-
Set up a Cloudflare tunnel and configure it remotely. This can be done locally with a config.yaml file but we are doing it through Cloudflare itself. Every time the CloudflareD container starts it will pull down the relevant configuration.
-
Set up the proper DNS records for our tunnel. Both the tunnel's ingress rules and the DNS records will be defined recusively, based on the predefined variables.
-
Set up Cloudflared container. Upon starting, it's given a token that was defined in Step 1. It connects to Cloudflare and pulls the config.
The whole setup should take no more than a minute.
# Initializing/upgrading the project
terraform init -upgrade
# Imports the docker nextwork "cloudflared_network" for cloudlared & other containers if it exists.
# On first run, this shouldn't be a problem.
# Here is a one-liner, you need to supply the network name.
docker network inspect cloudflared_network -f "{{json .Id }}" | terraform import docker_network.cloudflared_network _
terraform apply -auto-approve
# Should destroy everything but the Docker network because it's probably used by other containers.
terraform apply -destroy -auto-approve
Rename the variables.auto.tfvars.example
to variables.auto.tfvars
and fill it in.
# Credentials
# Either
CF_email = "username@email.tld"
# Use global Global API Key from https://dash.cloudflare.com/profile/api-tokens
CF_apikey = ""
# Or
# Generate an API token from https://dash.cloudflare.com/profile/api-tokens
# Must have enabled:
# Zones.DNS
# Account.Cloudflare Tunnel
# Account.Account Settings
CF_apitoken = ""
# Custom tunnel name.
CF_tunnel_name = "some-cool-name"
# Domain to manage.
DOMAIN = "yourdomain.tld"
# Map of services and subdomains. The service url is from the docker network.
SUBDOMAINS = [
{
"subdomain":"example1",
"service":"http://container_name:80"
},
{
"subdomain":"example2",
"service":"http://container_name:8080"
}
]