Create a Tunnel

Create your Tunnel

Log into Cloudflare
On the left, click on 'Zero Trust'
On the left, click on Access > Tunnels
Click on 'Create a tunnel'
Name the tunnel (eg "Home Network") and click on 'save tunnel'
Scroll down on the next page and locate the connector command, cloudflared.exe service install`` R4nd0mStr1ng0fCh4ract3rs
Take note of the unique key after 'install' (bolded above); save this in your password vault
Click on Next
We're now forced to create a public hostname (reverse proxy). Per the scenario we will create a tunnel for Overseer;
Field
Data
subdomain
overseerr
domain
yourdomain.com
path
type
HTTP
url
ServerHostame:Port
click on 'Additional application settings'
Click on 'Save tunnel'
You will be brought back to the Tunnels homepage, your tunnel will show as 'inactive'

Deploy the Tunnel Container

Create a new compose file in your GitHub repo using the below compose template

Create a new GitOps stack using the tunnel compose file
Under Environmental variables
1. add a variable "CLOUDFLARE_UUID", using the key noted in step 6 above
Deploy your stack
Refresh the Cloudflare tunnel page, it will now state 'active'

Repeat steps 2-4 for each additional tunnel you wish to create (for load balancing and redundancy)

Test the Tunnel

Browse to the public hostname we created earlier (step 9; subdomain + domain) and confirm that the Overseerr screen loads

PreviousTunnel NextCreate a Proxy (Public Hostname)

Last updated 1 year ago

Was this helpful?

Create your Tunnel

Log into Cloudflare

On the left, click on 'Zero Trust'

On the left, click on Access > Tunnels

Click on 'Create a tunnel'

Name the tunnel (eg "Home Network") and click on 'save tunnel'

Scroll down on the next page and locate the connector command, cloudflared.exe service install`` R4nd0mStr1ng0fCh4ract3rs

Take note of the unique key after 'install' (bolded above); save this in your password vault

Click on Next

We're now forced to create a public hostname (reverse proxy). Per the scenario we will create a tunnel for Overseer;

Field

Data

subdomain

overseerr

domain

yourdomain.com

path

type

HTTP

url

ServerHostame:Port

click on 'Additional application settings'

Click on 'Save tunnel'

You will be brought back to the Tunnels homepage, your tunnel will show as 'inactive'

Deploy the Tunnel Container

Create a new compose file in your GitHub repo using the below compose template

https://github.com/trentnbauer/agg/blob/main/docker-compose/cloudflared.yml

version: '3'

services:

  app:

    image: cloudflare/cloudflared:2025.5.0@sha256:f9d5c5b94cd7337c0c939a6dbf5537db34030828c243fca6b589fd85ab25d43b

    restart: unless-stopped

    network_mode: host

    environment:

      - TUNNEL_TOKEN=$CLOUDFLARE_UUID

      - TUNNEL_METRICS=0.0.0.0:5566

    command: tunnel run

    logging:

      driver: "json-file"

      options:

        max-size: "10m"

        max-file: "3"

    healthcheck:

      test: ["CMD", "cloudflared", "--version"]       # Check if cloudflared version command works

      interval: 60s                                   # Time between health check attempts

      timeout: 55s                                    # Time to wait for a response

      retries: 3                                      # Number of retries before marking as unhealthy

      start_period: 30s                               # Delay before health checks begin

    labels:

      - "autoheal=true"

Create a new GitOps stack using the tunnel compose file

Under Environmental variables

add a variable "CLOUDFLARE_UUID", using the key noted in step 6 above

Deploy your stack

Refresh the Cloudflare tunnel page, it will now state 'active'

Repeat steps 2-4 for each additional tunnel you wish to create (for load balancing and redundancy)