Guys… a little help? Bit of a noob question…
I’m using Cloudflared to be able to access my HA remotely (which is awesome, btw). Now… I also have the Adguard Home add-on installed which I would like to use on my phone while I’m on mobile data. How can I do this? Do I have to use a VPN?
Thanks in advance.
For those that are still getting the Error Code “Alamofire.AFError 10” like I have been with the Cloudflared addon and the iOS HA app, after many days of reading/google, etc. I had to delete all the applications related to that domain in the Cloudflare Zero Trust access area. It was the only way I could stop it from giving me that error. I tried countless combinations of access within ZT without luck.
So for anyone trying to hunt down the error, it lies somewhere in the ZT access restrictions and the HA app. I might try later adding my addon domains to some form of proxy manager to restrict access to the addon domains that do not have a login, but, for the time being at least it is working!
I switched from duckdns + nginx to this fantastic add-on…i have a question, it’s possible to redirect a post request from URL to another URL in same domain?
Example
post request to someurl/test/request
Redirect to
someurl/test2
Before i did that with nginx, now what i have to do? Can i still use nginx? How?
you can do some ingress matching for paths and direct them to any service. (see here)
Unfortunately, right now it is not possible to forward/rewrite to a specific path in a service, but this is being developed (see Cloudflare PR). So if you need this functionality, you can simply continue to use nginx.
To do that, just set the flag nginx_proxy_manager if you are using the HA NPM add-on for that. Alternatively, you can also set a catch_all_service to any other nginx server and configure everything there.
I have no solution but a have the same issue only with the Z2M-Ingress-Dashboard
It solved itself on it’s own after few days. First it started working on my mobile app and after over a week also on PC.
I have replaced DuckDNS with Cloudflared and got it all working ok - much nicer not to have any holes in my firewall anymore.
Can I check - does setting this up create a fully encrypted tunnel between the Browser → Cloudflare → Home Assistant? Or is the connection between Cloudflare and Home Assistant unencrypted?
My cloudflared went down recently and not too sure why? Logs below
2022-11-04T01:27:21Z INF Connection 5a0d722f-17f9-4bce-ba6f-88719d6eba69 registered connIndex=1 ip=198.41.192.37 location=ATL
2022-11-04T01:27:22Z INF Connection 03525d9e-3fbe-4a68-bff4-c3cc4b72061f registered connIndex=2 ip=198.41.200.13 location=MIA
2022-11-04T01:27:23Z INF Connection 7f0e11da-6a3b-4c4d-8e27-ab9eb110e2b4 registered connIndex=3 ip=198.41.192.57 location=ATL
2022-11-04T01:28:04Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=764992229d43b12d-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:28:04Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=0 dest=https://kbrown250.cf/mushroom-creation/home-view ip=198.41.200.113 type=http
2022-11-04T01:28:04Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=76499223c83bb12d-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:28:04Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=0 dest=https://kbrown250.cf/manifest.json ip=198.41.200.113 type=http
2022-11-04T01:28:04Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=764992246a7bad15-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:28:04Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=3 dest=https://kbrown250.cf/api/websocket ip=198.41.192.57 type=ws
2022-11-04T01:29:05Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=764993a19ef5b12d-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:29:05Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=0 dest=https://kbrown250.cf/mushroom-creation/home-view ip=198.41.200.113 type=http
2022-11-04T01:29:05Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=764993a2b968b12d-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:29:05Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=0 dest=https://kbrown250.cf/manifest.json ip=198.41.200.113 type=http
2022-11-04T01:29:05Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=764993a30dc8acfd-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:29:05Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=3 dest=https://kbrown250.cf/api/websocket ip=198.41.192.57 type=ws
2022-11-04T01:30:06Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=764995208d62b12d-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:30:06Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=0 dest=https://kbrown250.cf/mushroom-creation/home-view ip=198.41.200.113 type=http
2022-11-04T01:30:07Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=76499521afe9b12d-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:30:07Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=0 dest=https://kbrown250.cf/manifest.json ip=198.41.200.113 type=http
2022-11-04T01:30:07Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=76499521ef39b02a-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-04T01:30:07Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=1 dest=https://kbrown250.cf/api/websocket ip=198.41.192.37 type=ws
2022-11-07T02:49:59Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=7662c2439e3daccd-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-07T02:49:59Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=3 dest=https://kbrown250.cf/api/websocket ip=198.41.192.57 type=ws
2022-11-07T02:50:00Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=7662c24abd31b0b8-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-07T02:50:00Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=1 dest=https://kbrown250.cf/api/websocket ip=198.41.192.37 type=ws
2022-11-07T02:50:02Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=7662c257d9cab18f-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-07T02:50:02Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=3 dest=https://kbrown250.cf/api/websocket ip=198.41.192.57 type=ws
2022-11-07T02:50:06Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=7662c26f2bf8b0d0-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-07T02:50:06Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=1 dest=https://kbrown250.cf/api/websocket ip=198.41.192.37 type=ws
2022-11-07T02:50:11Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" cfRay=7662c28cbb43b0a6-ATL ingressRule=0 originService=http://homeassistant:8123
2022-11-07T02:50:11Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused" connIndex=1 dest=https://kbrown250.cf/api/websocket ip=198.41.192.37 type=ws
2022-11-07T12:02:23Z INF Unregistered tunnel connection connIndex=0
2022-11-07T12:02:23Z WRN Failed to serve quic connection error="Application error 0x0" connIndex=0 ip=198.41.200.113
2022-11-07T12:02:23Z WRN Serve tunnel error error="Application error 0x0" connIndex=0 ip=198.41.200.113
2022-11-07T12:02:23Z INF Retrying connection in up to 1s connIndex=0 ip=198.41.200.113
2022-11-07T12:02:25Z WRN Connection terminated error="Application error 0x0" connIndex=0
2022-11-07T12:02:43Z WRN Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0 ip=198.41.200.113
2022-11-07T12:02:43Z INF Retrying connection in up to 4s connIndex=0 ip=198.41.200.113
2022-11-07T12:02:44Z WRN Connection terminated error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=0
2022-11-07T12:03:18Z INF Connection e676982d-5021-4488-9b02-498ee0e3479e registered connIndex=0 ip=198.41.200.113 location=MIA
2022-11-07T13:01:36Z INF Unregistered tunnel connection connIndex=3
2022-11-07T13:01:36Z WRN Failed to serve quic connection error="Application error 0x0" connIndex=3 ip=198.41.192.57
2022-11-07T13:01:36Z WRN Serve tunnel error error="Application error 0x0" connIndex=3 ip=198.41.192.57
2022-11-07T13:01:36Z INF Retrying connection in up to 1s connIndex=3 ip=198.41.192.57
2022-11-07T13:01:38Z WRN Connection terminated error="Application error 0x0" connIndex=3
2022-11-07T13:01:50Z WRN Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-07T13:01:50Z INF Retrying connection in up to 4s connIndex=3 ip=198.41.192.57
2022-11-07T13:01:51Z WRN Connection terminated error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=3
2022-11-07T13:02:13Z INF Connection d8defdd2-1c85-4b7c-aadb-2bd8b66bcb0c registered connIndex=3 ip=198.41.192.57 location=ATL
2022-11-07T13:10:04Z INF Unregistered tunnel connection connIndex=1
2022-11-07T13:10:04Z WRN Failed to serve quic connection error="Application error 0x0" connIndex=1 ip=198.41.192.37
2022-11-07T13:10:04Z WRN Serve tunnel error error="Application error 0x0" connIndex=1 ip=198.41.192.37
2022-11-07T13:10:04Z INF Retrying connection in up to 1s connIndex=1 ip=198.41.192.37
2022-11-07T13:10:04Z WRN Connection terminated error="Application error 0x0" connIndex=1
2022-11-07T13:10:16Z WRN Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-07T13:10:16Z INF Retrying connection in up to 4s connIndex=1 ip=198.41.192.37
2022-11-07T13:10:18Z WRN Connection terminated error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=1
2022-11-07T13:10:29Z INF Connection ad6394f8-0839-4e5c-9e6a-9dcaf905a4bf registered connIndex=1 ip=198.41.192.37 location=ATL
2022-11-08T08:56:02Z INF Unregistered tunnel connection connIndex=1
2022-11-08T08:56:02Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T08:56:02Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T08:56:02Z INF Retrying connection in up to 1s connIndex=1 ip=198.41.192.37
2022-11-08T08:56:02Z INF Unregistered tunnel connection connIndex=3
2022-11-08T08:56:02Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T08:56:02Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T08:56:02Z INF Retrying connection in up to 1s connIndex=3 ip=198.41.192.57
2022-11-08T08:56:02Z WRN Connection terminated error="timeout: no recent network activity" connIndex=3
2022-11-08T08:56:02Z WRN Connection terminated error="timeout: no recent network activity" connIndex=1
2022-11-08T08:56:19Z INF Connection fa18c9c3-8104-4f81-9686-f83408a98b87 registered connIndex=3 ip=198.41.192.57 location=ATL
2022-11-08T08:56:22Z INF Connection 1479171a-7efe-49de-8751-1d64d0ea9417 registered connIndex=1 ip=198.41.192.37 location=ATL
2022-11-08T09:03:32Z INF Unregistered tunnel connection connIndex=3
2022-11-08T09:03:32Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T09:03:32Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T09:03:32Z INF Retrying connection in up to 1s connIndex=3 ip=198.41.192.57
2022-11-08T09:03:32Z INF Unregistered tunnel connection connIndex=1
2022-11-08T09:03:32Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T09:03:32Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T09:03:32Z INF Retrying connection in up to 1s connIndex=1 ip=198.41.192.37
2022-11-08T09:03:33Z WRN Connection terminated error="timeout: no recent network activity" connIndex=3
2022-11-08T09:03:34Z WRN Connection terminated error="timeout: no recent network activity" connIndex=1
2022-11-08T09:03:50Z WRN Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T09:03:50Z WRN Failed to create new quic connection error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T09:03:50Z INF Retrying connection in up to 4s connIndex=3 ip=198.41.192.57
2022-11-08T09:03:50Z INF Retrying connection in up to 4s connIndex=1 ip=198.41.192.37
2022-11-08T09:03:51Z WRN Connection terminated error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=1
2022-11-08T09:03:51Z WRN Connection terminated error="failed to dial to edge with quic: timeout: no recent network activity" connIndex=3
2022-11-08T09:04:00Z INF Connection 3cae4fba-e3c4-4eb4-b77e-ed620f20941f registered connIndex=1 ip=198.41.192.37 location=ATL
2022-11-08T09:04:00Z INF Connection 9b11640f-4c8c-4413-a366-5fe7aeb18db2 registered connIndex=3 ip=198.41.192.57 location=ATL
2022-11-08T11:05:44Z INF Unregistered tunnel connection connIndex=1
2022-11-08T11:05:44Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T11:05:44Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=1 ip=198.41.192.37
2022-11-08T11:05:44Z INF Retrying connection in up to 1s connIndex=1 ip=198.41.192.37
2022-11-08T11:05:45Z INF Unregistered tunnel connection connIndex=3
2022-11-08T11:05:45Z WRN Failed to serve quic connection error="timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T11:05:45Z WRN Serve tunnel error error="timeout: no recent network activity" connIndex=3 ip=198.41.192.57
2022-11-08T11:05:45Z INF Retrying connection in up to 1s connIndex=3 ip=198.41.192.57
2022-11-08T11:05:45Z WRN Connection terminated error="timeout: no recent network activity" connIndex=1
2022-11-08T11:05:47Z WRN Connection terminated error="timeout: no recent network activity" connIndex=3
2022-11-08T11:05:54Z INF Connection 14058083-59a1-41b3-90d0-ad7c3580d8f9 registered connIndex=3 ip=198.41.192.57 location=ATL
2022-11-08T11:05:54Z INF Connection 29c529f8-6083-4426-a87d-ff7a7107a6fe registered connIndex=1 ip=198.41.192.37 location=ATL
It looks like something in HA did not respond anymore. I suggest to completely restart you HA instance and check again. Please raise an issue on GitHub if this persists.
Dear @brenner-tobias, thank you very much for this great HA add-on!
I’m switching from Nginx Proxy Manager with router ports open to this great addon and inside HA it works fine.
But I have a problem with Alexa.
All devices in Alexa responded with “Server not responding”.
The AWS Lambda test worked and all my devices responded.
But no device works in the Alexa app.
In cloudflare the bot fight mode is turned off.
Can you give me tips on how to fix the error?
Best regards
Gerd
I tried to configure the nginx proxy, but it seems that all the configurations not working … where am I wrong?
I checked Enable Catch-All Nginx-Proxy-Manager on this addon, and i configure nginx.
For test, i tried to put an access list on nginx, but when I go to my host, where I have activated the access list, nothing happens and it directly loads the home assistant home page.
there are some settings on cloudflare page that i have to change to make this setup work (cloudflared + nginx)?
As far as I understand, you want to route everything to NPM, right? In order to do that, you have to remove the “external_hostname” configuration option from your add-on configuration. Otherwise, the HA traffic from this hostname will always be routed directly to HA and only everything else to NPM.
I got Cloudflared up and running. Thank you. However, I need advice:
I would like to redirect a different subdomain (c.different.com) to the cloudflared subdomain (c.original.com). A simple cname entry does not work. Any help is appreciated. Thank you.
I am not sure that I get your use-case: If you have access to different.com DNS, why not just move this domain to Cloudflare and configure everything there?
Additionally, I have to say that this is not really an issue / question regarding the add-on but rather a general Cloudflare topic, so I suggest raising this in their community (which is very active).
Hi Tobias
Great add-on…
…but I am struggling to make it wotk.
I believe I have the set up correct.
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service init-banner: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
-----------------------------------------------------------
Add-on: Cloudflared
Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
Add-on version: 4.0.3
You are running the latest version of this add-on.
System: Home Assistant OS 9.3 (armv7 / raspberrypi4)
Home Assistant Core: 2022.11.3
Home Assistant Supervisor: 2022.10.2
In my configuration.yaml I have
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
Going via 4g I get
This site can't be reached
[my web url]'s server IP address could not be found
ERR_NAME_NOT_RESOLVED
Can you point me at some things I could check?
Thanks, Tony
Happy to help. Can you please share your full Add-On log after starting the cloudflare add-on and also your add-on configuration?
Hi Tobias
Thanks for your help.
A few mores tests reveal that I can use the external URL so long aas I am not on my home network. I don’t know if that makes sense?
I have obfuscated the domain name and tunnel id
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service init-banner: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
-----------------------------------------------------------
Add-on: Cloudflared
Use a Cloudflare Tunnel to remotely connect to Home Assistant without opening any ports
-----------------------------------------------------------
Add-on version: 4.0.3
You are running the latest version of this add-on.
System: Home Assistant OS 9.3 (armv7 / raspberrypi4)
Home Assistant Core: 2022.11.3
Home Assistant Supervisor: 2022.10.2
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub or forums.
-----------------------------------------------------------
s6-rc: info: service init-banner successfully started
s6-rc: info: service init-log-level: starting
s6-rc: info: service init-log-level successfully started
s6-rc: info: service init-cloudflared-config: starting
[08:21:18] INFO: Checking config for legacy options...
[08:21:19] INFO: Checking add-on config...
[08:21:20] INFO: Checking for existing certificate...
[08:21:20] INFO: Existing certificate found
[08:21:20] INFO: Checking for existing tunnel...
[08:21:20] INFO: Existing tunnel with ID 617f0784-xxxx-xxxx-xxxx-e520f6a3c787 found
[08:21:20] INFO: Checking if existing tunnel matches name given in config
[08:21:22] INFO: Existing Cloudflare Tunnel name matches config, proceeding with existing tunnel file
[08:21:22] INFO: Creating config file...
[08:21:23] INFO: Validating config file...
Validating rules from /tmp/config.json
OK
[08:21:24] INFO: Creating DNS entry www.mydomain.net...
2022-11-18T08:21:25Z INF www.mydomain.net is already configured to route to your tunnel tunnelID=617f0784-9a42-4ab8-a370-e520f6a3c787
[08:21:26] INFO: Finished setting up the Cloudflare Tunnel
s6-rc: info: service init-cloudflared-config successfully started
s6-rc: info: service cloudflared: starting
s6-rc: info: service cloudflared successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[08:21:26] INFO: Connecting Cloudflare Tunnel...
2022-11-18T08:21:26Z INF Starting tunnel tunnelID=617f0784-xxxx-xxxx-xxxx-e520f6a3c787
2022-11-18T08:21:26Z INF Version 2022.10.3
2022-11-18T08:21:26Z INF GOOS: linux, GOVersion: go1.18.6, GoArch: arm
2022-11-18T08:21:26Z INF Settings: map[config:/tmp/config.json cred-file:/data/tunnel.json credentials-file:/data/tunnel.json loglevel:info metrics:0.0.0.0:36500 no-autoupdate:true origincert:/data/cert.pem]
2022-11-18T08:21:26Z INF Generated Connector ID: 8bed9a06-7176-4e82-b528-42c164f1f66c
2022-11-18T08:21:26Z INF Initial protocol quic
2022-11-18T08:21:26Z INF ICMP proxy will use 172.30.33.3 as source for IPv4
2022-11-18T08:21:26Z INF ICMP proxy will use :: as source for IPv6
2022-11-18T08:21:26Z INF Starting metrics server on [::]:36500/metrics
2022-11-18T08:21:27Z INF Connection d3ff91ee-0304-49c4-8b14-15ab0d4ee071 registered connIndex=0 ip=198.41.200.23 location=MAN
2022-11-18T08:21:27Z INF Connection bd3f82dc-833d-49ee-ac4e-06ff36a40f9c registered connIndex=1 ip=198.41.192.67 location=LHR
2022-11-18T08:21:28Z INF Connection 2a07db26-0595-43db-993c-1fe2763fcd9a registered connIndex=2 ip=198.41.200.13 location=MAN
2022-11-18T08:21:29Z INF Connection aaa4f7b0-261e-4819-bc86-375e0d1ec01e registered connIndex=3 ip=198.41.192.7 location=LHR
Config
additional_hosts: []
external_hostname: www.mydomain.net
How secure this approach is?
I understand I am accessing HA via HTTPS in this case and the traffic between Cloudflare and my HA is secured.
But anyone who know the hostname can hit the login page and try to login, right?
So this is same as exposing HA to the internet with Let’s Encrypt certificate? Correct?
I am sorry if it was answered in this topic but I was unable to find it.
yes and no. It is similar, but you do not need to open any ports on your router with Cloudflared, but for DuckDns with Let’s Encrypt you have to
Yeah, some difference
Opening port + Lets Encrypt cert
Coudflare tunnel + Cloudflare cert
But result is the same - HA is exposed to the internet.