-
Required settings for using Cloudflare DDNS:
- A Cloudflare account and Cloudflare configured as your domains DNS servers
- In
vars/custom/cloudflare_ddns.ymlcloudflare_ddns_enabled:yesornoto enable/disable Cloudflare DDNS (default:no)cloudflare_api_token: the API token of the Cloudflare accountcloudflare_zone: the domain name of the Cloudflare zone (e.g.example.com)cloudflare_ddns_subdomain: the subdomain record (e.g.overseerrwould be created asoverseerr.example.com) (default:overseerr)cloudflare_ddns_proxied:'true'or'false'to enable/disable proxying the traffic through Cloudflare (default:'true')
-
You will need to first generate a token by following the steps here
a. You can find the token here:
-
Once you've generated the token, update the variables in
vars/custom/cloudflare.yml:cloudflare_tunnel_enabledtoyescloudflare_tunnel_tokento your token
-
After the container has been started, you should now see an active Connector in your Cloudflare dashboard
-
Follow the steps here to link containers to the tunnel, following the container map for the available container names and ports (use the container name as the "Service" name in the Cloudflare webgui, and append the port, e.g.
overseerr:5055)
Example:
The "public hostname" you use for the container does not need to match any Traefik proxy rule as this traffic does NOT pass through Traefik, it goes directly from the container -> Cloudflare.
This also means that SSO using Authentik will not work for any container configured to go through the Tunnel due to the authentication middleware being applied by Traefik. In order to use Authentik with a publicly accessible container, you will need to port-forward.