.com and you should see your running app!

If you go back to the Zero Trust Dashboard and click "Tunnels", you should see your tunnel with a status of Healthy.

To stop the tunnel, simply Ctrl+C in the terminal where it's running. Back in the dashboard, you should see the status change to Down.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment