So everyone is talking about cloudflare tunnels and I decided to give it a shot.
However, I find the learning curve quite hard and would really appreciate a short introduction into how they work and how do I set them up…
In my current infrastructure I am running a reverse proxy with SSL and Authentik, but nothing is exposed outside. I access my network via a VPN but would like to try out and consider CF. Might be easier for the family.
How does authentication work? Is it really a secure way to expose internal services?
Thanks!
I have not converted my home network to use split-brain yet and that’s because I only just recently got Let’s Encrypt to work with the DNS-01 challenge which verifies domain ownership via a TXT record. Now that the DNS-01 challenge works perfectly, I can use split-brain DNS to resolve my example.com requests to internal IP addresses. What I am currently doing is as follows and it is inefficient and ugly!
Local request ---> Internet --> VPS Proxy --> WireGuard tunnel --> Local Server --> WireGuard tunnel -> VPS Proxy -> Internet --> Local originNow that I have Let’s Encrypt working using the DNS-01 challenge, there will be significantly less latency. It should look something like this:
Local request --> Local DNS Server --> Local Server --> Local request | --> Local Server --> WireGuard Tunnel --> InternetI hope this is helpful! This will reduce the amount of locally generated traffic that must transit the VPN tunnel bi-directionally.