-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
Reverse Proxy with Cloudflare Tunnel
This is the easiest reverse proxy that I have ever seen so far!
Despite a lot of reverse proxy methods in the world, unfortunately, none of them are actually easy-to-use in my opinion. As in the past, many Uptime Kuma users kept asking how to config a reverse proxy.
Recently, I just discovered that Cloudflare has added a web GUI for Cloudflare Tunnel which make it super easy to use. You can expose your Uptime Kuma to the Internet without so many configs!
For Docker users, you just need to provide a Cloudflare Tunnel token in the Settings, then you can browse Uptime Kuma on the Internet.
Read more about cloudflared: https://www.reddit.com/r/selfhosted/comments/tp0nqg/cloudflare_has_added_a_web_gui_for_controlling/
Pros:
- Free of charge
- Full GUI, zero-config files
- You can put your Uptime Kuma behind firewall
- No need to expose your real IP
- Expose Docker port is optional
- No need a reverse proxy software such as Nginx, Caddy or Traefik
- Zero-config SSL
- Free SSL
Cons:
- (Not a con if you are already using Cloudflare) You domain's nameserver have to move to Cloudflare.
- Added 30MB to the docker base image
- Your domain name's DNS is managed by Cloudflare.
- For Docker, it is supported by Debian base only. The Alpine base is not supported yet.
- For non-Docker, you need to download and install
cloudflared
. https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/ - For non-Docker Windows users, you can download the msi installer on their Github release: https://github.com/cloudflare/cloudflared/releases/latest
- Create a tunnel on Cloudflare Zero Trust.
- Get your tunnel token and set it into your Uptime Kuma instance.
- Map to http://localhost:3001.
- Profit.
The steps are actually very simple. However, since the concept is pretty new to anyone, it may be good to write it in detail.
But trust me, once you learn, you will remember how to configure a cloudflare tunnel without this guide! (for Nginx or Traefik, I could never remember how to configure them without googling it)
-
Go to Cloudflare Zero Trust.
-
Network
>Tunnels
>Create a Tunnel
-
Cloudflared
>Next
-
Type a
Tunnel name
such asuptime-kuma
and save tunnel. -
Click the clipboard icon to copy the run command.
-
Paste that into a text editor so you can copy the token from the end of the command.
cloudflared.exe service install eyJhIjoiZDA4ZGNiMTUXXXXXXXXXXXXXXXXXXXXXXXXXXXXX `` `
-
Go to your Uptime Kuma instance.
-
Settings
>Reverse Proxy
-
Paste the token into the
Cloudflare Tunnel Token
field. -
Click
Start cloudflared
-
Go back to
Cloudflare Zero Trust
, if you see your connector, then clickNext
-
Choose your favorite domain name and map to
http://localhost:3001
-
Click
Save
and go to your domain namehttps://<your domain name>
and profit! Yeah, it also automatically gives you SSL!
- Option 1. You can remove the map on Cloudflare.
- Option 2. You can click
Stop cloudflared
andRemove Token
in your Uptime Kuma.
Alternatively, you can set the token via a environment variable. cloudflared will be started automatically.
With this approach, you don't even need to expose your container port to the host machine.
UPTIME_KUMA_CLOUDFLARED_TOKEN=<your token>