Cloudflare Tunnel Setup Guide - fishyboi98/knowledge-base GitHub Wiki

This guide explains how to set up Cloudflare Tunnel to expose a local web server to the internet without exposing your home IP address.

Prerequisites

  • A Cloudflare account (Sign up here).
  • A domain added to Cloudflare (can be a free or paid domain).
  • A local web server running (e.g., on localhost:8000).
  • Linux/macOS/Windows system.

1. Install Cloudflare Tunnel (cloudflared)

Linux (Debian/Ubuntu)

sudo apt update && sudo apt install cloudflared -y

macOS (Homebrew)

brew install cloudflare/cloudflare/cloudflared

Windows

  • Download and install cloudflared from here.

2. Authenticate Cloudflared with Cloudflare

cloudflared tunnel login
  • This will open a browser window for authentication.
  • Select your Cloudflare domain to link it with Cloudflare Tunnel.

3. Create a Tunnel

cloudflared tunnel create my-tunnel
  • This generates a tunnel ID and a credentials file in ~/.cloudflared/.
  • Check if your tunnel was created successfully: 
    cloudflared tunnel list

4. Configure the Tunnel

Create the Cloudflare Tunnel configuration file:

sudo mkdir -p /etc/cloudflared
sudo nano /etc/cloudflared/config.yml

Paste the following (modify accordingly):

tunnel: my-tunnel
credentials-file: /home/your-user/.cloudflared/my-tunnel.json

ingress:
  - hostname: yourdomain.com
    service: http://localhost:8000
  - service: http_status:404

Replace:

  • my-tunnel β†’ Your actual tunnel name (cloudflared tunnel list to check).
  • /home/your-user/.cloudflared/my-tunnel.json β†’ Your actual credentials file path (ls ~/.cloudflared/ to check).
  • yourdomain.com β†’ Your Cloudflare-managed domain.
  • http://localhost:8000 β†’ Your web server’s local address.

Save and exit (CTRL + X, then Y, then ENTER).

5. Route Domain Traffic to the Tunnel

cloudflared tunnel route dns my-tunnel yourdomain.com

This ensures that requests to yourdomain.com go through your Cloudflare Tunnel.

6. Install & Run Cloudflared as a Service

Set correct permissions:

sudo chmod 600 /etc/cloudflared/config.yml
sudo chown root:root /etc/cloudflared/config.yml

Install the service:

sudo cloudflared service install

Start and enable the service:

sudo systemctl start cloudflared
sudo systemctl enable cloudflared

Check the service status:

sudo systemctl status cloudflared

7. Test Your Setup

  • Open a browser and visit yourdomain.com.
  • If it's not working, check logs: 
    journalctl -u cloudflared -f

8. Managing Cloudflare Tunnel

Restart service:

sudo systemctl restart cloudflared

Stop service:

sudo systemctl stop cloudflared

View logs:

journalctl -u cloudflared -f

Delete a tunnel:

cloudflared tunnel delete my-tunnel

9. Extra: Auto-Restart Cloudflared on Failure

To make sure the service restarts automatically if it crashes, edit the systemd service:

sudo nano /etc/systemd/system/cloudflared.service

Find the [Service] section and add:

Restart=always
RestartSec=5s

Then reload the systemd daemon:

sudo systemctl daemon-reload
sudo systemctl restart cloudflared

Conclusion

Your Cloudflare Tunnel is now running as a service, and your local web server is accessible via your Cloudflare domain without exposing your home IP. πŸŽ‰