Cloudflare Zero Trust - uthomelabs/guides GitHub Wiki

In this guide we'll walk you through the process of getting a Cloudflare tunnel set up and exposing a service to the public Internet that lives inside your network. Doing this through Cloudflare is a really convenient batteries-included option that gives everyone a lot of protections by default and for free!

Prerequisites

The main prerequisite that we'll be assuming for this guide is that you already have a Cloudflare account, a configured domain there, and DNS being hosted there for the domain. Additional prerequisites:

• A computer or server to run this on
• Docker and Docker Compose set up on the computer or server

Setting up a tunnel

To get started you will need to first need to get a token from Cloudflare. To do that sign into your Cloudflare dashboard, expand Access in the sidebar on the left and click Tunnels. On the Tunnels page click the button labeled Create a tunnel.

Once you have a token you need to add the following to your docker-compose.yml file:

services:
  cloudflared-tunnel:
    image: "cloudflare/cloudflared:latest"
    container_name: "cloudflared-tunnel"
    command:
      - "tunnel"
      - "--no-autoupdate"
      - "run"
      - "--token"
      - "<CLOUDFLARE TOKEN>"
    restart: "on-failure"