|
10 | 10 | - macos |
11 | 11 | - ngrok |
12 | 12 | Creation Date: 2024-02-23, 23:49 |
13 | | -Last Date: 2024-03-05T01:23:24+08:00 |
| 13 | +Last Date: 2024-03-12T11:06:01+08:00 |
14 | 14 | References: |
15 | 15 | draft: |
16 | 16 | description: |
@@ -55,50 +55,60 @@ description: |
55 | 55 |
|
56 | 56 | ## Cloudflare Tunnel |
57 | 57 | --- |
58 | | ->[!tip] Protect Cloudflare Tunnel with Cloudflare Access |
59 | | -> By default, Cloudflare Tunnel is accesible by anyone from the Internet via the public [[Hostname#Domain Name]]. We can make use of [[Cloudflare Access]] to ensure only authenticated users can access the Cloudflare Tunnel |
60 | | -
|
61 | 58 | - Cloudflare's Secure Tunneling offering. The notes here focuses on setting it up. For more details refer to [Cloudflare Tunnel · Cloudflare Zero Trust docs](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) |
62 | 59 | - You need the `cloudflared` cli to managed the [[#Secure Tunneling Client]] |
63 | 60 | ```bash |
64 | 61 | brew install cloudflared |
65 | 62 | ``` |
66 | 63 |
|
| 64 | +>[!tip]- Create Cloudflare Tunnel without an account |
| 65 | +> This is for quick testing without a Cloudflare account, but it comes with minimal control. No custom domain, no authentication, limited bandwidth and unstable etc. Refer to [Cloudflare Quick Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/do-more-with-tunnels/trycloudflare/) for more details |
| 66 | +> |
| 67 | +> ```bash title="Secure Tunneling of a local port" |
| 68 | +> cloudflared tunnel --url 127.0.0.1:<PORT_NUMBER> |
| 69 | +> ``` |
| 70 | +
|
| 71 | +>[!tip]- Restrict access to Cloudflare Tunnel endpoint with Cloudflare Access |
| 72 | +> By default, Cloudflare Tunnel is accesible by anyone from the Internet via the public [[Hostname#Domain Name]]. We can make use of [[Cloudflare Access]] to ensure only authenticated users can access the Cloudflare Tunnel |
| 73 | +
|
67 | 74 |
|
| 75 | +### Create a remotely-managed tunnel |
| 76 | +- This requires us to have a Cloudflare account and the creation of the Cloudflare Tunnel is done inside the Cloudflare website. Refer to [Create a remotely-managed tunnel (dashboard)](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/) for more details |
68 | 77 |
|
69 | | -### Approach 1: Create a locally-managed Cloudflare Tunnel (CLi) |
70 | | -- Refer to [Create a locally-managed tunnel (CLI)](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-local-tunnel/) for more details |
| 78 | +>[!info]- Create a locally-managed Cloudflare Tunnel with cloudflared CLI |
| 79 | +> This approach requires you to have a config yaml file on your machine. This comes higher overhead in managing the config files in your [[File System Hierarchy]]. Refer to [Create a locally-managed tunnel (CLI)](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-local-tunnel/) for more details. |
71 | 80 |
|
72 | | -### Approach 2: Create a remotely-managed tunnel (dashboard) |
73 | | -- Refer to [Create a remotely-managed tunnel (dashboard)](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/) for more details |
74 | 81 | </br> |
75 | 82 |
|
76 | | -- There are 2 ways to perform the **[[#Secure Tunneling Client]] ([connector](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/tunnel-useful-terms/#connector)) Installation** |
77 | | - 1. **System Service:** Use `sudo cloudflared service install <TOKEN>` to register the connector as a service managed by [[Init System]]. You can only have **one Cloudflare Tunnel Service on one machine** at any time! |
78 | | - 2. **Docker:** Run the connector as a docker container without the need to grant root access but we have to manually manage the lifecycle of the connector |
| 83 | +>[!abstract] Client-side Setup |
| 84 | +> There are 2 ways to perform the **[[#Secure Tunneling Client]] ([Cloudflare Tunnel Connector](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/tunnel-useful-terms/#connector)) Installation** via **System Service** or **Docker** |
| 85 | +
|
| 86 | +**System Service** |
| 87 | +- Use `sudo cloudflared service install <TOKEN>` to register the connector as a service managed by [[Init System]]. You can only have **one Cloudflare Tunnel Service on one machine** at any time! |
79 | 88 |
|
80 | | ->[!bug] Connector Installation Issue with Docker |
81 | | -> For some reasons, when I close the terminal, the connector container will auto exit. Even thought I used both `-d` and `--restart unless-stopped`. I am running Docker on my Raspberry Pi. If you know why, please comment down below to tell me why. Thanks :) |
82 | 89 |
|
83 | 90 | >[!info]- Cloudflare Tunnel Init System Service on Mac |
84 | | -> When you run `sudo cloudflared service install <TOKEN>`, a service file should be created at the following path `/Library/LaunchDaemons/com.cloudflare.cloudflared.plist` |
| 91 | +> When you run `sudo cloudflared service install <TOKEN>`, a service file should be created at the following path `/Library/LaunchDaemons/com.cloudflare.cloudflared.plist`. |
85 | 92 | > |
86 | | -> You can remove the Cloudflare Tunnel Service by running `sudo cloudflared service uninstall <TOKEN>` |
| 93 | +> You can remove the Cloudflare Tunnel Service by running `sudo cloudflared service uninstall <TOKEN>`. |
87 | 94 | > |
88 | | -> The Cloudflare Tunnel Service's parent is `launchd` |
| 95 | +> The Cloudflare Tunnel Service's parent is `launchd`. |
89 | 96 | > |
90 | 97 | > ![[cloudflared_tunnel_service_btop.png|500]] |
91 | 98 |
|
92 | 99 | >[!info]- Cloudflare Tunnel Init System Service on Linux |
93 | | -> You can check the status of service the using `sudo systemctl status cloudflared` |
| 100 | +> You can check the status of service the using `sudo systemctl status cloudflared`. |
| 101 | +
|
| 102 | +
|
| 103 | +**Docker** |
| 104 | +- Run the connector as a docker container without the need to grant root access but we have to manually manage the lifecycle of the connector |
| 105 | +
|
| 106 | +>[!bug] Connector Installation Issue with Docker |
| 107 | +> For some reasons, when I close the terminal, the connector container will auto exit. Even thought I used both `-d` and `--restart unless-stopped`. I am running Docker on my Raspberry Pi. If you know why, please comment down below to tell me why. Thanks :) |
| 108 | +
|
| 109 | +
|
94 | 110 |
|
95 | 111 |
|
96 | | ->[!tip]- Create Cloudflare Tunnel without an account |
97 | | -> This is for quick testing without a Cloudflare account, but it comes with minimal control. No custom domain, no authentication, limited bandwidth and unstable etc. Refer to [Cloudflare Quick Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/do-more-with-tunnels/trycloudflare/) for more details |
98 | | -> |
99 | | -> ```bash title="Secure Tunneling of a local port" |
100 | | -> cloudflared tunnel --url 127.0.0.1:<PORT_NUMBER> |
101 | | -> ``` |
102 | 112 |
|
103 | 113 |
|
104 | 114 |
|
|
0 commit comments