DUDE. I have been going 'round and 'round with this. I've watched about half a dozen videos, studied at least the same number of articles, and this is the first time I've got it working. And it was so easy. I was WAY over complicating this. At least I know a lot more about apache/cloudflare/docker/nginx than I'd ever thought I'd know. Thanks for allowing me to get back to having fun in the homelab again. Keep up the good work!!
Same here xD Still stuck at the end, currently trying to assign nat ports to continue following up on this guide.. Got a wordpress installation on a local webserver using Nginx, which I've already setup to be powered by cloudflare, got all the ssl certs and stuff completed, just need to get around the dns I guess xD Thank god for people like Chuck !
@@Than3Dane I've been stuck with nginx on a 403 error. Got the initial nginx page, but when i directed it to the index file, it 403s now. XD Love this video tho, I have made more progress each time I sit down on this project.
Genius dude. I have spent over 12 hours trying to get a reverse proxy working with Caddy, docker containers and all this other shit. Here we are, clear as mud. Thanks man.
You can use Cloudflare tunnels to avoid opening any ports on your router and also to not worry about your public IP changing (most people don't have fixed IP).
Dude you are CONSISTENTLY the BEST teacher for Networking and providing very simple visual guides on how to set up projects. I finally got a website online thanks to your tutorials and can't say thank you enough. You are the man.
2 Years late to this party but you've helped me setup an immich server so I don't have to pay Google $10 a month to store more than 200GB of data. Now I can store 3TB worth of data for photos and be good for a while. I thank you sir.
Even though this video is 2 years old, still works perfectly. Was going round in a circle trying to watch several different videos to setup different aspects. Amazing to see one streamlined video stringing it all together! Perfect results first time round.
I seriously felt that cut to screaming into the pillow. That was my experience trying to get this all set up before I found your video, it helped a ton!
Very clear instructions, hit every step I needed to get up and running safely. And damn entertaining - the shrieking into a pillow was a hoot. You've got yourself a subscriber. Thanks!
Thanks for explaining this in detail! My server has been running Nginx Proxy Manager for 3 ish years but recently it stopped working and I was struggling with the reinstallation process. This helped me re-do my SSL setup!
Awesome. Been spun around in circles over this. Ended up have an obtuse issue with the add-on in home assistant. Wipe the DB, reinstalled...started with wildcard cert with DNS challenge first before adding proxy hosts...works like a champ
Perfect video, by far the best I have found! I'm having a lot of fun with my homelab thanks to great teachers like you. Greetings from the Netherlands!
Thank you so much for this video! I was losing my mind trying to get NPM + Certbot to work in unraid. Setting my domains up in Cloudflare was the ticket. Thanks again!
First of all, thank you for the video. You have put together a topic that I have been researching for a while, , very well. I think a top of this can be done using Cloudflare Tunnel. Thus, it becomes appealing to those using CGNAT or Dynamic IP addresses. Thanks again, have a nice day ^_^
Great Video, but worth mentioning that some residential ISPs will block traffic on port 80, which can make getting a Let’s Encrypt cert difficult. You can still get around it by hosting the Nginx proxy in the cloud and having it proxy to other ports on your home network.
Cloudflared ( Argo Tunnels) ,or Ngrok. I've also heard of Inlets, but I haven't been able to test it. They're like a wormhole. The visitors hit the edge (Cloudflare servers) and see your site without having to open ports.
thank you! i was struggling with this for a little bit but your video was great. had watched a few other videos and read a few random forums but didnt have any luck until i saw this :) not the first time your videos have helped me/taught me something!
Cloudflare tunnels can technically see all the traffic you’re tunneling through, including any self hosted media (which i believe is technically not allowed in their T&Cs). Using Cloudflare only for SSL keeps everything local
Cloudflare tunnel is managed thru their dashboard and limited by free tier restrictions. Some services also just plain don’t work thru Tunnel + requires functioning vpn thru cloudflare on client devices
@@hujake5406if you don't pay for the full service you're limited to file sizes of 150mb through the tunnel. Also, why host your own stuff if you're just going to open it up for a third party to have unencrypted access to it in transfer?
My ISP does not allow port forwarding at all and does it allot a static public IP. Can you make a tutorial about using Cloudflare tunnel to host a website?
Great video. I think when you activate the option "Always use https" on Cloudflare 14:01, you ask cloudflare to redirect any request coming to http 80 to 443 https. Then I don't find any reason why you would open the port 80 on your firewall 6:41
Well ok to punch a whole in to the firewall of router but what about the man in the middle attack or some how someone knows the public IP? Is it better to have in docker a tunnel connected to the cloudflare (also better for people like me with random public IP for every restart of the router) then in the dashboard create the link with auto SSL wildcard certificate to point to the nginx and then to the server with SSL from the nginx?
This is basically how I set up my website. It's served from a raspberry pi and instead of running nginx I ran certbot on the pi. I needed to stop proxying my ip for a minute for certbot to work but it works. I have the lowest power web server on earth. For a site that isn't maintained and no one goes to.
One of the whole points of using cloudflare is to circumvent the need to reconfigure your router. I dont have access to my router; its shared in a small community and controlled by one individual landlord. I was turned onto cloudflare as a means of tunneling through and allowing external connections to my computer, without having to set any port forwarding in the router. Hiding my IP from people was never my intention in using cloudflare
Look into implementing all your SSL's from CF using their "Origin" Certs into the Reverse PM, it will change your life. You will get a 15 year SSL cert that you don't have to worry about replacing in your Reverse PM for at least 15 years.
Fantastic video! Thank you so much! The only thing I did on my config was use Zero Trust Tunneling from Cloud Flare instead of opening ports on my router. (I'm just paranoid. I'm sure this is safe, too. Just you know, overkill is underrated. ) Also Fun fact, this was the only way I could find that wasn't a giant pain to get an SSL secured Wordpress install self hosted. Great work! Thank you again so much. Fantastic content. I have been binging all your stuff!
@Michael-rq8zj Hey man, sure so RaidOwl actually has a video on this. I used this to do most of it. There was some wordpress specific stuff that I had to do. If you're specifically looking into that I can look for my notes. LMK. ruclips.net/video/hrwoKO7LMzk/видео.html
Amazing. This got me where I wanted. Goal: Running proxmox server with an ubuntu server VM (wondering if I should just run ubuntu server, but guess I can learn proxmox and ubuntu together). Have some docker containers running in the ubuntu server and wanted to get them on the entire internet. This get you there! Feels good.
Wieso hat du es nicht direkt über einen Tunnel gelöst, damit sparst Du dir das Port-forwarden und dein System sollte noch sicherer sein? Vielleicht bekommt Du ja eine Konfi hin mit der SSL funktioniert. Ich bin jetzt 3 Tage dran, Docker: Nginx Proxy Manager + Letsencryt + Cloudflared (Tunne) zu konfigurieren - es will aber einfach nich funktioineren - ohne SSL geht ohne Probleme...
@@fuuguuu5443 🤣naja unnötig nicht wirklich, ist ja okay, und war auch bestimmt arbeit, ich habs mittlerweile über cloudflare tunne und ssl am laufen und bin zufrieden.
One biggest problem with using port 80 and 443 is isp provider blocks those on customers for homes and requires us to use business plan costs more .... So workaround is port forwarding in router to different ports it really aucks
How does this strategy compare with "cloudflare zetro trust"? zero trust is what i'm using right now, but this strategy seems to be something different. And if we opened ports 81 and 443 in the router, doesn't that means it is "inviting hackers" as in the beginning of the video and the only thing protecting me would be that an attacker doesn't know my public IP?
Yep, NetworkChuck has made a youtube post on this Cloudflare ZeroTrust tunnel, I use it and it works just fine. However you need to have a tunnel agent running on your network that does what the Nginx proxy does: moving the encripted tunnel traffic to the right device/port on your lan. And, best of all, no port has to be opened on your router to manage incoming traffic, the tunnel agent connects itself to Cloudflare and does the magic. Cloudflare has many ways of doing things!
Nice video, just a question, if i want to host something to an other port i need to expose a port of my router that could be found by some malicious scan and accessed by the direct static ip bypassing cloudeflare right?
Great video, however can I ask how can I input the IPv4 Address in Cloudflare A record if my IPv4 public address is a dynamic one ? Is it required to replaced with a DDNS name instead ? And how to set it up ? Looking forward to hearing from you soon. Thank you.
I have noticed the Cloudflare DNS offers a free Universal SSL Cert that already applied to my DNS domain. When I setup the proxy like the video shows, the site can be loaded successfully but the SSL cert is always showing the Universal SSL Cert from Cloudflare. Although it is kinda nice to have a free SSL out of box, I am curious does that make the Let's Encrypt on Nginx Proxy Manager unnecessary?
@@marcofanuntza Exactly i too have same question , like what is the use of NPM here . Subdomains and SSL both can be managed from cloudflare itself. Correct ?
I followed this set-by-step, and there are no errors anywhere, but it just won't get to my destination. I can see when I add in the URL it recognized that it's hitting Nginx, but it won't go any further. There is nothing in the error logs and Cloudflare says the server just isn't responding. I've added every firewall rule I can think of to ensure the traffic is whitelisted and still nothing. There is really nothing left to check to get a clue why it isn't working. Surely there is an easier way. Spent 8 hours troubleshooting it and I feel like throwing my servers down the stairs!
@@RaidOwl I use AT&T fiber and apparently they don’t from everything I read and calling up support. I created so many firewall rules to ensure traffic from the router/firewall (Uniquiti), from NPM to Overseerr, and across the VLAN that hosts this, no joy. I did use a Cloudflare tunnel for access to Overseerr, and it works instantaneously every time, but I didn’t feel it was secure enough, and still don’t, so I created a separate VLAN with a test Proxmox server, running Ubuntu VM, with Docker, and Portainer, and wanted to only allow specific traffic, using Let’s Encrypt, from NPM to my test Overseerr and Plex, and then roll it out to my trusted network. I tried on Proxmox and Unraid, and neither worked, but both worked with the Cloudflare tunnel. Cloudflare tunnel is a bit ghetto and only for specific use cases, and coupled with additional security measures, or for people who can’t figure it out, which apparently includes me, except I’d rather not offer the service than not feel like I have a security posture I’m comfortable with.
@@RaidOwl it's not the firewall and my carrier doesn't use cg-nat. Been dicking around with every possible setting for hours a day for a week. Everything says it's all working end to end, but the connection times out once it hits NPM. Certs are fine, but it just won't forward. Seems pretty flaky. There aren't a lot of settings in NPM, but is there anything that would prevent it from forwarding to a proxy host?
great video even 2 years ! my doubt is the ip in my home chance after someone days(not static ip) and this tutorial mean "set your public ip in cloudflare configuration....", so this is a problem if my home ip is not static ?
all the thing in the video seems ok, but in my case, I have a exception, my internet provider does not give static IP, so is there any other way to dynamically update my public IP in cloudflare so it will be up to date
WOW, thanks man for this simple tutorial, damn I was trying to do this for a few days now, finally i got your video. Thank you for your work, it was so simple to setup. Thank you once again and regards.
I forwarded the right ports (I had to change it up because for example my router wouldn't let me forward 8080 to 80) My domain keeps taking me to the Unraid Web GUI. What am I doing wrong?
Why open the ports and using Cloudflare to direct the traffic to those ports? It doesn't make it that much safer as your ports still are open for port scans and hackers finding those ports. When you use Cloudflare anyway, why not using tunnels as this remove all the issue with opening the ports in the first place and makes it a lot mote secure. Or am I missing something?
Thank you for this guide. But I don't think you need to expose port 80 to the internet at all with this set up. I only exposed port 443 and everything worked for me just like on the video.
Great video!! I currently use Google domains with Dynamic DNS because I don’t have a static IP address. Is there a way to do this with dynamic DNS and use a CNAME instead?
i set mine up but every hour or so all domains go offline then online sometimes 3 times an hour? i check the github and found at least 3/4 other ppl talk about it but dont see any solution
It's crazy how fast this tech moves. This video was great but cloudflare tunnels removes the need to open ports on the router or forward ports (or even open ports in docker 👀).
You got me when you said... "show it off to all your friends and yeah" here's my friend RabbitMQ... Totally worth a new sub! Thanks for the video, great work summarizing what could usually be a complex topic and still making it fun.
Bro had me from the jump. "You finally finished your website after countless months of Red Bull" A few moments later..."Hello, World." 🤣😂😂😂
Totally not speaking from my personal experiences there…lol
Ok - now I don’t feel so embarrassed knowing I wasn’t the only one who had that as their first webpage!! 😎
lmao same i was all in from the capri sun hanging in the mouth
bro got me at the "control freak" and "cheaper than Mr. Krabs" 😭😭
DUDE. I have been going 'round and 'round with this. I've watched about half a dozen videos, studied at least the same number of articles, and this is the first time I've got it working. And it was so easy. I was WAY over complicating this. At least I know a lot more about apache/cloudflare/docker/nginx than I'd ever thought I'd know.
Thanks for allowing me to get back to having fun in the homelab again. Keep up the good work!!
im in the homelab nightmare stage xD
Same here xD Still stuck at the end, currently trying to assign nat ports to continue following up on this guide.. Got a wordpress installation on a local webserver using Nginx, which I've already setup to be powered by cloudflare, got all the ssl certs and stuff completed, just need to get around the dns I guess xD
Thank god for people like Chuck !
@@Than3Dane I've been stuck with nginx on a 403 error. Got the initial nginx page, but when i directed it to the index file, it 403s now.
XD Love this video tho, I have made more progress each time I sit down on this project.
Literally same, this video saved me so much time
Same for me, i've been watching these videos for a week and tinkering around but with no luck, until this video!
Genius dude. I have spent over 12 hours trying to get a reverse proxy working with Caddy, docker containers and all this other shit. Here we are, clear as mud. Thanks man.
Thank you for the thorough explanation & step by step. Even 2 years later, this video is still helping others (like myself!). Appreciate the tutorial!
You can use Cloudflare tunnels to avoid opening any ports on your router and also to not worry about your public IP changing (most people don't have fixed IP).
Dude you are CONSISTENTLY the BEST teacher for Networking and providing very simple visual guides on how to set up projects. I finally got a website online thanks to your tutorials and can't say thank you enough. You are the man.
2 Years late to this party but you've helped me setup an immich server so I don't have to pay Google $10 a month to store more than 200GB of data. Now I can store 3TB worth of data for photos and be good for a while. I thank you sir.
Even though this video is 2 years old, still works perfectly. Was going round in a circle trying to watch several different videos to setup different aspects. Amazing to see one streamlined video stringing it all together!
Perfect results first time round.
Dude, you just absolutely broke me out of my confusion over this entire process. THANK YOU!!!
I tried watching a few videos but this one by far is the most straight forward and well explained. Thank you for your well made videos!
I seriously felt that cut to screaming into the pillow. That was my experience trying to get this all set up before I found your video, it helped a ton!
The take a breath followed by screaming into a pillow made me laugh way too hard. Great video.
Very clear instructions, hit every step I needed to get up and running safely. And damn entertaining - the shrieking into a pillow was a hoot. You've got yourself a subscriber. Thanks!
Thank you! I saw tutorials on doing this a lot of times and this one has been the only one that has worked as far!
Thanks for explaining this in detail! My server has been running Nginx Proxy Manager for 3 ish years but recently it stopped working and I was struggling with the reinstallation process. This helped me re-do my SSL setup!
3 days and hours of pain and finally here we are with a working proxy
Awesome. Been spun around in circles over this. Ended up have an obtuse issue with the add-on in home assistant. Wipe the DB, reinstalled...started with wildcard cert with DNS challenge first before adding proxy hosts...works like a champ
A year later lost my conf could not recall how to do this. Thanks again.
This is, by far, the best tutorial I've seen on the topic. Thank you!
thank you, ive been trying to set my server for about a week, tried other tutorials, with this one i was able to do what i wanted. thumbs up!!!!
You are… the wind beneath my wings! Thank you so much for this video. Been trying to figure this out for a while now and you made it all make sense.
I have been struggling with this for days and finally I have been able to get it sorted. thank you soo much for your content
This was so straight forward that I'm actually a little angry for the days I have been trying to get this to work on my own while stupid.
Thanks bud. Most tutorials dont cover the A record setup via cloudflare and is working first time. Cheers!
Perfect video, by far the best I have found! I'm having a lot of fun with my homelab thanks to great teachers like you. Greetings from the Netherlands!
Thank you so much for this video! I was losing my mind trying to get NPM + Certbot to work in unraid. Setting my domains up in Cloudflare was the ticket. Thanks again!
I had watched a lot of videos on this subject, but this is the one that cleared up things for me. Thank you for this.. Just awesome!!!
First of all, thank you for the video. You have put together a topic that I have been researching for a while, , very well. I think a top of this can be done using Cloudflare Tunnel. Thus, it becomes appealing to those using CGNAT or Dynamic IP addresses. Thanks again, have a nice day ^_^
Great Video, but worth mentioning that some residential ISPs will block traffic on port 80, which can make getting a Let’s Encrypt cert difficult. You can still get around it by hosting the Nginx proxy in the cloud and having it proxy to other ports on your home network.
Exactly! I faced this issue too. What do you say about duckdns?
Cloudflared ( Argo Tunnels) ,or Ngrok. I've also heard of Inlets, but I haven't been able to test it.
They're like a wormhole. The visitors hit the edge (Cloudflare servers) and see your site without having to open ports.
Namesheap Dynamic dns client
This is where cloudflare comes in!
Easily the most clear and enjoyable explanation of this
Wow, congrats. For me this is the first tutorial that worked 100%.
13:48 I think the most important tip. This is how the redirects worked on my server. Great tutorial, thx.
PERFECT. just what I was looking for. Trying it out on TrueNAS scale tomorrow. Thank you!
thank you! i was struggling with this for a little bit but your video was great. had watched a few other videos and read a few random forums but didnt have any luck until i saw this :) not the first time your videos have helped me/taught me something!
I watched a bunch of videos on how to this and your video was the most thorough and simplest to follow. Thanks!
Thank you for taking the time to make this video. It is easy to follow and entertaining.
I love you humor man and your tutorials are next to none!
Why would one not just use a cloudflare tunnel? are there advantages of using nginx as a reverse proxy and not cloudflare directly?
My man. please enlighten me if you have the answer
Cloudflare tunnels can technically see all the traffic you’re tunneling through, including any self hosted media (which i believe is technically not allowed in their T&Cs). Using Cloudflare only for SSL keeps everything local
Cloudflare tunnel is managed thru their dashboard and limited by free tier restrictions. Some services also just plain don’t work thru Tunnel + requires functioning vpn thru cloudflare on client devices
@@hujake5406if you don't pay for the full service you're limited to file sizes of 150mb through the tunnel. Also, why host your own stuff if you're just going to open it up for a third party to have unencrypted access to it in transfer?
this way you can also use ssl certificates and internal dns without exposing to the internet
what are the pros and cons of this (nginx) versus cloudflared?
My ISP does not allow port forwarding at all and does it allot a static public IP. Can you make a tutorial about using Cloudflare tunnel to host a website?
Great video. I think when you activate the option "Always use https" on Cloudflare 14:01, you ask cloudflare to redirect any request coming to http 80 to 443 https. Then I don't find any reason why you would open the port 80 on your firewall 6:41
Good point!
Well ok to punch a whole in to the firewall of router but what about the man in the middle attack or some how someone knows the public IP? Is it better to have in docker a tunnel connected to the cloudflare (also better for people like me with random public IP for every restart of the router) then in the dashboard create the link with auto SSL wildcard certificate to point to the nginx and then to the server with SSL from the nginx?
This is basically how I set up my website. It's served from a raspberry pi and instead of running nginx I ran certbot on the pi. I needed to stop proxying my ip for a minute for certbot to work but it works. I have the lowest power web server on earth. For a site that isn't maintained and no one goes to.
“For a site that ain’t man ganged and no one goes to” 😂
One of the whole points of using cloudflare is to circumvent the need to reconfigure your router. I dont have access to my router; its shared in a small community and controlled by one individual landlord. I was turned onto cloudflare as a means of tunneling through and allowing external connections to my computer, without having to set any port forwarding in the router. Hiding my IP from people was never my intention in using cloudflare
This video was so helpful, I subscribed just for how useful it was and how easy to understand you made it. Thank you!
You’re King of the trees, drinking from cups. Not my chair, not my problem, that’s what I say.
almost spat my drink out at the screaming in pillow scene.
Thanks!
Keep comin back, great work mate
Been through multiple videos on how to get this setup, with no success until this tutorial. Great tutorial, thanks for helping me to get this working!
I was in the same boat...which is why I made it haha. Glad it helped you out!
Fantastic tutorial! Your teaching style is perfect.
Look into implementing all your SSL's from CF using their "Origin" Certs into the Reverse PM, it will change your life. You will get a 15 year SSL cert that you don't have to worry about replacing in your Reverse PM for at least 15 years.
Fantastic video! Thank you so much! The only thing I did on my config was use Zero Trust Tunneling from Cloud Flare instead of opening ports on my router. (I'm just paranoid. I'm sure this is safe, too. Just you know, overkill is underrated. )
Also Fun fact, this was the only way I could find that wasn't a giant pain to get an SSL secured Wordpress install self hosted. Great work! Thank you again so much. Fantastic content. I have been binging all your stuff!
Heck yeah man, glad you got it working!
May I ask how you did this using cloudflare tunneling?
@Michael-rq8zj
Hey man, sure so RaidOwl actually has a video on this. I used this to do most of it. There was some wordpress specific stuff that I had to do. If you're specifically looking into that I can look for my notes. LMK.
ruclips.net/video/hrwoKO7LMzk/видео.html
Amazing. This got me where I wanted.
Goal: Running proxmox server with an ubuntu server VM (wondering if I should just run ubuntu server, but guess I can learn proxmox and ubuntu together). Have some docker containers running in the ubuntu server and wanted to get them on the entire internet. This get you there! Feels good.
I'm a real beginner with this, do you know how to set up Cloudflare tunnels to point to nginx?
man, this is so far the most perfect solution out there to host nextcloud with https! subscribed! thank you man!
sir, is this applicable for internet subscriptions with static public ip address?
7:56 lol mista balloons....mista balloon hands. Mista walkway! Mista walk down me. Who's chair is that?
this might be a stupid question but is there a difference between this method and using cloudflare tunnels?
This video finally got everything working!!!!! thank you sooo much!!! saved me a ton of time and stress!!!
Why not use a cloudflare tunnel instead and point that to 443 this seems like a much more convoluted way of doing things
Can you link me a tutorial for this?
Thanks man. I am just starting my homelab and your video answered so many questions!
The Cloudflare DNS API solved all the issues with my setup, thanks
Incredibly well explained. So efficient and easy. Thank you!!
Wieso hat du es nicht direkt über einen Tunnel gelöst, damit sparst Du dir das Port-forwarden und dein System sollte noch sicherer sein?
Vielleicht bekommt Du ja eine Konfi hin mit der SSL funktioniert.
Ich bin jetzt 3 Tage dran,
Docker:
Nginx Proxy Manager + Letsencryt + Cloudflared (Tunne) zu konfigurieren - es will aber einfach nich funktioineren - ohne SSL geht ohne Probleme...
Verstehe ich auch nicht 😂 total unnötig das video
@@fuuguuu5443 🤣naja unnötig nicht wirklich, ist ja okay, und war auch bestimmt arbeit, ich habs mittlerweile über cloudflare tunne und ssl am laufen und bin zufrieden.
What if the self hosted app I want to redirect is not on the same machine I have npm running on but on same lan?
That’s perfectly fine
so basically we are still doing port forward and simply doing proxied in cloudflare so you get some more control.
One biggest problem with using port 80 and 443 is isp provider blocks those on customers for homes and requires us to use business plan costs more .... So workaround is port forwarding in router to different ports it really aucks
props to you Raid Owl you provided an excellent tutorial and I was able to get my system running using it have a great day. :)
How does this strategy compare with "cloudflare zetro trust"? zero trust is what i'm using right now, but this strategy seems to be something different. And if we opened ports 81 and 443 in the router, doesn't that means it is "inviting hackers" as in the beginning of the video and the only thing protecting me would be that an attacker doesn't know my public IP?
Yep, NetworkChuck has made a youtube post on this Cloudflare ZeroTrust tunnel, I use it and it works just fine. However you need to have a tunnel agent running on your network that does what the Nginx proxy does: moving the encripted tunnel traffic to the right device/port on your lan. And, best of all, no port has to be opened on your router to manage incoming traffic, the tunnel agent connects itself to Cloudflare and does the magic. Cloudflare has many ways of doing things!
Mr. Balloonhands eh? I’m Captain Tying Knots. If someone wants a knot tied, they call me
Nice video, just a question, if i want to host something to an other port i need to expose a port of my router that could be found by some malicious scan and accessed by the direct static ip bypassing cloudeflare right?
This video is a god send. Keep up with the great content
Great video, however can I ask how can I input the IPv4 Address in Cloudflare A record if my IPv4 public address is a dynamic one ?
Is it required to replaced with a DDNS name instead ? And how to set it up ?
Looking forward to hearing from you soon. Thank you.
his is great, I knew about everything you referenced just didn't know what steps to take. I subscribed!
I have noticed the Cloudflare DNS offers a free Universal SSL Cert that already applied to my DNS domain. When I setup the proxy like the video shows, the site can be loaded successfully but the SSL cert is always showing the Universal SSL Cert from Cloudflare. Although it is kinda nice to have a free SSL out of box, I am curious does that make the Let's Encrypt on Nginx Proxy Manager unnecessary?
I'm curious too, 300 comments but nobody saw that? Another thing, if you use clodflare tunnel npm become useless too
@@marcofanuntza Exactly i too have same question , like what is the use of NPM here . Subdomains and SSL both can be managed from cloudflare itself. Correct ?
I followed this set-by-step, and there are no errors anywhere, but it just won't get to my destination. I can see when I add in the URL it recognized that it's hitting Nginx, but it won't go any further. There is nothing in the error logs and Cloudflare says the server just isn't responding. I've added every firewall rule I can think of to ensure the traffic is whitelisted and still nothing. There is really nothing left to check to get a clue why it isn't working. Surely there is an easier way.
Spent 8 hours troubleshooting it and I feel like throwing my servers down the stairs!
Does your ISP use CG-NAT? If so then this won't work as you don't have a truly public IP. You'd have to use Cloudflare tunnels.
@@RaidOwl I use AT&T fiber and apparently they don’t from everything I read and calling up support. I created so many firewall rules to ensure traffic from the router/firewall (Uniquiti), from NPM to Overseerr, and across the VLAN that hosts this, no joy. I did use a Cloudflare tunnel for access to Overseerr, and it works instantaneously every time, but I didn’t feel it was secure enough, and still don’t, so I created a separate VLAN with a test Proxmox server, running Ubuntu VM, with Docker, and Portainer, and wanted to only allow specific traffic, using Let’s Encrypt, from NPM to my test Overseerr and Plex, and then roll it out to my trusted network. I tried on Proxmox and Unraid, and neither worked, but both worked with the Cloudflare tunnel. Cloudflare tunnel is a bit ghetto and only for specific use cases, and coupled with additional security measures, or for people who can’t figure it out, which apparently includes me, except I’d rather not offer the service than not feel like I have a security posture I’m comfortable with.
@@RaidOwl it's not the firewall and my carrier doesn't use cg-nat. Been dicking around with every possible setting for hours a day for a week. Everything says it's all working end to end, but the connection times out once it hits NPM. Certs are fine, but it just won't forward. Seems pretty flaky. There aren't a lot of settings in NPM, but is there anything that would prevent it from forwarding to a proxy host?
@@ryanmalone2681 same problem here
There are several amazing one liners in this video, really making me laugh, great video
you got a like just because of the introduction, that was amazing :D
Question, why use all A records rather than use one A record and use Cname records for the services?
This just saved me a ton of reading! Thank you!
Yeah I'm having a problem no matter what I seem to change in Nginx, every time I come to it just goes to nginx login, not the sites I dedicated.
I'm getting a Red Dangerous site page and then I get a Cloudflare error screen with Host error for my site. I can't figure out where I messed up.
great video even 2 years ! my doubt is the ip in my home chance after someone days(not static ip) and this tutorial mean "set your public ip in cloudflare configuration....", so this is a problem if my home ip is not static ?
all the thing in the video seems ok, but in my case, I have a exception, my internet provider does not give static IP, so is there any other way to dynamically update my public IP in cloudflare so it will be up to date
Check out my Cloudflare DDNS video :)
@@RaidOwl got it
For more privacy and full control Could we able to create our own DIY CDN Without the need of cloudflare?
Great video! You covered pretty much everything. From port forwarding to SSL. Thank you!
WOW, thanks man for this simple tutorial, damn I was trying to do this for a few days now, finally i got your video. Thank you for your work, it was so simple to setup. Thank you once again and regards.
Great, easy to follow video. Do you have a static ip? Would this work on a dynamic ip?
subscribed in 30 seconds this guy is hilarious
I forwarded the right ports (I had to change it up because for example my router wouldn't let me forward 8080 to 80)
My domain keeps taking me to the Unraid Web GUI.
What am I doing wrong?
Why open the ports and using Cloudflare to direct the traffic to those ports? It doesn't make it that much safer as your ports still are open for port scans and hackers finding those ports.
When you use Cloudflare anyway, why not using tunnels as this remove all the issue with opening the ports in the first place and makes it a lot mote secure.
Or am I missing something?
I did everything exactly as you said but my domain just sits loading and never connects.
Thank you for this guide. But I don't think you need to expose port 80 to the internet at all with this set up. I only exposed port 443 and everything worked for me just like on the video.
Thank you so much for the easy tutorial. Worked super well!!
This is great, thank you. How do you do you provide SSL certificates for local services that you don't want to expose to the world?
Great video!! I currently use Google domains with Dynamic DNS because I don’t have a static IP address. Is there a way to do this with dynamic DNS and use a CNAME instead?
i set mine up but every hour or so all domains go offline then online sometimes 3 times an hour? i check the github and found at least 3/4 other ppl talk about it but dont see any solution
It's crazy how fast this tech moves.
This video was great but cloudflare tunnels removes the need to open ports on the router or forward ports (or even open ports in docker 👀).
Nah tunnels still have limitations on bandwidth and file size transfers.
You got me when you said... "show it off to all your friends and yeah" here's my friend RabbitMQ...
Totally worth a new sub! Thanks for the video, great work summarizing what could usually be a complex topic and still making it fun.
Haha he’s a great listener
@@RaidOwl indeed he is! But he's also a great broker, be careful who he exchanges your data with, he might sell your keys quicker than my ex did! lol
Why did you use Let's encrypt certificate and not importing Cloudflare wildcard certificate by adding Custom certificate? That's should be much easier
Do you have a walkthru/list of what you did?
Can you put authelia or authentik on this as well??