I exposed my Homelab through Cloudflare Tunnels
4 months ago
- #Homelab
- #Cloudflare
- #Security
- Cloudflare Tunnel allows exposing services without opening inbound ports on the router.
- Traditional self-hosting requires port forwarding, firewall trust, and risks DDoS attacks.
- Cloudflared daemon creates an encrypted tunnel to Cloudflare, routing traffic internally.
- Installation and authentication of cloudflared is straightforward with provided commands.
- Tunnel configuration includes multiple domains pointing to different local services.
- Cloudflare Tunnel automatically manages DNS records without manual intervention.
- Running the tunnel as a system service ensures it starts on boot and restarts on failure.
- Cloudflare Access adds authentication layers for private services.
- Common mistakes include exposing apps directly and forgetting 404 ingress rules.
- Cloudflare Tunnel is ideal for HTTP(S) apps but not for latency-sensitive services or game servers.