Heppy’e
CDCloudflare Developers
•Created by Heppy’e on 7/25/2024 in #general-help
Tunnel SSH proxying does not work through Docker, or direct connection, browser rendering errors
I can say that this issue can be marked as solved.
5 replies
CDCloudflare Developers
•Created by Heppy’e on 7/25/2024 in #general-help
Tunnel SSH proxying does not work through Docker, or direct connection, browser rendering errors
If anyone would appriciate, I can write a step by step guide on how to setup Cloudflare Tunnels w/ troubleshooting on Docker and bare-metal. Let me know!
5 replies
CDCloudflare Developers
•Created by Heppy’e on 7/25/2024 in #general-help
Tunnel SSH proxying does not work through Docker, or direct connection, browser rendering errors
It is clearly dissatisfing that there's no response from Cloudflare Community Support et'all.
5 replies
CDCloudflare Developers
•Created by Heppy’e on 7/25/2024 in #general-help
Tunnel SSH proxying does not work through Docker, or direct connection, browser rendering errors
We've finally resolved the issue.
There were many reasons that made our SSH tunnel not work at all.
We've figured it out, how to do that on Linux, Ubuntu 24.04.
I'll leave them here in case anyone needs:
- You NEED to have SSL enabled, in SSL/TLS to at least flexible (flexible is enough), on your target domain (on example.com if you have SSH on ssh.example.com)
- You NEED to have one-level subdomain with tunneled domain. That's because Cloudflare does not issue SSL certificates for multi-level domains. (instead of ssh.computer.example.com you should have computer-ssh.example.com or ssh.example.com, it does not matter if you have ssh.example.com I could have ted.example.com, just beware of one-level subdomain)
- You NEED to have your docker container running cloudflared in
--network host
mode. There are other, more secure or "better" solutions, but this one is the most straightforward. You HAVE to give dockerized cloudflared access to your computer's network.
- You SHOULD, if you install cloudflared on bare-metal, before you install cloudflared service remove all artifacts of possible previous daemons, do it by sudo cloudflared service install
- You SHOULD create self-hosted application (this is important one) if you want browser-rendered application. Then enable Browser Rendering and switch it to SSH. Beware of setting your application domain to the same of your Public Hostname. Set policy. That's enough, you do not need anything more.
See also this reddit comments thread which helped us resolve most of our issues: https://www.reddit.com/r/selfhosted/comments/or8zd4/comment/h6irffq/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button5 replies