Jump to content
HexOS Q1 Status Update
  • 22

CloudFlare tunnels as a core feature

funnelcloud

Asked by funnelcloud,

 Share

Question

funnelcloud Newbie

funnelcloud

Posted
Posted

NginxProxyManager and Tailscale are great but I'd personally love to see a built in setting for Cloudflare Tunnels.  I recently did a setup for UpTimeKuma, which has it built in and it was gloriously easy.  I can see how it might overlap with your paid business model but just throwing my coins in the wishing well.

  • Like 16

19 answers to this question

Recommended Posts

  • 1
DarkDivinr Newbie

DarkDivinr

Posted
Posted

I second this. NPM is a nightmare setup for me and have never been able to get it setup reliably. Cloudflare Tunnels just works. Integration with HexOS would make an already promising software solution even better.

  • Like 1
  • 1
jmztaylor Apprentice

jmztaylor

Posted
Posted (edited)
4 hours ago, Wild said:

I'd love native cloudflare tunnels support, my ideal setup would be able to easily map subdomains that I own to apps hosted on HexOS

I use cloudflare tunnels for everything and have built out plenty of tooling to do this exact thing.  Playing devil's advocate and not knowing anything about the developers roadmap or mindset, adding subdomain configuration would require interacting with the Cloudflare API.  This also adds a third party dependency (Cloudflare API) to have to worry about changing or being updated breaking that feature.

Edited by jmztaylor
  • Like 1
  • 0
Goob Rookie

Goob

Posted
Posted

Just adding my +1 for Cloudflare integration. I also think tunnels/Zero Trust align with the HexOS goal of having lots of capability without all of the complexity and setup. Much easier to get working (and more reliable) than a reverse proxy in my experience. 

  • Like 1
  • 0
joshdev Apprentice

joshdev

Posted
Posted

I like the idea, but an important thing to consider is that cloudflare tunnels are not made for transfering big files or streaming high bitrate videos. All traffic goes through cloudflare and costs them money.

A solution like tailscale on the other hand facilitates peer to peer connections and all traffic after the initial connection building flows peer to peer. Here big files or streams are not a problem.

Hence cloudflare tunnels are great for applications that are light on transfers but especially for more NAS media stuff it is just not suited.

Hopes this gives some perspective 🙂

  • Like 1
  • Thanks 1
  • 0
jtbear Newbie

jtbear

Posted
Posted
On 12/5/2024 at 6:14 PM, UncleMikey said:

+1 for sure remote access for those outside the network for like nc Jellyfin and plex. Please and thank you

Streaming through a CF Tunnel is a quick way to get a one way ticket on the Cloud Ban. They strictly and largely state that CF tunnels are not to be used for high bandwidth use cases like streaming. Not to mention, setting up a CF tunnel is literally a one liner in the TrueNAS shell or a click on the CF'd apps installer and pasting a token. The rest like subdomain, IDPs, etc is all managed through Cloudflare and not touchable through Hex OS unless Hex could use the CF api, which IMO is a waste of time. Homelabs being hooked up to public domains can be dangerous if you dont know what you're doing, and we can only expect so much from HexOS developers. At some point, people need to learn a thing or two about safety/security and realize not everything can become a one-stop-shop.

  • 0
UncleMikey Enthusiast

UncleMikey

Posted
Posted
10 hours ago, jtbear said:

Streaming through a CF Tunnel is a quick way to get a one way ticket on the Cloud Ban. They strictly and largely state that CF tunnels are not to be used for high bandwidth use cases like streaming. Not to mention, setting up a CF tunnel is literally a one liner in the TrueNAS shell or a click on the CF'd apps installer and pasting a token. The rest like subdomain, IDPs, etc is all managed through Cloudflare and not touchable through Hex OS unless Hex could use the CF api, which IMO is a waste of time. Homelabs being hooked up to public domains can be dangerous if you dont know what you're doing, and we can only expect so much from HexOS developers. At some point, people need to learn a thing or two about safety/security and realize not everything can become a one-stop-shop.

Interesting, somehow i've never seen them say that, perhaps i've never dug deep enough into their docs. i've never actually tried to use it that way just for like selfhosting and so forth. but my nextcloud comment still applies, and for any media that isn't movies or tv shows right? or would they have an issue with streaming music n such?

  • 0
jtbear Newbie

jtbear

Posted
Posted
12 hours ago, UncleMikey said:

Interesting, somehow i've never seen them say that, perhaps i've never dug deep enough into their docs. i've never actually tried to use it that way just for like selfhosting and so forth. but my nextcloud comment still applies, and for any media that isn't movies or tv shows right? or would they have an issue with streaming music n such?

Cloudflared tunnels are for very niche use cases like accessing a container or VM. They state no bulk file transfers or any kind of long term, high bandwidth use cases. So it depends on how hi-fi your music streaming is, but definitely not for movies or tv show streaming. If you want to do high bandwidth stuff, setup a wireguard VPN.

  • 0
Harold Newbie

Harold

Posted
Posted
On 12/7/2024 at 12:45 PM, jtbear said:

Streaming through a CF Tunnel is a quick way to get a one way ticket on the Cloud Ban. They strictly and largely state that CF tunnels are not to be used for high bandwidth use cases like streaming. Not to mention, setting up a CF tunnel is literally a one liner in the TrueNAS shell or a click on the CF'd apps installer and pasting a token. The rest like subdomain, IDPs, etc is all managed through Cloudflare and not touchable through Hex OS unless Hex could use the CF api, which IMO is a waste of time. Homelabs being hooked up to public domains can be dangerous if you dont know what you're doing, and we can only expect so much from HexOS developers. At some point, people need to learn a thing or two about safety/security and realize not everything can become a one-stop-shop.

According to what I've seen, that's now only in the CDN ToS, so as long as you disable caching for the domain or subdomain that you're using for streaming or serving videos you should be fine?

  • Like 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing
×
×
  • Create New...