# Setting Up Cloudflare Tunnel for Your Website: A Beginner's Guide This guide will walk you through the process of setting up a Cloudflare Tunnel to securely expose your website to the internet without opening ports on your firewall. This is perfect for beginners who want to host a website securely. ## What is Cloudflare Tunnel? Cloudflare Tunnel creates a secure connection between your local web server and Cloudflare's network, allowing visitors to access your site through Cloudflare without exposing your server's IP address. ## Prerequisites 1. A Cloudflare account (free tier works fine) 2. A domain registered and using Cloudflare DNS 3. Docker and Docker Compose installed on your server ## Step 1: Install cloudflared CLI ```bash # For Debian/Ubuntu curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb sudo dpkg -i cloudflared.deb # For other systems, visit: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/ ``` ## Step 2: Authenticate with Cloudflare ```bash cloudflared login ``` This command will open a browser window. Log in to your Cloudflare account and authorize the cloudflared application to access your account. This allows the tunnel to connect to your Cloudflare account. ## Step 3: Create a Tunnel ```bash cloudflared tunnel create my-website-tunnel ``` This will create a new tunnel and store the credentials in `~/.cloudflared/[TUNNEL-ID].json`. The tunnel ID is a unique identifier for your tunnel. ## Step 4: Get Your Tunnel ID ```bash cloudflared tunnel list ``` Note the tunnel ID - you'll need this for the next steps. It should look something like a UUID (e.g., "6ff42ae2-765d-4adf-8112-31c55c1551ef"). ## Step 5: Set Up DNS Records ```bash # Replace with your actual domain and tunnel ID cloudflared tunnel route dns your-tunnel-id yourdomain.com cloudflared tunnel route dns your-tunnel-id www.yourdomain.com ``` This links your domain name to the tunnel, allowing traffic to flow to your local server. ## Step 6: Configure Your Tunnel Use the provided `cloudflared-config.yml` file and update the following: ```yaml tunnel: your-tunnel-id # Replace with your actual tunnel ID credentials-file: /root/.cloudflared/your-tunnel-id.json # Update with your tunnel ID ``` Also update the hostname in the ingress section to match your domain: ```yaml ingress: - hostname: yourdomain.com # Replace with your actual domain service: http://localhost:80 ``` ## Step 7: Start the Tunnel Using Docker Compose We've provided a Docker Compose file that sets up both your web server and the Cloudflare tunnel: ```bash # Start the services docker-compose -f docker-compose-with-cloudflare.yml up -d # Check the status docker-compose -f docker-compose-with-cloudflare.yml ps ``` This will start both your web server and the Cloudflare tunnel service connecting it to the internet. ## Step 8: Monitor the Tunnel ```bash # Check logs from your Docker setup docker-compose -f docker-compose-with-cloudflare.yml logs -f cloudflared # Check tunnel status using the CLI cloudflared tunnel info your-tunnel-id ``` ## Troubleshooting - **Connection issues**: Check if your web server is running and accessible locally - **DNS issues**: Verify DNS records in your Cloudflare dashboard (orange cloud should be enabled) - **Authentication issues**: Ensure credentials file exists and contains valid information - **"No such tunnel" error**: Double-check your tunnel ID in all configurations ## Security Benefits - Your server's IP address remains hidden from the public - All traffic is encrypted between visitors and your server - Protection from DDoS attacks via Cloudflare's network - No need to open ports in your firewall ## Next Steps - Set up Cloudflare Access for additional authentication - Configure Cloudflare Workers for edge computing capabilities - Explore Cloudflare Pages for static site hosting For more information, visit the [Cloudflare Tunnel documentation](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/).