Overview
This article provides a comprehensive guide for accessing specific resources on a private network via a Cloudflare Tunnel on a Crusoe Linux VM. By leveraging a dedicated domain, users can securely route traffic to targeted resources. This solution enhances security and simplifies access management, making it ideal for organizations that need to connect to specific internal applications or services.
Prerequisites
Before proceeding with the steps outlined in this guide, ensure that you have the following:
- A free Cloudflare account is created.
- A registered domain name with any domain registrar.
- Cloudflare is set as your primary DNS provider, meaning that the name servers for your domain are pointed to Cloudflare.
- Basic familiarity with command-line operations and SSH.
Step 1: Create a Crusoe VM
- Log in to your Crusoe account.
- Navigate to the VM creation section.
- Select a dedicated CPU-based instance type for optimal performance.
- Configure any additional settings (such as storage size, network options, etc.) as per your requirements.
- Launch the VM and note the public IP address for SSH access.
Step 2: SSH into the VM
-
Open a terminal (or Command Prompt/PowerShell on Windows).
-
Connect to your VM using SSH:
ssh ubuntu@<VM_PUBLIC_IP>
Replace
<VM_PUBLIC_IP>
with the actual public IP address of your VM.
Step 3: Add Cloudflare Package Repository
For Ubuntu 22.04, execute the following commands:
-
Create a keyrings directory:
sudo mkdir -p --mode=0755 /usr/share/keyrings
-
Add the Cloudflare GPG key:
curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
-
Add the Cloudflare package repository:
echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared jammy main' | sudo tee /etc/apt/sources.list.d/cloudflared.list
-
Update the package list and install
cloudflared
:sudo apt-get update && sudo apt-get install cloudflared
Step 4: Log in to the Cloudflare Tunnel
-
Authenticate your Cloudflare account:
cloudflared tunnel login
Follow the prompts to authorize your account.
Step 5: Create a Cloudflare Configuration File
-
Generate a configuration file by running:
vi /etc/cloudflared/config.yml
-
Add the following configuration, replacing
<Tunnel-UUID>
and<DOMAIN>
with your tunnel’s UUID and your target domain:tunnel: <Tunnel-UUID>
credentials-file: /root/.cloudflared/<Tunnel-UUID>.json
ingress:
- hostname: <DOMAIN>
service: http://<TARGET_RESOURCE_IP>:<PORT>
- service: http_status:404- Replace
<TARGET_RESOURCE_IP>
with the IP address of the resource you want to access. - Replace
<PORT>
with the appropriate port number for the service.
- Replace
-
Save and exit the editor.
Step 6: Run the Cloudflare Tunnel
-
Start the tunnel with the command:
cloudflared tunnel run <UUID or NAME>
Ensure that the tunnel runs without errors. Monitor the logs for any connection issues.
Step 7: Update DNS Records
-
Log in to your Cloudflare dashboard.
-
Navigate to the DNS settings for your domain.
-
Create a CNAME record pointing your chosen hostname to the Cloudflare Tunnel:
- Type: CNAME
- Name: <DOMAIN>
-
Target:
your_tunnel_id.cfargotunnel.com
Replace
<DOMAIN>
with the hostname you configured in the ingress section.
Comments
0 comments
Please sign in to leave a comment.