Can't register tunnel when starting as a service but works perfectly from command line (Ubuntu)

Hi all! I have really strange problem with running Cloudflare Tunnel on Ubuntu.

The configuration went as expected and I am able to run the tunnel using the command sudo cloudflared tunnel run home1 (home1 is the name of the tunnel)

However, when I want to run it as a service (as configured by the cloudflared tool) I get error ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233 and ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233

The same config files, certs and tunnel id’s are used, it’s ran under the same user.

Please have a look at the detailed logs below.

Running from command line:

[email protected]:~$ sudo cloudflared tunnel run home1
2022-10-25T19:50:51Z INF Starting tunnel tunnelID=REDACTED
2022-10-25T19:50:51Z INF Version 2022.10.2
2022-10-25T19:50:51Z INF GOOS: linux, GOVersion: go1.18.6, GoArch: amd64
2022-10-25T19:50:51Z INF Settings: map[cred-file:/etc/cloudflared/REDACTED.json credentials-file:/etc/cloudflared/REDACTED.json proxy-dns:true proxy-dns-port:5053 proxy-dns-upstream:[https://1.1.1.1/dns-query https://1.0.0.1/dns-query]]
2022-10-25T19:50:51Z INF Adding DNS upstream url=https://1.1.1.1/dns-query
2022-10-25T19:50:51Z INF Adding DNS upstream url=https://1.0.0.1/dns-query
2022-10-25T19:50:51Z INF Starting DNS over HTTPS proxy server address=dns://localhost:5053
2022-10-25T19:50:51Z INF cloudflared will not automatically update if installed by a package manager.
2022-10-25T19:50:51Z INF Generated Connector ID: REDACTED
2022-10-25T19:50:51Z INF Initial protocol quic
2022-10-25T19:50:51Z INF ICMP proxy will use 192.168.88.39 as source for IPv4
2022-10-25T19:50:51Z INF ICMP proxy will use REDACTED in zone enp1s0 as source for IPv6
2022-10-25T19:50:51Z INF Warp-routing is enabled
2022-10-25T19:50:51Z INF Starting metrics server on 127.0.0.1:45977/metrics
2022-10-25T19:50:52Z INF Connection REDACTED registered connIndex=0 ip=198.41.200.193 location=WAW
2022-10-25T19:50:53Z INF Connection REDACTED registered connIndex=1 ip=198.41.192.27 location=FRA
2022-10-25T19:50:54Z INF Connection REDACTED registered connIndex=2 ip=198.41.200.23 location=WAW
2022-10-25T19:50:55Z INF Connection REDACTED registered connIndex=3 ip=198.41.192.107 location=FRA

Running as a service:

Oct 25 21:50:22 REDACTED systemd[1]: Starting cloudflared...
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Starting tunnel tunnelID=REDACTED
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Version 2022.10.2
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF GOOS: linux, GOVersion: go1.18.6, GoArch: amd64
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Settings: map[cred-file:/etc/cloudflared/REDACTED.json credentials-file:/etc/cloudflared/REDACTED.json no-autoupdate:true proxy-dns:true proxy-dns-port:5053 proxy-dns-upstream:[https://1.1.1.1/dns-query https://1.0.0.1/dns-query] token:*****]
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Adding DNS upstream url=https://1.1.1.1/dns-query
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Adding DNS upstream url=https://1.0.0.1/dns-query
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Starting DNS over HTTPS proxy server address=dns://localhost:5053
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF cloudflared will not automatically update if installed by a package manager.
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Generated Connector ID: REDACTED
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Will be fetching remotely managed configuration from Cloudflare API. Defaulting to protocol: quic
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Initial protocol quic
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF ICMP proxy will use 192.168.88.39 as source for IPv4
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF ICMP proxy will use REDACTED in zone enp1s0 as source for IPv6
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Warp-routing is enabled
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z INF Starting metrics server on 127.0.0.1:41547/metrics
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:22 REDACTED cloudflared[43456]: 2022-10-25T19:50:22Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:23 REDACTED cloudflared[43456]: 2022-10-25T19:50:23Z INF Retrying connection in up to 2s connIndex=0 ip=198.41.200.233
Oct 25 21:50:23 REDACTED cloudflared[43456]: 2022-10-25T19:50:23Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:23 REDACTED cloudflared[43456]: 2022-10-25T19:50:23Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:23 REDACTED cloudflared[43456]: 2022-10-25T19:50:23Z INF Retrying connection in up to 4s connIndex=0 ip=198.41.200.233
Oct 25 21:50:24 REDACTED cloudflared[43456]: 2022-10-25T19:50:24Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:24 REDACTED cloudflared[43456]: 2022-10-25T19:50:24Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:24 REDACTED cloudflared[43456]: 2022-10-25T19:50:24Z INF Retrying connection in up to 8s connIndex=0 ip=198.41.200.233
Oct 25 21:50:26 REDACTED cloudflared[43456]: 2022-10-25T19:50:26Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:26 REDACTED cloudflared[43456]: 2022-10-25T19:50:26Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:26 REDACTED cloudflared[43456]: 2022-10-25T19:50:26Z INF Retrying connection in up to 16s connIndex=0 ip=198.41.200.233
Oct 25 21:50:29 REDACTED cloudflared[43456]: 2022-10-25T19:50:29Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:29 REDACTED cloudflared[43456]: 2022-10-25T19:50:29Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.233
Oct 25 21:50:29 REDACTED cloudflared[43456]: 2022-10-25T19:50:29Z INF Retrying connection in up to 32s connIndex=0 ip=198.41.200.233

It seems crazy, I can’t really figure it out. Maybe you see something I don’t? Thank you in advance!

I tried everything from scratch (uninstalled cloudflared, wiped configuration files, etc.) and the result is the same. It’s crazy :frowning:

I would suggest looking at your service file and seeing if there is a difference between what it is running vs what you are running via the command line.