Here is a docker-compose with a restart policy to help making deploying a CloudFlare tunnel a little more straightforward: dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose Thanks to The Blue Portal for sharing this with the community.
Thanks for the video. I'm currently in the middle of it, but I'm don't really understand where we got the `root@196....` when performing ssh. Also, pinging my new domain says it doesn't exist.... but Cloudflare says I"m all good. Confused, please help.
@@NickTheCodeMechanic regarding the "root@192" stuff... "root" is the username of the device you're logging into. Your username might be different. The "192.168.0.x" is the IP of the device you're logging into. As far as the ping issue, it's likely a DNS issue. This is common. Try connecting to the internet via a VPN and then pinging your domain. It should return a CloudFlare IP address if things are working correctly.
omg, this is the first guide ive seen that doesnt involve creating dockers or other crap, its just simply, explained step by step, like a normal human being !! There is such a need for this, in this area, as not everyone is in front of a PC 12hrs a day!! Couldnt hit Sub quick enough
You sir, saved my sanity!!! No more NPM for this dude, Cloudflare tunnel all the way! Thanks for all the effort put into making this video and helping us out.
I've watched countless videos on using cloudflare specifically, this was the most straight to the point and easy to understand video. I can't say thank you enough!!
This is gold man. I've been leaning towards this solution and slowly learned the bits and pieces as time goes on. Thanks so much for laying all this out. Incredibly valuable!
One more top quality session from Dave! As a side note, most of the technical videos, I usually watch it 1.2x speed. Can't do it at Dave's speed of speech! 😆
I am a noob when it comes to networking.. I was able to understand and follow each and every step ❤️. Now I am accessing my jellyfin server over the domain ❤ Thank you so much .. just subscribed
Thank you so much for making this video. This is very informative and more so with the current environment where some ISPs restrict port opening from their end.
Thank you for your excellent video on Cloudflare Tunnel installation! Your clear instructions saved me hours of frustration, and I quickly achieved success. Your expertise is greatly appreciated!
This was great!! Thanks. I never knew about Cloudflare tunnels and have only used DNS forwarding with open ports. Now I can close all those open ports on my router. And can have secure passwords for all my docker web interfaces maintained by keychain. Awesome.
That's awesome! I'm glad that my video helped you learn something new. Did you see my video about adding additional authentication for even more security? ruclips.net/video/wdmbAo02ktQ/видео.html
Followed another VERY well known tech blogger/tuber and got myself into deep poop (beware of stuff from the legacy Argo Tunnels days). This tutorial - and the others regarding remote/restricted access - saved the day. Clear, concise(ish), occasionally tangental (like my brain), and, if I'm sufficiently caffeinated, I can watch them at full speed! ;-) Thanks, David.
Your video was very helpful. I was able to run Foundry VTT on my windows desktop and I'm grateful for your instruction. I've been trying to do this for over a year. Thanks!
I always stayed away from this as I thought "up to 50 users" meant only 50 people using the website should I day host a website or page with this... But I assume this is comparable to port forwarding in some ways? Is there any reason to not ditch nginx from forwarding traffic to docker containers, and instead access them "directly" with this?
Hey! Thanks for watching! I use Tunnels and get thousands of visitors to my online assets without issue. Using Tunnels actually removes the need to port forward at all, which, in theory, improves network security. I no longer use any sort of reverse proxy to access my self-hosted applications and rely on this solution exclusively
Holy cow man this is the video I needed! Never could understand nginX proxy manager. This seems way easier to me. Thank you for showing this alternative method.
All great recommendations as usual DB! Porkbun is by far the best for price and privacy (and ease of use). Cloudflare is incredible! I’d say they are sooo instrumental to daily operation, that I wonder what would happen if there was a significant outage. This all makes me think if I should think of some sort of ‘Plan B’ - if things go down, or receive maintenance. But if CloudFlare goes down - that everything might be as well... which is definitely a scary thought!
You trully are an network angel 😁😁. After all the port forwarding pain and you mentioned you dont do that anymore, this saved me! Thanks a lot for all your videos. You sir got new subscriber with the bell on 😊
Containers run on ports. You could use Firewalls to block access to the containers to everything but your IP address to help prevent others from accessing your containers on the IP:Port and then use Tunnels to access them via domain names.
Yes yes yes! That’s what I needed min 18. I don’t know why I never click on that top button smh 😂 you are the man. Thank you for such a great video. Must appreciate it!
Thank you very much for your video, I had been looking for good information for a long time and you gave it to me. Subscribed and grateful, greetings from Venezuela.
Just saying I found your video well googling around and I got it working with ease thanks to it. So, thank you for doing it. Going to go watch the securing CF next.
NPM is being retired and I have closed off the ports that I used to have open on my Firewall. I did have to do something differently though. I use a cloud service and have a Tunnel setup for it. I wanted to restrict it using the IP Address and Bypass method you showed but that would not work. I could net get through. I changed it to Service Auth and it works. I can reach from my home IP but not when I fire up a VPN and my address changes. This is a great solution and no more worrying about Ports, Certs, and NPM.
18:29 But then you have to set up a subdomain for every port you want to "forward". What if an application uses a port range and both UDP and TCP on those ports?
Damn DB, I love all your stuff, and you have helped me so much over the years. I was going to do this, but there is an upload limit of 100mb for free plans. might be a good idea to let people know that these free accounts are limited. Now if that only applies to cloudflare hosting, then I will stand corrected, but it appears to be managment for the entire site which is not cool, at least for what I am trying to do. Just thought I would remind you, while I luv ya, to remember to point out limitations before people start changing thier registrar information!
Good point. I was implementing this and then thought maybe when this video was done there was no limit. For now I'll stick with NGINX and a Docker container to update my IP.
@@Sapious1 I just ended up purchasing a domain through cloudflare. It was more than fair on price and if I'm not mistaken, it provided a cost effective work around on the restriction yet still allowing me the ability to set up the home server via tunnel. I paid it up for like 5 years, and ultimately plan on migrating to web3 domains in the long run anyway. So far it has worked great, gaggle of musicians exchanging large multitrack files on my private server was the goal, and I can say mission successful. I am no pro like DB, and can not express enough how much I respect the guy for the time he gives to us, I'm just a guy determined to get what I need done. Thanks for the comment, and hope that helps!!
So, you've mentioned in other videos that you host Emby. Do you have that public-facing? If so, how do you get around the Cloudflare restriction on streaming? Do you run some other kind of proxy just for Emby?
I get an error at 17:20. Clicking the "public hostname" doesn't work, however, navigating to the "service" URL works as intended. Any pointers would be greatly appreciated! Thank you!
You can also turn the docker file into a stack in portainer like this: version: "3.9" services: tunnel: container_name: cloudflared-tunnel image: cloudflare/cloudflared restart: unless-stopped command: tunnel run environment: - TUNNEL_TOKEN=YOURTOKENHERE You can also add this on to other stacks if you wanted to make a tunnel for each application
Replying again to let you know I've created a page on my wiki that has this info as well: dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose
14:14 I would also add "-d --restart=always" here If the server is restarted or in the event of a power failure when you turn on the server, cloudflare tunnels will simply not work because docker has not started. --restart=always will automatically start docker (Please correct me if I'm wrong.)
I was setting up the same thing to my proxmox installation, got ready the home assistant and some other services. I knew about this method at work, but they used Google Workspace account to log in, thanks for the video.
I followed this video and another one. I was able to get the tunnel working, but the Access - Application using email access one time pin via email isn’t working. I am not presented a login page. I bought the domain via Cloudflare just so I didn’t run into any DNS propagation issues during initial setup.
Thank you for the howto. super helpful. I followed every step, but I have an issue with containers running in the k8s network and sharing the host ip. clouflare doesn't solve the redirection by port.
Thank you for the useful and free information. I have a question: I need to do a tunnel on my Mac High Sierra but cannot use Docker. Do you have any suggestions for other free tools I could use? Thank you in advance.
Great video. I will definitely look into Tunnels for my applications.
Год назад
I have problem. I created tunnel and when I add public hostname with with HTTP service which point to local IP with certain port after add them for first time works well, then Proxied CNAME record turns into non-proxied A record which point to my public IP. Where I made mistake?
Most of this works. However, I am having troubles connecting to the docking server. The connection times out when I try to SSH into it. How do I SSH using the CMD Prompt?
Superb video - (and hope you're feeling better?). Two questions though : 1 - I'd like to set it so that users outside of our LAN have to enter their email to get a PIN, but when they are on our LAN, they don't. We don't have a static IP though. Do you know if there is a way of telling Cloudflare to always allow access from inside our LAN? 2 - What's the best way of running the Tunnel service on a Raspberry Pi? The docker command in the video doesn't have an ARM image. Thanks so much and stay well! Andrew
This should help with you first question: ruclips.net/video/65FdHRs0axE/видео.html I've heard people use the same process with Pi devices, but haven't tried it myself
what is a bit weird for me is: once I add each app and port in the tunnel definition, by default i can access all from outside the network. I tried as well access - application - selfhosted method. works perfectly, but is asking me for the code when I access from internal as well. What am I missing?
Awesome! Really glad the video was helpful!! I've got another video coming that will expand on this to use 3rd party authentication like Google and Github :)
Spun up a small cloud image in proxmox, installed docker + docker-compose, created the docker-compose.yaml....all running fine now👍 Thx again for the vid😎
Dear sir, how would be the setup with Shlink? I have a domain proxied, and then with nginx redirected that domain to local_ip:port where shlink server is running. The urls are created but not accessible
David, I'm using a VMware instance of Ubuntu that contains docker. I followed your video instructions but ended up with "Cloudflare --no-au…" Do you know why I'm getting this no auto-update error? Thanks
the 'latest' tag on the Cloudflare image is not pulling the 'latest' at least on Unraid it didn't. I noticed a message on the Cloudflare connector logs '2022-12-19T16:31:20Z WRN Your version 2022.11.1 is outdated. We recommend upgrading it to 2022.12.0' just a heads up. So, specifying the latest version at this point it's '2022.12.0' did pull 'lastest' once I specify that version the warning message went away. Just something to note.
it doesn't matter what i do use localhost or my machine ip when i try to access my local website with the url it always timeout despite the tunnel being active and i can see in the docker container logs for the tunnel that it has my configs for the domain and ips
I have PC running windows 10 but I am not sure where to run the CloudFlare Client. It is better to install Docker on Windows then run CloudFlare client or just install CloudFlare Client on PC? What is the better speed and advantages. I have extra PC that can use to install any OS.
Hi i have some problem with my HDD 1.5 Tera OMV 6 does not recognize the file system , but whene i put the HDD in ubuntu 21.04 is work fine , I have one problem, it's ACL permissions, i can't save my data. can you help me please ?????
I know it's a year on, but followed this and all working nicely. Only caveat is I've tried to setup for just specific IP access, it's still bringing up a page requesting an email address?
How can I get Plex Remote Access working without port forwarding? I am locked behind a CGNAT, I have had a reverse proxy suggested but I do not have a clue how to set it up. My Plex is in a docker container, on OMV6, on a Pi 4.
Thanks to you I was able to get my Cloudflare tunnel set up with Jellyfin. I would like to know though if either Porkbun or Cloudflare would suspend my domain for using the service for something like Jellyfin.
This has been brought up multiple times in the comments of this video: They prohibit what you're talking about doing. You can read their TOS and, more specifically section 2.8 here: www.cloudflare.com/terms/ This may result in your CloudFlare account being terminated
@@DBTechYT I get very high latency with Tailscale and slow upload speeds which leads to non-stop video buffering. I don't have this problem when I use the Cloudflare Tunnel option demonstrated in this video.
Thanks for that tutorial. I'm trying to access pihole but it doesn't work. Every other subdomain works perfectly but i can't figure out how to make it work with pihole that need to point to /admin I tried to put admin in the path field but it doesn't work either.
Absoultly fantastic walk through thank you. Setup perfctly now. Thank you. Is there a limit to how many "Public Hostnames" you can have in a single tunnel?
i need further help, i want to have the domain purchased be a website but use this method with a subdomain for a owncloud setup... I dont know where to even begin can someone help me?
Dave this is brilliant cheers! ill be setting mine up over christmas. what about an updated nextcloud video including these options to get it up and running? , again cheers! :)
I guess I've underestimated how many people use NextCloud. I've never found a good use for it. But I made this video a while back: ruclips.net/video/p0I8pikm2P4/видео.html
hello i have a question windows has become junk, because i search Cloudflare tunnel on windows 11 but i only come docker here docker there, and the command for windows is junk it doesn't work anymore does anyone have any advice for me
Good tutorial. I had a question on cloudflare ddns I have dual wan load balance + failover connections would I have to do anything else on router for it to be able to update ip?
Shouldn't have to. As long as the containers/systems/whatever have internet access, it shouldn't matter which ISP is being used as long as the tunnels can connect
Great video, but I think it's missing an explanation that the CloudFlare connector container lives in our network, establishes a connection to CloudFlare and uses that connection to reverse-proxy the traffic from outside to the services inside of our network. I mean, of course it's obvious, but for some reason I had to pause and think about it before I could understand what the next steps with penvin do.
Log into your account. Look for "Zero Trust" in the left column. Click "Zero Trust". That will take you to a different page. Look for "Access" in the left column. Click "Access". Then you will see "Tunnels". This video is more than a year old and they've changed some stuff. You just have to click around sometimes to find where things have been moved.
I'm having some issues trying to get this working with my Nextcloud instance on TrueNAS Scale. It's running and I can access it on LAN, but if I try to access it through the tunnel the connection just times out. It worked using http before, but when I enabled https for Nextcloud it stopped working. I've tried enabling No TLS Verify and that doesn't fix it. Any ideas?
once again your explanation is great! what is not clear to me is what we do with the ingress rules. What port should we open for the tunnel? For example i use an oracle vps and when i close my services ports and keep open only ports 443, 80 and 22, i have no access to my services. I thought one of reason for using tunnels is to close our service's open ports. At the tunnel's public host names declarations i use my vps external ip. Any help would be appreciated
The only thing i am unable to tunnel is SSH access to my server. I also use a different port than the default 22. I can’t get to connect with tunnels with SSH. Can you give it a try?
Here is a docker-compose with a restart policy to help making deploying a CloudFlare tunnel a little more straightforward:
dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose
Thanks to The Blue Portal for sharing this with the community.
thank u very much. hopefully today ill get it goin.
Thanks!
Thank you!
Thanks for the video. I'm currently in the middle of it, but I'm don't really understand where we got the `root@196....` when performing ssh.
Also, pinging my new domain says it doesn't exist.... but Cloudflare says I"m all good. Confused, please help.
@@NickTheCodeMechanic regarding the "root@192" stuff... "root" is the username of the device you're logging into. Your username might be different. The "192.168.0.x" is the IP of the device you're logging into. As far as the ping issue, it's likely a DNS issue. This is common. Try connecting to the internet via a VPN and then pinging your domain. It should return a CloudFlare IP address if things are working correctly.
omg, this is the first guide ive seen that doesnt involve creating dockers or other crap, its just simply, explained step by step, like a normal human being !! There is such a need for this, in this area, as not everyone is in front of a PC 12hrs a day!! Couldnt hit Sub quick enough
You sir, saved my sanity!!! No more NPM for this dude, Cloudflare tunnel all the way! Thanks for all the effort put into making this video and helping us out.
Finally someone made a video with proper pace and no additional comment. Thanks very much! Very precise and on point.
You Sir, have won my respect and my subscription. I have spent ages looking for a simple, no bs tutorial on how to do this. Worked perfectly!
I've watched countless videos on using cloudflare specifically, this was the most straight to the point and easy to understand video. I can't say thank you enough!!
really glad the video was helpful. I'd made it before, but really wanted to create something more streamlined :)
I don't know how, but I got this working on a CGNAT.
You are the greatest man to ever live.
That's awesome!
This was a thing that took me 5 days to figure out. A lot to learn. Of all my youtubers on this subject... you are the most reliable. Thank you.
Wow, thanks! Really appreciate your support :)
This is gold man. I've been leaning towards this solution and slowly learned the bits and pieces as time goes on. Thanks so much for laying all this out. Incredibly valuable!
Glad it helped!
Thanks for the great video and for taking time to help me out with my SSH Question!
This is golden. Have been searching for this solution for weeks now. Thanks for this video ☺️
One more top quality session from Dave! As a side note, most of the technical videos, I usually watch it 1.2x speed. Can't do it at Dave's speed of speech! 😆
I don't get it. He speaks fast so why would you speed up the video?
OMG !! You have saved me 100 hours of time and just maybe a few brain cells. Thank you !
Excellent!
I am a noob when it comes to networking.. I was able to understand and follow each and every step ❤️. Now I am accessing my jellyfin server over the domain ❤ Thank you so much .. just subscribed
Thank you so much for making this video. This is very informative and more so with the current environment where some ISPs restrict port opening from their end.
Thank you for your excellent video on Cloudflare Tunnel installation! Your clear instructions saved me hours of frustration, and I quickly achieved success. Your expertise is greatly appreciated!
This was great!! Thanks. I never knew about Cloudflare tunnels and have only used DNS forwarding with open ports. Now I can close all those open ports on my router. And can have secure passwords for all my docker web interfaces maintained by keychain. Awesome.
That's awesome! I'm glad that my video helped you learn something new. Did you see my video about adding additional authentication for even more security? ruclips.net/video/wdmbAo02ktQ/видео.html
Followed another VERY well known tech blogger/tuber and got myself into deep poop (beware of stuff from the legacy Argo Tunnels days). This tutorial - and the others regarding remote/restricted access - saved the day. Clear, concise(ish), occasionally tangental (like my brain), and, if I'm sufficiently caffeinated, I can watch them at full speed! ;-) Thanks, David.
Glad the video was helpful!!
Your video was very helpful. I was able to run Foundry VTT on my windows desktop and I'm grateful for your instruction. I've been trying to do this for over a year. Thanks!
I always stayed away from this as I thought "up to 50 users" meant only 50 people using the website should I day host a website or page with this... But I assume this is comparable to port forwarding in some ways?
Is there any reason to not ditch nginx from forwarding traffic to docker containers, and instead access them "directly" with this?
Hey! Thanks for watching! I use Tunnels and get thousands of visitors to my online assets without issue. Using Tunnels actually removes the need to port forward at all, which, in theory, improves network security. I no longer use any sort of reverse proxy to access my self-hosted applications and rely on this solution exclusively
This is the video I was waiting for. Thanks mate ! I love Cloudflare ,... Cheers :)
Glad you found it helpful! 3rd party identity provider integration video coming tomorrow
Holy cow man this is the video I needed! Never could understand nginX proxy manager. This seems way easier to me. Thank you for showing this alternative method.
Glad it was helpful!
All great recommendations as usual DB! Porkbun is by far the best for price and privacy (and ease of use). Cloudflare is incredible! I’d say they are sooo instrumental to daily operation, that I wonder what would happen if there was a significant outage. This all makes me think if I should think of some sort of ‘Plan B’ - if things go down, or receive maintenance. But if CloudFlare goes down - that everything might be as well... which is definitely a scary thought!
I've been considering a plan b as well. Trying to figure out the best plan for me. Might make a video about it when I have something figured out
Thank you so much! I was following casaos setup for raspberry pi from you to access containers from the internet,
after this no more NPMs! :D
Great informative video. I am a beginner to self hosting, your videos help me a lot. Thanks again.
Glad to help!
You trully are an network angel 😁😁. After all the port forwarding pain and you mentioned you dont do that anymore, this saved me! Thanks a lot for all your videos. You sir got new subscriber with the bell on 😊
As a newbie I say: AWESOME! finally after hours of research... thanks man
Glad I could help!
Awesome thanks and how can we not expose ports of the containers on VPS if we want to use the tunnel?
Containers run on ports. You could use Firewalls to block access to the containers to everything but your IP address to help prevent others from accessing your containers on the IP:Port and then use Tunnels to access them via domain names.
Your videos are really great. I'm going back watching the ones now. Help so much! Thanks
Yes yes yes! That’s what I needed min 18. I don’t know why I never click on that top button smh 😂 you are the man. Thank you for such a great video. Must appreciate it!
YAY!! I'm glad this helped!! I've got another video coming that will show how to integrate 3rd party authentication like Google and Github :)
@@DBTechYT looking forward to see it. Now on my way to change some settings on my server and update my tunnel. 🍻
@@edgardoirizarry9997 YAY!!
Thank you so much for this vid as it helped me protect a service on my home server that didnt have a log in.
Thank you very much for your video, I had been looking for good information for a long time and you gave it to me. Subscribed and grateful, greetings from Venezuela.
Dude, thank you so much for helping me understand all this jumbo mumbo bro fr❤❤❤thank you!
Happy to help!
@DBTechYT I hope you feeling better we been praying for you
Awesome video! I have learned so much from you over the years...
Thanks so much! Was tearing my hair out trying to work this out. The closing the cmd and not editing the -d in I think was the problem
Start to finish video was SOOOOO smart. Well done sir
Thank you kindly! I really felt like I needed to make this one :)
Just saying I found your video well googling around and I got it working with ease thanks to it. So, thank you for doing it. Going to go watch the securing CF next.
Awesome, thank you!
NPM is being retired and I have closed off the ports that I used to have open on my Firewall. I did have to do something differently though. I use a cloud service and have a Tunnel setup for it. I wanted to restrict it using the IP Address and Bypass method you showed but that would not work. I could net get through. I changed it to Service Auth and it works. I can reach from my home IP but not when I fire up a VPN and my address changes. This is a great solution and no more worrying about Ports, Certs, and NPM.
Hey Dave, great video as always.
im lucky to find your youtube channel somehow , keep up the good wok
Hey, thanks!
18:29 But then you have to set up a subdomain for every port you want to "forward". What if an application uses a port range and both UDP and TCP on those ports?
Amazing, thank you for the master class , i learn a lot of new cool things with your videos. Merry Christmas btw. :)
Thank you so much! Merry Christmas 🎄⛄
Thanks!
Dude. Thank you!!
@@DBTechYT A small token of appreciation, you're a legend
Damn DB, I love all your stuff, and you have helped me so much over the years. I was going to do this, but there is an upload limit of 100mb for free plans. might be a good idea to let people know that these free accounts are limited. Now if that only applies to cloudflare hosting, then I will stand corrected, but it appears to be managment for the entire site which is not cool, at least for what I am trying to do. Just thought I would remind you, while I luv ya, to remember to point out limitations before people start changing thier registrar information!
Good point. I was implementing this and then thought maybe when this video was done there was no limit. For now I'll stick with NGINX and a Docker container to update my IP.
@@Sapious1 I just ended up purchasing a domain through cloudflare. It was more than fair on price and if I'm not mistaken, it provided a cost effective work around on the restriction yet still allowing me the ability to set up the home server via tunnel. I paid it up for like 5 years, and ultimately plan on migrating to web3 domains in the long run anyway. So far it has worked great, gaggle of musicians exchanging large multitrack files on my private server was the goal, and I can say mission successful. I am no pro like DB, and can not express enough how much I respect the guy for the time he gives to us, I'm just a guy determined to get what I need done. Thanks for the comment, and hope that helps!!
So, you've mentioned in other videos that you host Emby. Do you have that public-facing? If so, how do you get around the Cloudflare restriction on streaming? Do you run some other kind of proxy just for Emby?
Same question here
Super clear! I'm gonna try this and see how it goes. Thank you so much for this
You're so welcome!
Perfect video!!!! BEST vídeo to Learn install and configure cloudflare
Glad you liked it!
I get an error at 17:20. Clicking the "public hostname" doesn't work, however, navigating to the "service" URL works as intended. Any pointers would be greatly appreciated! Thank you!
You can also turn the docker file into a stack in portainer like this:
version: "3.9"
services:
tunnel:
container_name: cloudflared-tunnel
image: cloudflare/cloudflared
restart: unless-stopped
command: tunnel run
environment:
- TUNNEL_TOKEN=YOURTOKENHERE
You can also add this on to other stacks if you wanted to make a tunnel for each application
Great info!
Replying again to let you know I've created a page on my wiki that has this info as well:
dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose
@@DBTechYT Wow that's super dope!! Thanks for all the shoutouts!
Thanks for sharing!! The least I can do is credit the source of the awesomeness!!
Perfect. Just what i was looking for. Worked fine
Your content is 💯🥶 new subscriber from kenya continue with good work
Very helpful video sir 👍. Please make a video on how to set up ftp server using cloudflared tunnelling ..
I'll see what I can do :)
14:14
I would also add "-d --restart=always" here
If the server is restarted or in the event of a power failure when you turn on the server, cloudflare tunnels will simply not work because docker has not started.
--restart=always will automatically start docker
(Please correct me if I'm wrong.)
I was setting up the same thing to my proxmox installation, got ready the home assistant and some other services. I knew about this method at work, but they used Google Workspace account to log in, thanks for the video.
Thanks for watching! I hope the video was helpful
Thank you, this was exactly what I needed to day. Now I have a WebODM page up and running with email verification
Awesome!
I followed this video and another one. I was able to get the tunnel working, but the Access - Application using email access one time pin via email isn’t working. I am not presented a login page. I bought the domain via Cloudflare just so I didn’t run into any DNS propagation issues during initial setup.
Newb on devops. Where are applications coming from in this video? How would setup be different for application running on docker compose inside VPS?
great video, all I needed !
Thank you for the howto. super helpful. I followed every step, but I have an issue with containers running in the k8s network and sharing the host ip. clouflare doesn't solve the redirection by port.
I don't do anything with Kubernetes. You're gonna have to get help with that from somewhere else :)
@@DBTechYTi think truenas-scale is docker. let me check
fixed. thanks again
Thank you for the useful and free information. I have a question: I need to do a tunnel on my Mac High Sierra but cannot use Docker. Do you have any suggestions for other free tools I could use? Thank you in advance.
Great video. I will definitely look into Tunnels for my applications.
I have problem. I created tunnel and when I add public hostname with with HTTP service which point to local IP with certain port after add them for first time works well, then Proxied CNAME record turns into non-proxied A record which point to my public IP. Where I made mistake?
please 😁share how to setup Private Network 18:12
can it work like Zerotier ?
Most of this works. However, I am having troubles connecting to the docking server. The connection times out when I try to SSH into it. How do I SSH using the CMD Prompt?
Superb video - (and hope you're feeling better?). Two questions though :
1 - I'd like to set it so that users outside of our LAN have to enter their email to get a PIN, but when they are on our LAN, they don't. We don't have a static IP though. Do you know if there is a way of telling Cloudflare to always allow access from inside our LAN?
2 - What's the best way of running the Tunnel service on a Raspberry Pi? The docker command in the video doesn't have an ARM image.
Thanks so much and stay well!
Andrew
This should help with you first question: ruclips.net/video/65FdHRs0axE/видео.html
I've heard people use the same process with Pi devices, but haven't tried it myself
Thank you for your brilliant explanation 👏.
the porkbun nameserver subdomains curitiba, fortaleza, maceio and salvador are cities in the northeast of Brazil
what is a bit weird for me is: once I add each app and port in the tunnel definition, by default i can access all from outside the network. I tried as well access - application - selfhosted method. works perfectly, but is asking me for the code when I access from internal as well. What am I missing?
Just what I was looking for. Thanks man!
Awesome! Really glad the video was helpful!! I've got another video coming that will expand on this to use 3rd party authentication like Google and Github :)
Thanks for the video for another informative and easy to fallow video.
great video 👍
...but won't run on my pi 😭
docker: no matching manifest for linux/arm/v7 in the manifest list entries.
Spun up a small cloud image in proxmox, installed docker + docker-compose, created the docker-compose.yaml....all running fine now👍
Thx again for the vid😎
Dear sir, how would be the setup with Shlink? I have a domain proxied, and then with nginx redirected that domain to local_ip:port where shlink server is running.
The urls are created but not accessible
What if my app1 (frontend) fires api requests to app2 (backend), both being hosted on localhost, which I've tunneled? It doesn't seem to work
Does anyone know how to setup nextcloud on your phone after your create tunnel. I can access NC on browser but phone app doesn't work.
David, I'm using a VMware instance of Ubuntu that contains docker. I followed your video instructions but ended up with "Cloudflare --no-au…" Do you know why I'm getting this no auto-update error? Thanks
the 'latest' tag on the Cloudflare image is not pulling the 'latest' at least on Unraid it didn't. I noticed a message on the Cloudflare connector logs '2022-12-19T16:31:20Z WRN Your version 2022.11.1 is outdated. We recommend upgrading it to 2022.12.0' just a heads up. So, specifying the latest version at this point it's '2022.12.0' did pull 'lastest' once I specify that version the warning message went away. Just something to note.
It's funny. I actually noticed the same thing. Not sure why the :latest isn't the latest
it doesn't matter what i do use localhost or my machine ip when i try to access my local website with the url it always timeout despite the tunnel being active and i can see in the docker container logs for the tunnel that it has my configs for the domain and ips
Thanks for this as I've always shied away from opening ports on my home network
Glad to help
I have PC running windows 10 but I am not sure where to run the CloudFlare Client. It is better to install Docker on Windows then run CloudFlare client or just install CloudFlare Client on PC? What is the better speed and advantages. I have extra PC that can use to install any OS.
Hi i have some problem with my HDD 1.5 Tera OMV 6 does not recognize the file system , but whene i put the HDD in ubuntu 21.04 is work fine , I have one problem, it's ACL permissions, i can't save my data.
can you help me please ?????
Did you import the drives correctly? You can't just plug drives into OMV and expect them to work. You have to import them
I know it's a year on, but followed this and all working nicely. Only caveat is I've tried to setup for just specific IP access, it's still bringing up a page requesting an email address?
Good. Thanks for the instructions.
Make please one more instructions for RDP connection as well.
You haven't even subscribed to my channel. How would you know if I made a video about it?
@@DBTechYT
I would count on your answer under this comment)
But I've subscribed for the future greate videos)
How can I get Plex Remote Access working without port forwarding? I am locked behind a CGNAT, I have had a reverse proxy suggested but I do not have a clue how to set it up. My Plex is in a docker container, on OMV6, on a Pi 4.
Thanks to you I was able to get my Cloudflare tunnel set up with Jellyfin. I would like to know though if either Porkbun or Cloudflare would suspend my domain for using the service for something like Jellyfin.
This has been brought up multiple times in the comments of this video:
They prohibit what you're talking about doing. You can read their TOS and, more specifically section 2.8 here: www.cloudflare.com/terms/
This may result in your CloudFlare account being terminated
Is there a workaround to prevent this from happening?
Don't use CloudFlare. You could use a self-hosted VPN or a SDLAN option like TailScale or ZeroTier
@@DBTechYT
I get very high latency with Tailscale and slow upload speeds which leads to non-stop video buffering. I don't have this problem when I use the Cloudflare Tunnel option demonstrated in this video.
Thanks for that tutorial. I'm trying to access pihole but it doesn't work. Every other subdomain works perfectly but i can't figure out how to make it work with pihole that need to point to /admin
I tried to put admin in the path field but it doesn't work either.
Absoultly fantastic walk through thank you. Setup perfctly now. Thank you. Is there a limit to how many "Public Hostnames" you can have in a single tunnel?
I'm glad the video was helpful! I haven't run into any limits on hostnames :)
@@DBTechYT well you got a sub from me. Thanks again.
Am trying to tunnel socks5 traffic via cloudflare tunnel not sure how to do that ?
i need further help, i want to have the domain purchased be a website but use this method with a subdomain for a owncloud setup... I dont know where to even begin can someone help me?
Dave this is brilliant cheers! ill be setting mine up over christmas. what about an updated nextcloud video including these options to get it up and running? , again cheers! :)
I guess I've underestimated how many people use NextCloud. I've never found a good use for it. But I made this video a while back: ruclips.net/video/p0I8pikm2P4/видео.html
I’m completely got lost at 15 minutes. The Tunnel code didn’t work for me.
hello i have a question windows has become junk, because i search Cloudflare tunnel on windows 11 but i only come docker here docker there, and the command for windows is junk it doesn't work anymore does anyone have any advice for me
Is it possible to use a security key for the restricted access of your applications inside/behind the Cloudflare Zero Trust Tunnels?
Thx for this video. I needed to set that up for more security
Good tutorial. I had a question on cloudflare ddns I have dual wan load balance + failover connections would I have to do anything else on router for it to be able to update ip?
Shouldn't have to. As long as the containers/systems/whatever have internet access, it shouldn't matter which ISP is being used as long as the tunnels can connect
Great video, but I think it's missing an explanation that the CloudFlare connector container lives in our network, establishes a connection to CloudFlare and uses that connection to reverse-proxy the traffic from outside to the services inside of our network. I mean, of course it's obvious, but for some reason I had to pause and think about it before I could understand what the next steps with penvin do.
How can I add the access automatically to a warp client?
Just tried using this and it looks like the cloudflare tunnel option is no longer available
Log into your account.
Look for "Zero Trust" in the left column.
Click "Zero Trust".
That will take you to a different page.
Look for "Access" in the left column.
Click "Access".
Then you will see "Tunnels".
This video is more than a year old and they've changed some stuff. You just have to click around sometimes to find where things have been moved.
@@DBTechYT thank you found it
I'm having some issues trying to get this working with my Nextcloud instance on TrueNAS Scale. It's running and I can access it on LAN, but if I try to access it through the tunnel the connection just times out. It worked using http before, but when I enabled https for Nextcloud it stopped working.
I've tried enabling No TLS Verify and that doesn't fix it.
Any ideas?
Great video! Thank you for sharing!
once again your explanation is great! what is not clear to me is what we do with the ingress rules. What port should we open for the tunnel? For example i use an oracle vps and when i close my services ports and keep open only ports 443, 80 and 22, i have no access to my services. I thought one of reason for using tunnels is to close our service's open ports. At the tunnel's public host names declarations i use my vps external ip. Any help would be appreciated
There is no need to port forward when using CF Tunnels
If I only want one tunnel, do I have to use a subdomain? Am I able to just use the domain I purchased?
The only thing i am unable to tunnel is SSH access to my server. I also use a different port than the default 22. I can’t get to connect with tunnels with SSH. Can you give it a try?