I’m wondering how i can run cloudflared in a docker network, using docker-compose.yml because it’s much easier to manage and transfer to other servers than “docker run xxxxxx”.
For example, I create a docker network called “wordpress”, then i add both the docker containers to it, in the docker-compose.yml
so, i want to create a similar config for cloudflared, in this way if the token is leaked or my Cloudflare is hacked, only that docker networks are accessible, and not my whole LAN. Also I like the idea to don’t expose the ports on my server
But the documentation only mentions the command “docker run”
How can I add the token in docker-compose.yml? Like this?
(You can also use tunnel run --token but that’s considered less secure since the token is leaked plainly as part of the commandline to any other process on the machine. Up to you.)
Then on the Zero Trust dashboard you would set the ingress to https://wordpress:443 - a static IP is NOT required.
Since the cloudflared process runs within the wordpress network as part of the deployment, it wouldn’t be able to access network resources of other Docker networks, which is what you wanted.
Thanks for your example, in that way it’s even better, a tunnel for each application (i was thinking a single cloudflared joined to multiple docker networks, but in long term it will become an unmanageable mess)