Nope, silly question. One need only install the command line version of cloudflared, located via the command line version installation instructions.
Another thing, though. Bit concerned that the remotely managed (on Cloudflare Zero Trust site) version of cloudflared appears to have full access to my home network.
Is this also true for the command line locally configured version of cloudflared? I’d certainly prefer that were not the case.
I know I can setup an http server as an endpoint, and have cloudflare expose and proxy this as a publicly available https service.
What I’d like to do, is have cloudflare expose and proxy both http and https services I have running, and to expose them publicly as publicly available http and https services, respectively.
At first, please cross-check and confirm if your Raspberry Pi is x64 or x32 and which xBit OS have you got installed via uname -m, if it displays armv7l, it’s a 32-bit system; if it shows aarch64, it’s a 64-bit system.
Should go with armhf instead, grab cloudflared-linux-armhf.deb since raspbian OS is Debian based and modify a bit the copy-pasted command from zero Trust dashboard (remote management), run it via sudo ... rest of the comand before ... dpkg -i cloudflared-linux-armhf.deb ... rest of the comand after ...:
The best and easiest to manage via Zero Trust dashboard.
Not really, you can block all ports and everything on the device, just have an Internet connection and serve an Web application over mydomain.com hostname with the desierd compatible and support HTTP(S) port only locally on the device, bound to the localhost, 127.0.0.1 or even 0.0.0.0.
Don’t do this from your home, even if you’ve got a public static IP address or DHCP.
Cloudflared Tunnel runs fine even with DHCP. No issues, no need to expose it.
Block all ports via UFW and add a custom SSH port, which you can also block from outside and serve it via ssh.mydomain.com in a Web browser rendered SSH for easier and secured management:
Even VNC browser-based can be done:
I use Zero Trust on 3 RPis, two running Debian 12 (Raspbian OS) and one on Debian 10 (Raspbian OS). All have SSH and VNC browser-render based, while ports blocked on the router via policy - so I can enter it via separate VLAN just in case locally.
Running on Pi 3B, but image will ultimately run on a Pi 4. Not really understanding the difference between armhf and arch64?
Got the remotely configured version working on the 3B, but both ~500-bytes/s download and ~500-bytes/s upload traffic to wan! cloudflared instances also chewing through ~10% of cpu on the 3B.
I’ll have to watch some videos on securing the whole setup. It worries me that anyone on the cloudflare end of the tunnel appears to be able to reach every device on my network.