Cloudflare Tunnels: Getting Started with Domains, DNS, and Tunnels

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey guys in this video we're going to buy a brand new domain name we're going to set up a brand new cloudflare account we're going to look at how to get our domain name pointed to our new cloudflare account and we're going to take a look at how to get cloudflare tunnels set up so that we can actually have multiple applications on a single tunnel so with that said let's jump in but first we've got some bills to pay so here's a quick message from today's video sponsor this video is sponsored by lenode I've been partnered with lenode for quite a while now because it's a great place to host just about anything you could want to host need a dedicated space to host an app lenode has you covered with more than 100 pre-built apps that can be installed with just a couple of clicks want to develop an app on your favorite flavor of Linux lenode has you covered there too with more than 30 different options to start with need to do some pen testing on your own network or app install a Kali Linux setup in just a few clicks to get started with testing your own security you can also host a Docker setup a kubernetes cluster and more with just a few clicks from hosting a single website to complex multi-cloud deployments find Enterprise level capabilities like object storage kubernetes and gpus at a 30 to 50 percent lower cost than the major Cloud providers be sure to check out the link in the video description to get a hundred dollars in free credit for 60 days to see what you can do with lenode so the first thing we want to do is actually buy a domain name doing this now will kind of save us some time later on so we're not having to wait quite as long while everything propagates now I'm going to use pork bun I've been using pork bun for years I like working with them I've worked with them in the past and I bought all my names from them for a while now so that's what I'm going to use you can use whatever you'd like to do or whatever you'd like to use the process will be more or less the same so if you do decide to use pork button this is what the home screen will look like and of course from here you can search for a domain name like if I wanted to I could just type in DB Tech and then leave this on book search and just hit enter and then it will give me all kinds of different options with DB Tech in the the the domain name basically and it will kind of build things around that and here are all of my different options based on what they have available once I have selected the one I want let's scroll down a little bit there was actually the one I saw earlier that I wanted to use dot Dev there we go so I'm going to come over here I'm going to click the Plus and then I can go to checkout now here we can see that we're going to register by default for one year we can select multiple years if we want to uh next to that of course we can see what our current price is what it will renew at and then there's some more options for upsells and things like that um and then uh here we've got some additional registration requirements SSL is required for DOT Dev to work um so there's just some some things you need to know about whatever extension you decide to go with they will have any of those additional requirements over here over here you'll also see that you will get who has privacy for free that's something that GoDaddy just started offering and pork bun has been offering for years uh you'll also get you know site Builder trials and web trials and email trials and you get all this extra stuff but that doesn't really apply to us because what we're going to do with our domain name we don't need any of this so our next step would be to click continue and then under that it says create account slash login we can go ahead and do that and then of course we'll go ahead and get logged in and then we can complete our purchase so here we are just a couple of minutes later and we can see here that we have completed our purchase and now what we get to do is wait well sort of so what we're going to do uh while these settings are kind of doing their thing in the background there's a lot of DNS propagation that has to happen when a new domain is purchased but what we can do while that is happening is actually go over and set up our new cloudflare account okay so here we are on cloudflare's homepage and what we want to do first is come up to the top right where we're going to see sign up right here and then it's going to ask us for an email address and a password go ahead and put that in and click on sign up so once we've got that we can go ahead and click on sign up okay so what we want to do next is actually click right here it says accelerate and protect your website or application we're going to click on get started okay so what we want to do now is actually enter the URL that we just purchased we're going to paste that in we're going to click on add a site now since I've started talking more about cloudflare on the channel I've had several people say that well they want my my credit card information there this isn't free why are you saying this is free come down to the bottom click right here where it says free and then click on continue so right now what it's going to do is actually go scan my DNS records and this actually looks good I'm actually kind of surprised that this is already showing up um basically there's these are just the default settings that pork bun enters when when you register a domain name every different registrar is going to have different entries here you can just leave this as it is for right now it's not going to matter just go ahead and click on continue so what it's telling us to do now is actually change our existing name servers so what we need to do is actually go back to our pork bun account or wherever you bought your domain and manage the name server settings for your new domain okay so here I am back on pork bun and here we can see the dbtap.dev is highlighted everything else of course is blurred but what we can do is come over here to where it says details and once that pops open we can kind of see what's going on here right here we can see that we've got four authoritative name servers right here we can see the four native name servers these are the default name servers that pork bun uses for their DNS what we want to do is edit that and then we want to delete all of those and then come back and copy these and paste them in and you want to make sure that you do one per line once you've got that you click submit and now we can see that our authoritative name servers are hazel.ns.cloudfloor.com and peter.ns.cloudflare.com so at this point it's kind of up to pork bun as far as their processes are concerned with regards to how long it will take for those DNS settings to take effect so this as I said there could take up to 48 hours and that's something that that a lot of people have issues with including myself I'm not a patient person I want I want answers now I want results now and this is the worst part about buying and setting up a domain name is the waiting process for all of the DNS to propagate across the internet that said and now we can go back over to cloudflare and we can say done check name servers and again right here it says registrars can take up to 24 hours to process name server updates pork mine said 48 it's it's usually less than both of those if I'm being completely honest but just know that depending on where you buy your domain name it could take a day or even two days for that to happen so what we want to do next is click on done check name servers and then we're going to go ahead and just click like I get started um do we want to have automatic https Ray writes absolutely I think that's very important or click save always use https again same answer to that yes we want to go ahead and check that and say save and then do we want to automentify anything uh no I default you don't want this on because it can actually have negative impacts on different types of JavaScript HTML CSS things like that more often than not it is going to be a JavaScript issue with with truncating things and minimizing things and that sort of stuff I leave this off by default and turn it on on a case-by-case basis as necessary I don't want to have any of that turned on so I'm just going to click save and then you want to use broadly which is their their compression method uh you can turn that on or off depending on what you want to do I'm just going to leave it on I'm going to click save and then I'll click finish so here it says complete your name server setup log into your registrar account do this change that and then again like I said it's going to take a little while up to 24 to 48 hours for that to happen again my experience with pork bun and cloudflare is it usually happens within just a couple of hours um so we'll just kind of hang out we'll wait and of course we'll come back when this is ready to go also I guess while you're waiting now is a good time to actually go back to your email and find the email that cloudflare sent you to verify your email address there will be a link in there that you can click and verify your account just to make sure that everything is set up and ready to go so depending on how patient or impatient you are you may just want to periodically come back to this page and click on check name servers and here it's not giving us really any new information here but if we come back to our home page here we can see that our domain is active here um and right now it says great news cloudflare is now protecting your site so let's actually take a look at that let's go over here to DNS and this is the IP addresses that were set up for the a records uh when a cloudflare imported the DNS records from pork bun so what we can do to actually see if the DNS settings have started taking effect um and and to make sure that cloudflare is actually managing our DNS is actually pretty simple if we come down and do a CMD so here's our Command Prompt and if we ping it we'll do uh ping DB tech.dab like so and we're getting a 104 2190 233 IP address now from my experience I know that that 104 address is cloudflare I've been using cloudflare for more than a decade now I know that IP address is cloudflare however if it had returned something like a 44 by 227 dot whatever our other options are here we would know that cloudflare is not currently handling our DNS and we would need to wait a bit longer now I'm going to be honest this has all happened in the course of five minutes I didn't have to wait 24 to 48 hours I was able to get this up and running literally in just a few minutes your mileage will probably vary so with that said now we actually have cloudflare managing our DNS so what we can do if we want to is come over here and click on edit we can actually delete all of these records I need to move this over just a little bit we're going to delete all of these records none of these matter anymore um because we're going to end up pointing this domain to our home via a couple of different methods now when I say that we've got a couple of different options on how we can do this we can just do just regular a records or cname records to manually Point our our sub domains and that sort of thing to our home IP address by clicking on ADD record coming over here selecting either a or C name whichever you'd like to do you might choose you know your subdomain and here we can see that would be demo.dbtech.dev and then we would put in our homes IP address of course that's not my home IP address I'm just putting stuff in there for the sake of demonstration there right this is this is how I did things for a long time because I didn't really understand tunnels if I'm being completely honest I was fine using something like nginx proxy manager or or traffic the problem with using something like uh internet proxy manager traffic caddy whatever is you have to open ports 80 and ports 443 on your home network to go from your modem and router to wherever your your reverse proxy container is I don't necessarily like having open ports on my network if I can help it so I use an alternate method called cloudflare tunnel or zero trust so because I don't want to open ports on my network I'm going to set this up with cloudflare zero trust or tunnels whatever you want to call it so I'm just going to click cancel here what I want to do is come over here to where it says traffic I'm going to go to cloudflare Tunnel right here and I want to launch a zero trust dashboard this will probably take a minute to load and now this is the first time we're here so it's saying hey welcome to zero trust we're going to click next uh then you're gonna give your team a name this is kind of just a default setting I'm going to call this PB Tech Dev dot cloudflareaccess.com we'll click next and then again we've got options for um what kind of plan do we want to use here I'm going to use a if the free plan because I'm not ever going to have 50 50 users on my setup here uh if you need to you can kind of do what you need to do with the other plans I'm just going to go with the free plan because I'm cheap and I don't need all of the extra stuff so I'm going to click select plan under free and proceed to payment okay so here it is asking for a payment method this is something I hadn't seen before or maybe I had spaced so we'll go ahead and click on add a payment method or you can use PayPal which is what I'm going to do so I'm just going to click PayPal and go through that process of getting PayPal attached to my account now look here's the thing they're never going to charge you for anything you don't agree to be charged for if you sign up for any of their extra services this way they already have a payment method on file but if all you're using is their free services they will never charge you for anything again I've been using them for a decade I'm not Shilling for them they're not paying me for this this has been my experience with more than a decade of using cloudflare so I'm just going to go ahead and set up my payment method via Paypal okay so here we can see the PayPal has been added of course I've blurred my PayPal email address there and of course it is going to want to ask for some more billing information regarding our name our country and our ZIP code go ahead and just put that stuff in and then click next once you've got all your billing information in again they're not going to charge you if you don't use any of their paid services so just I got to reiterate that we're going to click purchase at this point now we've we're kind of in a place where we can start getting our tunnels set up so what we can do here is actually click over here where it says access and click on tunnels you can go through all this other stuff if you'd like to do that but we're just kind of getting to the nitty-gritty here so we're just going to click on tunnels and it says hey let's create your first tunnel so let's do that our channel name we'll just let's just call it um a DB Tech Dev and we'll click on Save tunnel the next thing that we need to do is actually install a connector some way for our local machine wherever we are like in my studio here your home your office wherever we need to create a way for our local area to connect directly to cloudflare Vie tunnel now you've got some different options here whether it's Windows Mac Debian red hat or Docker I like to go the docker route if we click this what we're going to see here is this command now the problem with this command is that if you run this in a terminal window and then close that terminal window it's going to close down our Docker container so what we're going to do is we're just going to copy this I'm going to open a notepad and I'm going to paste that in there so here is the command that we were given to deploy a Docker container to connect our local server to our cloudflare tunnels account or zero trust account now the problem with this Command right here is that once we've connected to our server and we run this if we close our terminal window it's going to shut down that Docker container there's a simple fix for that what we can do is right up here we can do we can come up to where it says a Docker run right after run do space Dash D basically that means it's a detached it's disconnected from the terminal window meaning that it's not going to shut down when we close the terminal window that's what we want we just need to make sure that we add that Dash D I'm not sure why they don't have that in there by default but they don't and that's the fix that I have found for my setup so our next step will be to SSH into our Docker server so let's go ahead and do that go through SSH uh root at okay so now we've got our terminal window open we've got our Command over here what I want to do is just copy that I'm going to minimize it and then I'm going to go ahead I'm going to move this over to here so we can kind of see some stuff right down here it says connectors no connectors installed so we're just going to go ahead and paste that in we're going to hit enter and bring this back over and now it's going through the process of deploying that new container we're going to give this a second and right there is our connector ID now I will need to blur an IP address there that's fine um but here we can see we've got our version there we've got everything set up and ready to go so the next thing that we can do here is actually well click the next button and then we can start setting up our different applications here we can kind of start connecting to the different containers that we have available on our Docker servers so let's take a look at that okay so here we are in my portaner instance for this particular server uh let's actually use penguin share here oh I should mention we've got cloudflare right there that's the one we just deployed um so what we're going to do is come down to penguin share and I'm just going to click right here so we open this up in our uh in our local IP address and Port then we're going to come back to cloudflare zero trust and now I need to set up a sub domain first right so let's just call this uh ping ven and we'll do DB tech.dev like so and then we don't need to put in a path because we're not going to put this in any kind of like subdirectory or or you know dbtech.dev slash something this is just gonna be pingven.dbtech.ev so what we'll do next that we've got that we're going to come down here we're going to select HTTP now the reason I'm selecting HTTP and not https is because penguin does not by default have an SSL built into it so if it did we would select https because it doesn't we're going to use HTTP now what we'll do next is paste in our IP address and our port like so now I've had some people tell me that you can also use the container name you can also use localhost here there's some different options here I like to just put out the full thing just to make sure that I'm not missing anything there so once we've got that we can click on Save okay so here we are here's our tunnel what we're going to do is come over here and click on configure we're going to go to our public host names and right here is pingven.dbtech.dev we're going to click that okay so just that quickly and easily we have purchased a domain name we have set up a cloudflare account we have set up zero trust we've attacked our domain name to our cloudflare account and we've set up a tunnel via Docker that will allow us to remotely access different Docker containers now one of the questions that comes up fairly regularly is this people want to know how to set up multiple applications on a single tunnel and it's very very simple once you see what I'm about to do here so what we're going to do we're going to come back to portainer we're going to pick a different a different option here um tell you what let's just go with trago um just I was doing some testing with Drago we're not going to get into Trigo in here I'm just going to show you this so again I'm going to open this up here is our IP address and our Port so we're going to come back to here what we want to do is click on ADD a public hostname page we're going to call this Drago again dbtech.dev just like before we're going to say HTTP we're going to paste this in like so and then we're going to click on Save host name now again here is penguin here is Trego those are two separate applications on two separate subdomains but still on the same tunnel so what we can do now click Trigo oops and there we go it took just a second there was a little little hiccup there that happens sometimes you just got to reload the page and there it is now we've got trego.dbtech.dev we've also got pingven.dbtech.dev so the other thing you'll notice here is that Trego has an SSL here site is secure connection is secure certificate is valid there you go same thing over here on penguin again we've got our our padlock there we've got our secure connection our certificate is valid we're set up and ready to go just that easily Okay so we've actually already connected a couple of different applications via a cloudflare tunnel to our server so we've got remote access to them from basically wherever now the caveat to that or the the the kicker to that is of course everybody now has access to these domain names uh because we haven't set up any Security on them now I've already made a video about this but let's just kind of run through what we would do uh to just quickly set this up right so we're going to come back over to cloudflare we're going to go over here to applications under access we're going to add an application we're going to select self-hosted our application name in this case let's just call it bing bin like so our application subdomain again will be penguin and then dbtag.dev you can kind of leave all of this as it is if you want to I always uncheck this though then we're going to click on next we're going to add policies here we're going to call this email address which is called email will allow our email address this is all fine our selector will be email and our email will be now here's the cool thing about this like once I save this Beth let's just do that I'm trying to get ahead of myself here let's click over here let's click next and then um no that's fine we don't need to worry about any of this right now again I made a more end of the video earlier so let's open a new a new tab here uh let's do penguin dot at DB Dev hey look at that I can't access this because I need to put in an email address so I'm going to put my email address in and then it's going to say send me a code so I'm gonna go ahead and do that now you're gonna get this no matter what even if that email address isn't available to receive a code you're still going to get this screen it's kind of a preventative measure kind of thing so that people can't just keep trying email addresses until they get one um so this is just kind of a little thing that they've got in there you're always going to see the screen so I'm going to move this out of the way okay so almost instantly I got this email right here and right here is the code that it gave me so I'm going to copy that then I'm going to paste that in just like so it's like sign in and there we go so now that I've entered that code now it's forwarded me to penguin.ebtag.dev and of course the login page here so let's expand on our accessibility just a little bit here uh we're gonna go back to our email or to our policy our email policy here that says allow I'm going to click edit so if we take a look at our policy here of course we've named our policy email uh we can change that if we want to this was just demonstrative uh you can uh come down here you can add additional email addresses uh we'll just say you know like email one at Gmail comment hit enter and email to gmail.com whatever right you can add as many email addresses to that as you'd like so you're going to give multiple people access to your resources and all they've got to do is make sure that they've got an email address associated with our rules right here now let's say you didn't want to use email to to authenticate or whatever right um so let's just let's just delete this let's go over here to like IP ranges so let's say you know you've got a dedicated IP address at home you're going to put that in here whatever your whatever the IP address your ISP gave you is what's going to go in here if you've say got a VPN with a dedicated IP like I've got through uh private internet access link to that in the description down below um you can put that IP address in there and as long as you're accessing your web assets from from the IP addresses that you've put in here it will just let you access them access them without any additional authentication needed of course you could if you wanted to say they need to be within this IP address range and put in an email address you can kind of build your own security protocols to make sure that only certain people have access to your resources okay there you go there's how to buy a domain name set up a cloudflare account Point your new domain name to your cloudflare account get tunnels set up via Docker and actually use multiple different Docker containers on a single tunnel so hopefully this video is helpful hopefully you found it informative if you did do me a favor give the video a thumbs up that really does help me out quite a bit I would appreciate even just a thumbs up maybe some comments down below let me letting me know what you think about this solution like it hate it whatever let me know in the comment section down below but I think with that said I'm gonna wrap this up I want to thank you guys for spending a few minutes of your day with me today and I'll talk to you in the next video
Info
Channel: DB Tech
Views: 139,935
Rating: undefined out of 5
Keywords: cloudflare tunnel, cloudflare, cloudflare tunnel tutorial, cloudflare argo tunnel, cloudflare tunnel setup, cloudflare dns, getting started with cloudflare, cloudflare argo tunnel setup, how to use cloudflare tunnel, cloudflare tunnel ssh, cloudflare tunnel vpn, cloudflare secure tunnel, cloudflare tunnel localhost, how to uise cloudflare tunnel, unraid cloudflare argo tunnel, tunnel, cloudflare setup, cloudflare tutorial, how to setup cloudflare, cloudflare cdn
Id: Q5dG8g4-Sx0
Channel Id: undefined
Length: 23min 35sec (1415 seconds)
Published: Thu Dec 15 2022
Related Videos
Restrict Access to Your Cloudflare Tunnel Applications
DB Tech
51K
5 reasons EVERYONE needs a home server
TechHut
331K
Cloudflare tunnels are pretty cool
Web Dev Cody
26K
Access Your Self Hosted Services WITHOUT Port Forwarding
DB Tech
130K
What is CasaOS : An Awesome Home Server Operating System !!!
JC Laforge Tech
4.2K
Which Is The Best DNS for Secure Browsing: CloudFlare, Quad9, NextDNS, and AdGuard DNS
Lawrence Systems
91K
No more Cloudflare Tunnels for me...
Raid Owl
40K
Using Cloudflare Tunnels For Hosting & Certificates Without Exposing Ports On Your Firewall
Lawrence Systems
182K
NextCloud Without Port Forwarding via Cloudflare Tunnels
DB Tech
106K
Cloudflare Tunnels: Restrict Access with Google and Github
DB Tech
28K
Cloudflare Tunnel Setup Guide - Self-Hosting for EVERYONE
Raid Owl
133K
STOP using VPN, embrace Zero-Trust networking!
Christian Lempa
91K
Cloudflare Zero Trust Tunnel Guide: Exposing Self-Hosted Services Safely
Techdox
32K
How To Access Your PCs and Servers from Anywhere Using Guacamole and Cloudflare Tunnels
DB Tech
82K
Self Hosting on your Home Server - Cloudflare + Nginx Proxy Manager - Easy SSL Setup
Raid Owl
362K
You're running Pi-Hole wrong! Setting up your own Recursive DNS Server!
Craft Computing
1.2M
Setting up a CHEAP and EASY Homelab Linux Server
TechHut
313K
DDNS on a Raspberry Pi using the Cloudflare API (Dynamic DNS)
NetworkChuck
343K
Secure Cloudflare Tunnels with vLANs and an Internal Firewall Before It's Too Late!
Jim's Garage
44K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.