Cloudflare Tunnel Integration for Secure Remote Access #47
Description
Description
Integrate Cloudflare Tunnel (cloudflared) to enable secure remote access to services without opening firewall ports. Ideal for users who want to expose services via Cloudflare's edge network.
Parent Issue
Extends #43 (Remote Servers Management)
Why Cloudflare Tunnel?
- No firewall port forwarding required
- Built-in DDoS protection via Cloudflare edge
- Automatic HTTPS with Cloudflare certificates
- Popular for secure home-to-internet exposure
- Free for personal use
Use Cases
- Expose Plex/Jellyfin securely without port forwarding
- Remote access to homelab services via Cloudflare domain
- Combine with Cloudflare Access for additional auth layer
Tasks
- Design Cloudflare Tunnel provider adapter
- Research cloudflared client integration options
- Implement Cloudflare API client for tunnel management
- Add Cloudflare Tunnel wizard to UI
- Generate cloudflared configuration automatically
- Display active tunnels in Remote Servers list
- Add tunnel status monitoring (connected/disconnected)
- Implement tunnel creation/deletion via UI
- Secure Cloudflare API token storage
- Write user guide for Cloudflare Tunnel setup
- Add documentation for running cloudflared on remote hosts
Acceptance Criteria
- User can authenticate with Cloudflare API
- Can create and manage tunnels via UI
- Tunnels appear in Remote Servers list
- Generated cloudflared config works on remote hosts
- Tunnel status shows in real-time
- Clear setup instructions provided
Technical Considerations
- User must install cloudflared on remote host
- Provide Docker Compose snippet for cloudflared
- Support both managed and legacy tunnels
- Handle tunnel naming and DNS config
Priority
Medium - Important for firewall-restricted users
Milestone
Beta
Sub-issues
Will be created for: API integration, config generation, UI wizard