This is unfortunately a known issue with the app (if you are using Android, have a look at this issue). It is working fine for me with iOS and GitHub login.
1 Like
Hi, many thanks for the cloudflared add-on, which works great!
Is there a way to show the status of the tunnel (connected/disconnected) on a home assistant dashboard, e.g. though a helper etc.?
Having had my phone network provider block duckdns I came across this great solution 
Set it up all good and working no issues.
I have 2MFA on HAOS, love the idea of adding additional hosts like my router for remote access etc but what’s the best way to secure it down? I added my router but essentially if you stumble across the url or perhaps you can look it up? it’s sat there at the user/pass screen and could probably be just brute forced with enough time.
I run Asuswrt-Merlin so guess it has some protection but I mean in general if I expose my internal devices via the cloudflare tunnel what stops someone getting to it?
Using my mobile the IP will roam but is there guidance on locking it down a bit?
Also how do you remove all “additional_hosts”?
I setup the router as a test but now can’t save that field as blank.
Worked this bit out by adding
I suggests to go to the Cloudflare Zero Trust Dashboard and create a Self-Hosted Application for the host to be secured. I am using GitHub as auth provider, which is working great.
1 Like
No, not that I am aware of. For me, the tunnel works flawless and I am always connecting via the tunnel, so if the dashboard is working in the first place, the tunnel must be working.
Happy to get a suggestion for a new feature of the addon though, via a post in this community.
Thanks I’ll have a look, will it block the iOS app though?
Managed to add a basic WAF if you’re not UK rule block.
Any guidance on setting up rate limiting rules to prevent brute force?
You can decide which hosts you want to create an cloudflare application (= additional auth layer) for, meaning you can create an application for your router host but not for the HA host.
Havin that said, I am using the Tunnel with Cloudflare Applications for every host, including HA. It is working very well for me with the iOS app and GItHub as auth provider. If you are using Andoid though, there are some known limitations / problems and the issue in GitHub does not really get much attention unfortunately, though it looks like there is a workaround with locally stored certificates.
1 Like
Just for clarity and security…
I setup Cloudflare under one account as a ‘Super Administrator - All Privileges’ then used another account with ‘Domain Administrator’ as the access point for HAOS.
When setting up other stuff aka zero trust to other resources should I do it via the super admin or other one. I know this is going outside the bounds of HA but really want to get this right.
This is much appreciated. Thank you and merry christmas.
Sorry to trouble you again but even with the change to the config file the existing additional urls still appear to be set up. They are referred to in the log after
…INF Updated to new configuration config="{"ingress":
I went into Cloudflare and deleted the entries from the tunnel which worked.
However now I cannot add any additional sub domains.
It looks like Cloudflare is not picking up on changes made in the config file.
I am going to delete the token and reinstall…
On the latest update can someone explain what this means?
Breaking changes
- Drop Support i386 & armhf @brenner-tobias (#538)
I run HAOS on Proxmox on an intel NUC (i386)
Does that literally mean I just found this, just got it working for it to be no longer supported?
i386 is the old 32 bit architecture.
1 Like
Ok that makes more sense.
I just have it in my head i386 just means all intel chips…
Hi,
I was using a free domain but it stopped working so I decided to buy one from cloud flared. But now, even though it seems to work and I can access with no problem, I keep getting those errors that I do not know how to solve. Already wasted a few hours online but no success. Any pointer would be much appreciated:
2024-01-04T11:38:50Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp :8123: connect: connection refused" connIndex=0 dest=https:///api/hassio_ingress//stable-***************?reconnectionToken=-2f8f-4007-8cf2-dac9b03ef5f9&reconnection=true&skipWebSocketFrames=false event=0 ip=198.41.192.77 type=ws
2024-01-04T11:38:50Z ERR error=“Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 172.30.32.1:8123: connect: connection refused” cfRay=***********-LIS event=1 ingressRule=0 originService=http://homeassistant:8123
I’ve been using this for some time, all great.
Recently I attempted to use additional hosts, but cant seem to get it working. Has anyone got the addtional hosts working recently? The tunnels are created in Cloudflare webpage, but it’s not working here.
I am very new to web domain stuff, but I have been trying to get this going for months!
I have the following items below created.
My biggest problems are:
- Configuring the cloudflare side of things to point to my home assistant
- Configuring the home assistant side of things to use cloudflare.
(basically, everything)
PS. I tried to get help on the HA forum. A responder posted “You really don’t have a clue, do you?”. That was the only response I received.
But, he is right. I don’t have a clue.
- Home assistant (HA)
I have HA configured on a proxmox VM with a static IP on my network. I access it by http://192.xxx.xxx.22:8123
I have the cloudflared addon installed, but can’t figure out how to configure it.
There are 3 options on the Configuration tab:
a. External Home Assistant Hostname
Do I make up a name, or is this supposed to match something configure on Cloudflare?
b. Additional Hosts
I have no idea what to put there. I am having enough trouble getting one to work, much less ‘additional’ ones.
c. Cloudflare Tunnel name
This entry matches my tunnel created on Cloudflare
2: Cloudflare.
I have a domain that is active.
How do I configure the home assistant to work?
Thank you for reading.
Well, I have it working!
After posting the long post, I was looking again at the External Home Assistant Hostname and thought that I needed to enter my cloudflare domain name here.
Once I did that, BOOM! It worked!
Any suggestions on making this more secure, or more mainstream, please let me know.
Thanks.
I’m trying to get this to work too. I’m running ssh on another host in my network on port 65222
I tried this but it didn’t work.
- hostname: ssh.example.com
service: ssh://192.168.100.1:65222
I get the new hostname created, ssh.example.com, but port 65222 doesn’t seem to be connecting.
BTW, you have to go to the cloudflare addon and then click config then … then ‘Edit Yaml’.
I was trying to put this in the main config at first and that doesn’t work.