eb36716ba4
We take advantage of the JWTValidator middleware and attach it to an ingress rule based on Access configurations. We attach the Validator directly to the ingress rules because we want to take advantage of caching and token revert/handling that comes with go-oidc. |
||
---|---|---|
.github | ||
.mac_resources | ||
.teamcity | ||
carrier | ||
certutil | ||
cfapi | ||
cfio | ||
cmd/cloudflared | ||
component-tests | ||
config | ||
connection | ||
datagramsession | ||
edgediscovery | ||
fips | ||
h2mux | ||
hello | ||
ingress | ||
ipaccess | ||
logger | ||
metrics | ||
orchestration | ||
overwatch | ||
packet | ||
proxy | ||
quic | ||
retry | ||
signal | ||
socks | ||
ssh_server_tests | ||
sshgen | ||
supervisor | ||
tlsconfig | ||
token | ||
tracing | ||
tunneldns | ||
tunnelrpc | ||
tunnelstate | ||
validation | ||
vendor | ||
watcher | ||
websocket | ||
.docker-images | ||
.dockerignore | ||
.gitignore | ||
CHANGES.md | ||
Dockerfile | ||
Dockerfile.amd64 | ||
Dockerfile.arm64 | ||
LICENSE | ||
Makefile | ||
README.md | ||
RELEASE_NOTES | ||
build-packages-fips.sh | ||
build-packages.sh | ||
cfsetup.yaml | ||
check-fips.sh | ||
cloudflared.wxs | ||
cloudflared_man_template | ||
dev.Dockerfile | ||
fmt-check.sh | ||
github_message.py | ||
github_release.py | ||
go.mod | ||
go.sum | ||
jet.yaml | ||
postinst.sh | ||
postrm.sh | ||
release_pkgs.py | ||
wix.json |
README.md
Cloudflare Tunnel client
Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins.
This daemon sits between Cloudflare network and your origin (e.g. a webserver). Cloudflare attracts client requests and sends them to you
via this daemon, without requiring you to poke holes on your firewall --- your origin can remain as closed as possible.
Extensive documentation can be found in the Cloudflare Tunnel section of the Cloudflare Docs.
All usages related with proxying to your origins are available under cloudflared tunnel help
.
You can also use cloudflared
to access Tunnel origins (that are protected with cloudflared tunnel
) for TCP traffic
at Layer 4 (i.e., not HTTP/websocket), which is relevant for use cases such as SSH, RDP, etc.
Such usages are available under cloudflared access help
.
You can instead use WARP client
to access private origins behind Tunnels for Layer 4 traffic without requiring cloudflared access
commands on the client side.
Before you get started
Before you use Cloudflare Tunnel, you'll need to complete a few steps in the Cloudflare dashboard: you need to add a website to your Cloudflare account. Note that today it is possible to use Tunnel without a website (e.g. for private routing), but for legacy reasons this requirement is still necessary:
Installing cloudflared
Downloads are available as standalone binaries, a Docker image, and Debian, RPM, and Homebrew packages. You can also find releases here on the cloudflared
GitHub repository.
- You can install on macOS via Homebrew or by downloading the latest Darwin amd64 release
- Binaries, Debian, and RPM packages for Linux can be found here
- A Docker image of
cloudflared
is available on DockerHub - You can install on Windows machines with the steps here
User documentation for Cloudflare Tunnel can be found at https://developers.cloudflare.com/cloudflare-one/connections/connect-apps
Creating Tunnels and routing traffic
Once installed, you can authenticate cloudflared
into your Cloudflare account and begin creating Tunnels to serve traffic to your origins.
- Create a Tunnel with these instructions
- Route traffic to that Tunnel:
- Via public DNS records in Cloudflare
- Or via a public hostname guided by a Cloudflare Load Balancer
- Or from WARP client private traffic
TryCloudflare
Want to test Cloudflare Tunnel before adding a website to Cloudflare? You can do so with TryCloudflare using the documentation available here.
Deprecated versions
Cloudflare currently supports versions of cloudflared
2020.5.1 and later. Breaking changes unrelated to feature availability may be introduced that will impact versions released prior to 2020.5.1. You can read more about upgrading cloudflared
in our developer documentation.
Version(s) | Deprecation status |
---|---|
2020.5.1 and later | Supported |
Versions prior to 2020.5.1 | No longer supported |