Cloudflare Tunnels: Getting Started with Domains, DNS, and Tunnels
Ғылым және технология
Thanks to Linode for sponsoring this video!
Sign up today and get a $100 60-day credit on your new Linode account, link is in the description.
🔗 dbte.ch/linode
/=========================================/
Cloudflare has done some updates since this video was published. The path to get to the Tunnels area shown in the video is now as follows:
- Log into your account.
- Look for "Zero Trust" in the left column.
- Click "Zero Trust".
- That will take you to a different page.
- Look for "Access" in the left column.
- Click "Access".
- Then you will see "Tunnels".
/=========================================/
Getting started with Cloudflare can be a bit overwhelming when you're first getting started with self-hosting.
This video will hopefully help you understand the process of:
- Buying a domain
- Setting up a Cloudflare account
- Configuring nameservers to point your domain to Cloudflare
- Setting up Cloudflare Tunnels
- Restricting remote access via Cloudflare tunnels
Services I use:
Porkbun: dbte.ch/porkbun
CloudFlare: dbte.ch/cloudflare
PIA: dbte.ch/piavpn (Affiliate Link)
Timestamps:
00:00 Intro
00:22 Sponsor Spot
01:21 Purchasing a domain name
03:37 Set up Cloudflare account and change nameservers
10:54 Creating our first tunnel
15:50 Setting up hostnames
17:39 Multiple applications on a single tunnel
19:08 Restricting access
/=========================================/
Get early, ad-free access to new content by becoming a channel member, a Patron or signing up for the members' only website!
✅ / dbtech
✅ dbtech.fans/
✅ / @dbtechyt
/=========================================/
The hardware in my recording studio is:
✔ Custom PC w/ Ryzen 2600, 32GB RAM, RTX 2070, Assorted Storage
✔ Panasonic LUMIX G7 4K Digital Camera: amzn.to/3IGEOcb
✔ SAMSUNG 34-Inch SJ55W Ultrawide Monitor: amzn.to/395g9BZ
✔ LG 27UK650-W 27” UHD IPS Display with HDR 10: amzn.to/398pg4S
✔ WALI Premium Dual Monitor Stand: amzn.to/398AiqM
✔ Neewer Lights: amzn.to/3nZcoSX
✔ Light Power Supply:amzn.to/3Konpqf
✔ 55" Gaming Desk: amzn.to/3AkgHgw
✔ Sabrent USB-C Hub: amzn.to/3qFcwbV
✔ Das Keyboard 4 Professional: amzn.to/3G9rPxM
✔ Fuqido Big and Tall Gaming Chair: amzn.to/3IGegrq
/=========================================/
The hardware in my current home servers:
✔ Synology DS1621xs+ (provided by Synology): amzn.to/2ZwTMgl
✔ 6x8TB Seagate Exos Enterprise HDDs (provided by Synology): amzn.to/3auLdcb
✔ 16GB DDR4 ECC RAM (provided by Synology): amzn.to/3do7avd
✔ 2TB NVMe Caching Drive (provided by Sabrent): amzn.to/3dwPCxj
✔ TerraMaster F5-221 (provided by TerraMaster): amzn.to/3IfH2QD
✔ 5x6TB WD Red Plus NAS: amzn.to/3LnbPvC
✔ 8GB DDR3: amzn.to/3kfLTX3
✔ TerraMaster F4-423 (provided by TerraMaster): amzn.to/3kjUms5
✔ 2x8TB Seagate Barracuda Compute: amzn.to/3xBAO95
✔ 16GB TEAMGROUP Elite DDR4: amzn.to/3MzzFV9
✔ 512GB Silicon Power NVMe Caching Drive: amzn.to/3MzkBae
All amzn.to links are affiliate links.
/=========================================/
✨Find all my social accounts here:
✅ dbte.ch/
✨Ways to support DB Tech:
✅ / dbtech
✅ www.paypal.me/DBTechReviews
✅ ko-fi.com/dbtech
✅ Cashapp: cash.app/$dbtechyt
✅ Venmo: venmo.com/dbtechyt
✨Come chat in Discord:
✅ dbte.ch/discord
✨Join this channel to get access to perks:
✅ / @dbtechyt
✨Hardware (Affiliate Links):
✅ TinyPilot KVM: dbte.ch/tpkvm
✅ LattePanda Delta 432: dbte.ch/dfrobot
✅ Lotmaxx SC-10 Shark: dbte.ch/sc10shark
✅ EchoGear 10U Rack: dbte.ch/echogear10u
Пікірлер: 480
Here is a docker-compose with a restart policy to help making deploying a CloudFlare tunnel a little more straightforward: dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose Thanks to The Blue Portal for sharing this with the community.
@flynhyer4445
Жыл бұрын
thank u very much. hopefully today ill get it goin.
@Baku-oc5fc
Жыл бұрын
Thanks!
@enesbala5195
3 ай бұрын
Thank you!
This is golden. Have been searching for this solution for weeks now. Thanks for this video ☺️
Finally someone made a video with proper pace and no additional comment. Thanks very much! Very precise and on point.
Thank you for your excellent video on Cloudflare Tunnel installation! Your clear instructions saved me hours of frustration, and I quickly achieved success. Your expertise is greatly appreciated!
This was a thing that took me 5 days to figure out. A lot to learn. Of all my youtubers on this subject... you are the most reliable. Thank you.
@DBTechYT
Жыл бұрын
Wow, thanks! Really appreciate your support :)
omg, this is the first guide ive seen that doesnt involve creating dockers or other crap, its just simply, explained step by step, like a normal human being !! There is such a need for this, in this area, as not everyone is in front of a PC 12hrs a day!! Couldnt hit Sub quick enough
You sir, saved my sanity!!! No more NPM for this dude, Cloudflare tunnel all the way! Thanks for all the effort put into making this video and helping us out.
Thank you so much for making this video. This is very informative and more so with the current environment where some ISPs restrict port opening from their end.
This is gold man. I've been leaning towards this solution and slowly learned the bits and pieces as time goes on. Thanks so much for laying all this out. Incredibly valuable!
@DBTechYT
Жыл бұрын
Glad it helped!
I've watched countless videos on using cloudflare specifically, this was the most straight to the point and easy to understand video. I can't say thank you enough!!
@DBTechYT
Жыл бұрын
really glad the video was helpful. I'd made it before, but really wanted to create something more streamlined :)
You trully are an network angel 😁😁. After all the port forwarding pain and you mentioned you dont do that anymore, this saved me! Thanks a lot for all your videos. You sir got new subscriber with the bell on 😊
I am a noob when it comes to networking.. I was able to understand and follow each and every step ❤️. Now I am accessing my jellyfin server over the domain ❤ Thank you so much .. just subscribed
Your video was very helpful. I was able to run Foundry VTT on my windows desktop and I'm grateful for your instruction. I've been trying to do this for over a year. Thanks!
I don't know how, but I got this working on a CGNAT. You are the greatest man to ever live.
@DBTechYT
Жыл бұрын
That's awesome!
Followed another VERY well known tech blogger/tuber and got myself into deep poop (beware of stuff from the legacy Argo Tunnels days). This tutorial - and the others regarding remote/restricted access - saved the day. Clear, concise(ish), occasionally tangental (like my brain), and, if I'm sufficiently caffeinated, I can watch them at full speed! ;-) Thanks, David.
@DBTechYT
Жыл бұрын
Glad the video was helpful!!
One more top quality session from Dave! As a side note, most of the technical videos, I usually watch it 1.2x speed. Can't do it at Dave's speed of speech! 😆
@SK-qu4wo
Жыл бұрын
I don't get it. He speaks fast so why would you speed up the video?
Your videos are really great. I'm going back watching the ones now. Help so much! Thanks
OMG !! You have saved me 100 hours of time and just maybe a few brain cells. Thank you !
@DBTechYT
Жыл бұрын
Excellent!
Thank you so much for this vid as it helped me protect a service on my home server that didnt have a log in.
Holy cow man this is the video I needed! Never could understand nginX proxy manager. This seems way easier to me. Thank you for showing this alternative method.
@DBTechYT
Жыл бұрын
Glad it was helpful!
Thank you very much for your video, I had been looking for good information for a long time and you gave it to me. Subscribed and grateful, greetings from Venezuela.
This was great!! Thanks. I never knew about Cloudflare tunnels and have only used DNS forwarding with open ports. Now I can close all those open ports on my router. And can have secure passwords for all my docker web interfaces maintained by keychain. Awesome.
@DBTechYT
3 ай бұрын
That's awesome! I'm glad that my video helped you learn something new. Did you see my video about adding additional authentication for even more security? kzread.info/dash/bejne/qZihxKOoYJXRpLQ.html
Thanks for the great video and for taking time to help me out with my SSH Question!
Great informative video. I am a beginner to self hosting, your videos help me a lot. Thanks again.
@DBTechYT
Жыл бұрын
Glad to help!
This is the video I was waiting for. Thanks mate ! I love Cloudflare ,... Cheers :)
@DBTechYT
Жыл бұрын
Glad you found it helpful! 3rd party identity provider integration video coming tomorrow
Thank you so much! I was following casaos setup for raspberry pi from you to access containers from the internet, after this no more NPMs! :D
Awesome video! I have learned so much from you over the years...
Super clear! I'm gonna try this and see how it goes. Thank you so much for this
@DBTechYT
Жыл бұрын
You're so welcome!
Amazing, thank you for the master class , i learn a lot of new cool things with your videos. Merry Christmas btw. :)
@DBTechYT
Жыл бұрын
Thank you so much! Merry Christmas 🎄⛄
Just saying I found your video well googling around and I got it working with ease thanks to it. So, thank you for doing it. Going to go watch the securing CF next.
@DBTechYT
Жыл бұрын
Awesome, thank you!
Dude, thank you so much for helping me understand all this jumbo mumbo bro fr❤❤❤thank you!
@DBTechYT
4 ай бұрын
Happy to help!
@golvellius6855
4 ай бұрын
@DBTechYT I hope you feeling better we been praying for you
All great recommendations as usual DB! Porkbun is by far the best for price and privacy (and ease of use). Cloudflare is incredible! I’d say they are sooo instrumental to daily operation, that I wonder what would happen if there was a significant outage. This all makes me think if I should think of some sort of ‘Plan B’ - if things go down, or receive maintenance. But if CloudFlare goes down - that everything might be as well... which is definitely a scary thought!
@DBTechYT
Жыл бұрын
I've been considering a plan b as well. Trying to figure out the best plan for me. Might make a video about it when I have something figured out
As a newbie I say: AWESOME! finally after hours of research... thanks man
@DBTechYT
9 ай бұрын
Glad I could help!
Start to finish video was SOOOOO smart. Well done sir
@DBTechYT
Жыл бұрын
Thank you kindly! I really felt like I needed to make this one :)
great video, all I needed !
Your content is 💯🥶 new subscriber from kenya continue with good work
Just what I was looking for. Thanks man!
@DBTechYT
Жыл бұрын
Awesome! Really glad the video was helpful!! I've got another video coming that will expand on this to use 3rd party authentication like Google and Github :)
Holy shit this finally made it work. Thank you very much!
Great video. I will definitely look into Tunnels for my applications.
Perfect video!!!! BEST vídeo to Learn install and configure cloudflare
@DBTechYT
Жыл бұрын
Glad you liked it!
NPM is being retired and I have closed off the ports that I used to have open on my Firewall. I did have to do something differently though. I use a cloud service and have a Tunnel setup for it. I wanted to restrict it using the IP Address and Bypass method you showed but that would not work. I could net get through. I changed it to Service Auth and it works. I can reach from my home IP but not when I fire up a VPN and my address changes. This is a great solution and no more worrying about Ports, Certs, and NPM.
Hey Dave, great video as always. im lucky to find your youtube channel somehow , keep up the good wok
@DBTechYT
Жыл бұрын
Hey, thanks!
Thanks so much! Was tearing my hair out trying to work this out. The closing the cmd and not editing the -d in I think was the problem
Thanks for the video for another informative and easy to fallow video.
Great video! Thank you for sharing!
Thank you, this was exactly what I needed to day. Now I have a WebODM page up and running with email verification
@DBTechYT
Жыл бұрын
Awesome!
Great stuff! Thank you.
Thx for this video. I needed to set that up for more security
This was incredibly helpful! Thank you
@DBTechYT
Жыл бұрын
Glad it was helpful!
great video!!
nice one - you earned my like and subscription because of this
@DBTechYT
Жыл бұрын
Thanks!
Just saying "what a great video!" :)
Great tutorial my dude
@DBTechYT
Жыл бұрын
Appreciate it!
Awesome Video, great stuff.
@DBTechYT
Жыл бұрын
Much appreciated!
Great Stuff! Thanks =)
Damn DB, I love all your stuff, and you have helped me so much over the years. I was going to do this, but there is an upload limit of 100mb for free plans. might be a good idea to let people know that these free accounts are limited. Now if that only applies to cloudflare hosting, then I will stand corrected, but it appears to be managment for the entire site which is not cool, at least for what I am trying to do. Just thought I would remind you, while I luv ya, to remember to point out limitations before people start changing thier registrar information!
@Sapious1
6 ай бұрын
Good point. I was implementing this and then thought maybe when this video was done there was no limit. For now I'll stick with NGINX and a Docker container to update my IP.
@MichaelCarreras
6 ай бұрын
@@Sapious1 I just ended up purchasing a domain through cloudflare. It was more than fair on price and if I'm not mistaken, it provided a cost effective work around on the restriction yet still allowing me the ability to set up the home server via tunnel. I paid it up for like 5 years, and ultimately plan on migrating to web3 domains in the long run anyway. So far it has worked great, gaggle of musicians exchanging large multitrack files on my private server was the goal, and I can say mission successful. I am no pro like DB, and can not express enough how much I respect the guy for the time he gives to us, I'm just a guy determined to get what I need done. Thanks for the comment, and hope that helps!!
Thanks for this as I've always shied away from opening ports on my home network
@DBTechYT
Жыл бұрын
Glad to help
Awesome guide! ⭐ Question: Are there any performance differences depending on how you host your Cloudflare Tunnel on your local network? Like installing the tunnel on your machine or when hosting it with Docker?
Yes yes yes! That’s what I needed min 18. I don’t know why I never click on that top button smh 😂 you are the man. Thank you for such a great video. Must appreciate it!
@DBTechYT
Жыл бұрын
YAY!! I'm glad this helped!! I've got another video coming that will show how to integrate 3rd party authentication like Google and Github :)
@edgardoirizarry9997
Жыл бұрын
@@DBTechYT looking forward to see it. Now on my way to change some settings on my server and update my tunnel. 🍻
@DBTechYT
Жыл бұрын
@@edgardoirizarry9997 YAY!!
Thx a lot man !!
Wow Excellent !!!
@DBTechYT
Жыл бұрын
Thank you! Cheers!
Thank you for the useful and free information. I have a question: I need to do a tunnel on my Mac High Sierra but cannot use Docker. Do you have any suggestions for other free tools I could use? Thank you in advance.
appreciated!
Really Informative One
@DBTechYT
Жыл бұрын
Thanks for liking
Never known you can run multiple apps on a single cloudflared tunnel! Love it 😍❤️ Thanks always your comprehensive & wonderful tutorials. Could you please tell me how do you update the cloudflared tunnel, I see on my dashboard there is an update avialable but I cannot connect my tunnel through shell on Portainer? Thanks in advance.
I have problem. I created tunnel and when I add public hostname with with HTTP service which point to local IP with certain port after add them for first time works well, then Proxied CNAME record turns into non-proxied A record which point to my public IP. Where I made mistake?
Thanks!
Dear sir, how would be the setup with Shlink? I have a domain proxied, and then with nginx redirected that domain to local_ip:port where shlink server is running. The urls are created but not accessible
Hi there great job you are doing. I do think that you should do a comprihemsive video series about Cloudflare Zero Trust several catagories: Analytics, Acces, Gateway, Teams, Logs and Settings. I really think this could render a lot of views. Cheers
Awesome stuff. My ISP doesn't provide a static IP. I can now host applications and save bucks on cloud platforms.
what is a bit weird for me is: once I add each app and port in the tunnel definition, by default i can access all from outside the network. I tried as well access - application - selfhosted method. works perfectly, but is asking me for the code when I access from internal as well. What am I missing?
Very helpful video sir 👍. Please make a video on how to set up ftp server using cloudflared tunnelling ..
@DBTechYT
Жыл бұрын
I'll see what I can do :)
You can also turn the docker file into a stack in portainer like this: version: "3.9" services: tunnel: container_name: cloudflared-tunnel image: cloudflare/cloudflared restart: unless-stopped command: tunnel run environment: - TUNNEL_TOKEN=YOURTOKENHERE You can also add this on to other stacks if you wanted to make a tunnel for each application
@DBTechYT
Жыл бұрын
Great info!
@DBTechYT
Жыл бұрын
Replying again to let you know I've created a page on my wiki that has this info as well: dbt3ch.com/books/access-your-self-hosted-services-without-port-forwarding/page/cloudflare-tunnels-docker-compose
@The_Blue_Portal
Жыл бұрын
@@DBTechYT Wow that's super dope!! Thanks for all the shoutouts!
@DBTechYT
Жыл бұрын
Thanks for sharing!! The least I can do is credit the source of the awesomeness!!
@nunoganho
Жыл бұрын
Perfect. Just what i was looking for. Worked fine
I know it's a year on, but followed this and all working nicely. Only caveat is I've tried to setup for just specific IP access, it's still bringing up a page requesting an email address?
The only thing i am unable to tunnel is SSH access to my server. I also use a different port than the default 22. I can’t get to connect with tunnels with SSH. Can you give it a try?
What if my app1 (frontend) fires api requests to app2 (backend), both being hosted on localhost, which I've tunneled? It doesn't seem to work
I'm having some issues trying to get this working with my Nextcloud instance on TrueNAS Scale. It's running and I can access it on LAN, but if I try to access it through the tunnel the connection just times out. It worked using http before, but when I enabled https for Nextcloud it stopped working. I've tried enabling No TLS Verify and that doesn't fix it. Any ideas?
Thumbs up! I think this way easier than other method I found. By the way, is there anyway to prevent google from indexing these pages? I am using my current website for SEO as well.
I was setting up the same thing to my proxmox installation, got ready the home assistant and some other services. I knew about this method at work, but they used Google Workspace account to log in, thanks for the video.
@DBTechYT
Жыл бұрын
Thanks for watching! I hope the video was helpful
Is it possible to use a security key for the restricted access of your applications inside/behind the Cloudflare Zero Trust Tunnels?
I followed this video and another one. I was able to get the tunnel working, but the Access - Application using email access one time pin via email isn’t working. I am not presented a login page. I bought the domain via Cloudflare just so I didn’t run into any DNS propagation issues during initial setup.
If I only want one tunnel, do I have to use a subdomain? Am I able to just use the domain I purchased?
David - Another great video. I just have a minor hiccup, the tunnel is functioning properly when away from the home network or even over tailscale. When I connect locally, it cannot find the server. Any ideas? the only thing I can think of is there is something with cloudflare not liking my *.5.0/24 network compared to the *.0.0/24 network you use in the video. Any ideas oh great bearded wonder? Edit - figured it out - DNSSec needed to be set the same for both cloudflare and porkbun. Thank you again for the inspiration to tinker.
thank you so much this has been really informative. I would like to ask cause I see in most videos the tunnel is setup only for application or web, but what if you want to add servers to the tunnel, in my case to Azure Vm. Is this possible or been done?
i need further help, i want to have the domain purchased be a website but use this method with a subdomain for a owncloud setup... I dont know where to even begin can someone help me?
I get an error at 17:20. Clicking the "public hostname" doesn't work, however, navigating to the "service" URL works as intended. Any pointers would be greatly appreciated! Thank you!
Newb on devops. Where are applications coming from in this video? How would setup be different for application running on docker compose inside VPS?
Dave this is brilliant cheers! ill be setting mine up over christmas. what about an updated nextcloud video including these options to get it up and running? , again cheers! :)
@DBTechYT
Жыл бұрын
I guess I've underestimated how many people use NextCloud. I've never found a good use for it. But I made this video a while back: kzread.info/dash/bejne/omR9mtKim9CYgJc.html
David, I'm using a VMware instance of Ubuntu that contains docker. I followed your video instructions but ended up with "Cloudflare --no-au…" Do you know why I'm getting this no auto-update error? Thanks
Does anyone know how to setup nextcloud on your phone after your create tunnel. I can access NC on browser but phone app doesn't work.
Most of this works. However, I am having troubles connecting to the docking server. The connection times out when I try to SSH into it. How do I SSH using the CMD Prompt?
After wasting a ton of time with haproxy, and always having suboptimal results, this is amazing. I wish there was a way to automatically enable HTTPS on tunnels but overall great video!
@DBTechYT
Жыл бұрын
It automatically enables SSLs on your domains.
@OgllyBoogly
Жыл бұрын
@@DBTechYT Wow I did this at 2am and did not notice. I assumed it would not perform SSL offloading like HAproxy. This is even better!
I have PC running windows 10 but I am not sure where to run the CloudFlare Client. It is better to install Docker on Windows then run CloudFlare client or just install CloudFlare Client on PC? What is the better speed and advantages. I have extra PC that can use to install any OS.
Great tutorial! Can you also create a public hostname you can use for webdav, VPN, etc...(Cannot get that working)? Thanks!
Thanks for that tutorial. I'm trying to access pihole but it doesn't work. Every other subdomain works perfectly but i can't figure out how to make it work with pihole that need to point to /admin I tried to put admin in the path field but it doesn't work either.
I don't write comments a lot, but great job!!!
14:14 I would also add "-d --restart=always" here If the server is restarted or in the event of a power failure when you turn on the server, cloudflare tunnels will simply not work because docker has not started. --restart=always will automatically start docker (Please correct me if I'm wrong.)
Is there any way to get client real IP over the cloudflare tunnel? all my website logs are localhost
Great tutorial! Setup my CloudFlare/ Domain. All good except that my website is redirecting to a different service (same host, different port) for authentication (IDP). I can't figure out how to handle this redirect, as it's on a different port assume the response is not routed through my tunnel. Tried setting up a sub-domain for this authentication service but it's not working. Any idea's/ suggestions how to deal or setup so that the authentication service is served through cloudflare?
Am trying to tunnel socks5 traffic via cloudflare tunnel not sure how to do that ?