Help setting up cloudflared

1

I wanted to enable remote access to my HA instance and I thought Cloudflared might work for this.

As I use docker, I was thinking it would be easiest to just use it.

version: "3.8"
services:
  homeassistant:
    container_name: homeassistant
    image: ghcr.io/home-assistant/home-assistant:stable
    volumes:
      - /home/xxx/docker/homeassistant/homeassistant_config:/config
    restart: unless-stopped
    environment:
      - TZ=Europe/Stockholm
    network_mode: host
    ports: 
      - 8123:8123

version: "3.8"
services:
  cloudflared:
    image: cloudflare/cloudflared:latest
    container_name: cloudflared
    restart: unless-stopped
    command: tunnel run
    environment:
      - TUNNEL_TOKEN=xxx

I modified my configuration.yaml to allow proxy calls:

# Allows proxy traffic from cloudflared
http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 127.0.0.1

My cloudflared container successfully connect to clouflare and is shown up as healthy. However, when I access my domain, https://name.fi/, cloud flare says host is having issues:

Capture
Capture1233×828 28.2 KB

When I check logs on the cloudflare container, it says it cannot connect:

Capture2
Capture21237×570 25.4 KB

Capture3
Capture31134×148 9.91 KB

Anyone done the same? Any suggestions? :slight_smile:

I followed these videos:

3

Im guessing you are using cloudflare zero trust? if thats the case, you want to update under “Public Hostname Page - URL” with the same URL that you access HASS from within your network.

i.e.: if you use 192.168.1.100:8123,
then change (from your picture) 127.0.0.1:8123 to 192.168.1.100:8123

The way zero trust tunnel works is, it routes external traffic to your internal network in a secure way without having to open ports (extremely simplified explanation…there is a lot more to it… but basically thats it)

I was able to connect from the outside, let me know if this works for you.

also, if your website is for example: mysite.com
and you want to connect to homeassistant using hass.mysite.com
you can add under subdomain “hass” and under domain → dropdown of your main site, which for this example is “mysite.com”,
this allows you to have 1 domain for all your services…such as: for docker → docker.mysite.com, etc… and point each service to the same protocol (http or https) and their respective internal IP.

ITS IMPORTANT to note that if you access the service WITHIN your network with HTTPS…then use the same from the “Service / Type” dropdown… in example, I access docker through portainer as front end which uses port 9443 and its a secured port, so I would need to use HTTPS+IP:port

If you need help let me know.

Cheers!

4

Thank you! I actuallt got it working, turns out ai had added the wrong ip in the configuration.yaml file.

5

One strange thing however is that graphs don’t work when running via cloudflarded.

Local/wifi

Screenshot_20230528-204728
Screenshot_20230528-2047281080×2400 156 KB

Cloudflared

Screenshot_20230528-204747
Screenshot_20230528-2047471080×2400 103 KB