I’m used to cloudflared CLI, and would prefer to keep the config files server-side.
My docker-compose.yml file is:
version: '3.9'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: always
environment:
- WEBSOCKET_ENABLED=true
volumes:
- ./vw-data:/data
tunnel:
container_name: cloudflared-tunnel
image: cloudflare/cloudflared
restart: always
command: tunnel --config /etc/.cloudflared/config.yml run
volumes:
- ./cloudflared:/etc/.cloudflared
My config.yml is:
tunnel: [tunnelid]
credentials-file: /etc/.cloudflared/[tunnelid].json
ingress:
- hostname: [mydomain]
service: http://localhost:80
- service: http_status:404
I’ve noticed online people setting an env variable TUNNEL_TOKEN, but since I’m using self-hosted files, my token is a cert.pem.
Another issue however is that when I run this and try to browse to the page, I get the error ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 127.0.0.1:80: connect: connection refused
.
Any assistance would be beloved ♥
You’re using localhost in your config file so probably want to change that to http://vaultwarden/ so it knows which docker service to point to.
Out of curiosity: why are you putting vaultwarden behind a cloudflare tunnel?
My ISP blocks ports 80 and 443. Cloudflare tunnelling was the only workaround I could figure to get web interfaces working ^^
That’s a shitty ISP. Why the fuck do they tell you how you operate your access to the interwebz?!
It’s against their TOS to use it for a webserver 🥴
It’s against my TOS to use shitty ISPs :D