Cloudflare tunnel adventure

What am I talking about?

Have you ever wanted to connect to a device inside your home network using FQDN? eg. myserver.mydomain.com, or proxmox.mydomain.com. If you have there are few options.


In the past I’ve opened up ports on my router and would forward traffic through and play with CNAME’s in the DNS records of my domain provider. I’ve even used ngrok for some tasks.

This was a total faff and if my IP address of my home changed I would have to go and update the A record so that the CNAME records continued working.

I also had a play with nginx proxy manager. This was ok for a while. It only required opening up two ports 80 and 443 so was a bit more secure than the previous option. As I don’t pay for a static IP address I was still facing the same issue is my ISP decided to change my IP address during a restart of their devices.

I had started to hear about cloudflare tunnels and what is was able to achieve and decided to give it a go.


1. Set up a cloudflare account

2. Add domain to account

Point the nameservers in my domain provider to the ones in Cloudflare’s instructions.

3. Setup the Zero Trust Dashboard

Once through the initial setup I need to setup the tunnel

4. Create the tunnel

Access -> Tunnels

create the tunnel and decide on how you want to deploy it.
I had a linux box running in my proxmox setup that runs docker so I chose that option. But choose whatever one suits your needs.

Once it’s connected to get to choose the routing.

5. Public hostname routing

This is wild. So there is a device now set up inside your network saying hello to Cloudflare and connecting your house to cloudflare.

What you can do now is create subdomains that point to a internal IP in your network and boom you have access to things inside your network.

+ public hostname

add a subdomain if you fancy eg. server.mydomain.com
or a path. eg. www.mydomain.com/server
and then point it towards a service

You have 5 options currently:

  • HTTP
  • HTTPS
  • UNIX
  • TCP
  • SSH

Let’s say I want to point it at my proxmox server. I choose the subdomain proxmox. I choose the domain that I have linked to cloudflare. I choose HTTPS as that server is served securely and I put in the local IP address 192.168.2.10. The important part is to add the port in. Proxmox is served on port 8006 so the it would look like this 192.168.2.10:8006

Hit save.


6. Check it’s all working.

Open you browser and head to proxmox.mydomain.com

BOOM! Your internal network has now got public FQDN.
As long as the cloudflared is running on your network this will work.


7. Add as many as you need

Continue adding as many public hostnames as you require!

Next adventure…

It got me thinking about VPNs and accessing the network while on another network. I’ll write a post about that adventure too. Also I could change the way I connect the Starlink rather than using ngrok.

Posted

in

by

Henry

Tags:

, , ,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.