Cloudflared Tunnels

March 05, 2025

docker · networking · security

Cloudflare Tunnel is used to securely expose internal services without opening ports on the home network. Instead of inbound connections, it creates an outbound tunnel to Cloudflare.

This improves security and eliminates the need for port forwarding.
Docker Compose

code
version: "3.8"
services:
cloudflared:
image: cloudflare/cloudflared:latest
container_name: cloudflared
restart: unless-stopped
command: tunnel run
env_file:
- .env
networks:
- caddy_net
networks:
caddy_net:
external: true

Explanation

  • tunnel run: Starts the configured Cloudflare tunnel
  • env_file: Stores tunnel credentials and tokens
  • network: Allows routing to Caddy internally

Notes

  • No ports exposed → improved security posture
  • Integrates with Cloudflare Zero Trust for access control
  • Works as entry point before traffic reaches Caddy