Here is my scenario, I have a bunch of proxmox clusters, and I would like to expose their management interface via cloudflared tunnels + access applications. What I am unsure about is how to do this in a repeatable way. What I would LIKE to happen is below.

Public domain: mydomain.com
subdomain: pve.mydomain.com
internal hosts: pve(1|2|3).internal.corp

I would run a cloudflared remote-managed tunnel on each host (hosts are debian underneath) with the origin being https://localhost:8006 and ignore self-signed certs.

I can easily do each one as it’s own subdomain, but that is a lot of separate subdomains to track. I would much rather do it with paths.

Any suggestions?

P.S. here is a diagram of what I am trying to do.

graph LR
    root[mydomain.com] -->|cloudflare dns| pve(pve.mydomain.com)
    pve -->|pve1-origin= https://localhost:8006| pve1[pve.mydomain.com/pve1]
    pve -->|pve2-origin= https://localhost:8006| pve2[pve.mydomain.com/pve2]
    pve -->|pve3-origin= https://localhost:8006| pve3[pve.mydomain.com/pve3]

image740×197 35.2 KB

You can specify a path alongside the hostname when declaring a service.

https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/local-management/ingress/#matching-traffic

  # Rules can match the request's path to a regular expression:
  - hostname: static.example.com
    path: \.(jpg|png|css|js)$
    service: https://localhost:8001

I might be misunderstanding what the path does. I can configure this without a path and it works fine, when I add the path I just get a blank screen.

image1122×404 50.2 KB

I figured it out, I didn’t take the time to look at what was actually happening. The tunnel and public record is creating a CNAME with an alias to that tunnel. I can’t reference a CNAME to more than one ALIAS, which is what I was doing. Thanks for the reference @KianNH

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.