LinuxCommandLibrary

cloudflared

Create secure tunnels to Cloudflare's network

TLDR

Authenticate and associate the connection to a domain in the Cloudflare account

$ cloudflared tunnel login
copy

Create a tunnel with a specific name
$ cloudflared tunnel create [name]
copy

Establish a tunnel to a host in Cloudflare from the local server
$ cloudflared tunnel --hostname [hostname] localhost:[port_number]
copy

Establish a tunnel to a host in Cloudflare from the local server, without verifying the local server's certificate
$ cloudflared tunnel --hostname [hostname] localhost:[port_number] --no-tls-verify
copy

Save logs to a file
$ cloudflared tunnel --hostname [hostname] http://localhost:[port_number] --loglevel [panic|fatal|error|warn|info|debug] --logfile [path/to/file]
copy

Install cloudflared as a system service
$ cloudflared service install
copy

SYNOPSIS

cloudflared [command] [options]

PARAMETERS

tunnel
    Creates a tunnel or manages existing tunnels.

service
    Manages cloudflared as a system service.

access
    Commands related to Cloudflare Access.

proxy-dns
    Starts a DNS proxy.

update
    Updates cloudflared to the latest version.

version
    Displays the cloudflared version.

login
    Authenticates cloudflared with Cloudflare using a browser.

logout
    Logs out cloudflared.

--config
    Path to the configuration file.

--loglevel
    Set the logging level (e.g., debug, info, warn, error).

--metrics


    Address to expose metrics on (e.g., localhost:9000).

DESCRIPTION

cloudflared is the command-line client for Cloudflare Tunnel, a service that allows you to securely expose local web servers to the internet without opening inbound firewall ports. It creates an outbound-only connection between your origin server and Cloudflare's global network. This eliminates the need to expose your server directly to the internet, improving security and reducing the attack surface. Cloudflared handles the connection establishment, authentication, and encryption, simplifying the process of setting up secure remote access. It supports various protocols including HTTP, HTTPS, and SSH.

Common use cases include securely exposing web applications for testing, hosting personal websites without port forwarding, and accessing internal resources remotely. Cloudflared ensures all traffic is routed through Cloudflare's infrastructure, benefiting from its DDoS protection, content delivery network (CDN), and other security features. It is a convenient solution for anyone who wants to securely access their local services from anywhere in the world, leveraging Cloudflare's global network for performance and security.

CAVEATS

Cloudflared requires a Cloudflare account and a domain configured with Cloudflare's DNS. Ensure proper configuration of the tunnel in your Cloudflare dashboard. Network connectivity to Cloudflare's network is essential for cloudflared to function correctly.

CONFIGURATION FILE

The configuration file (typically YAML) allows you to specify various settings such as tunnel ID, hostname mappings, and service configurations.
Example config.yml:
tunnel: abcdefgh-1234-ijkl-5678-mnopqrstuvwxyz
credentials-file: /etc/cloudflared/abcdefgh-1234-ijkl-5678-mnopqrstuvwxyz.json
ingress:
- hostname: example.com
service: http://localhost:8080
- service: http_status:404

SERVICE MANAGEMENT

The 'service' command allows to install, uninstall, and manage cloudflared as a system service on Linux, macOS, and Windows. This ensures cloudflared runs automatically in the background.

Copied to clipboard