How to redirect or use www with cloudflare argo tunnel

Hey I am trying setup a production website with argo tunnel and what should be the config for argo tunnel. The hostname I put is www.cloudcreatr.com and do I need to redirect from nginx side to non www to www or make a page rule for it.

Alos when I try to add a dns route through cli I get this

Cloudflare config

tunnel: id
credentials-file: /home/cloudcreatr/.cloudflared/id.json
loglevel: info
protocol: quic
originRequest:
  connectTimeout: 30s


ingress:
  - hostname: www.cloudcreatr.com
    service: https://localhost:443
    originRequest:
      connectTimeout: 10s
      originServerName: www.cloudcreatr.com
      noTLSVerify: true

  - service: http_status:404
warp-routing:
  enabled: true

After adding from dashboard it says this

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name www.cloudcreatr.com;

    ssl_certificate /etc/ssl/cert.pem;
    ssl_certificate_key /etc/ssl/key.pem;

    access_log /home/cloudcreatr/cloudcreatr.com/logs/access.log;
    error_log /home/cloudcreatr/cloudcreatr.com/logs/error.log;

    root /home/cloudcreatr/cloudcreate.com/public;
    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php/php8.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name cloudcreatr.com;

    ssl_certificate /etc/ssl/cert.pem;
    ssl_certificate_key /etc/ssl/key.pem;

    return 301 https://www.cloudcreatr.com$request_uri;
}

server {
    listen 80;
    listen [::]:80;

    server_name cloudcreatr.com;

    return 301 https://www.cloudcreatr.com$request_uri;
}

This my nginx server block for the website. If you could suggest some changes accordingly to cloudflare argo tunnel and redirects it would be great help. Also there is s redirect to www and https above

You could check the DNS configuration in the Cloudflare dashboard and see what the www and @ records look like there. If you only have one of them, pointing to a cfargotunnel.com address (“Content”), then you can simply add the missing record with the same information (different record name obviously).

You can then add another “ingress” entry for the bare domain to your tunnel config. Then it’s up to your NGINX configuration what will happen - forward, serve the website…

Alternatively, you do the redirect from the bare domain to www or the other way around on the Cloudflare side using a page rule. DNS records need to exist, but you probably only need one of the domains (bare or www) under “ingress” in your tunnel config. For the domain you decide not to tunnel, I guess you could make that an AAAA DNS record with Content 100:: (not entirely sure about this one, but that’s how you do it for Workers when there isn’t really an origins server). I mean, if the redirect covers the entire subdomain, that subdomain doesn’t need to point to the origin.

CNAME flattening at the root (@) is fine by the way.

Currently your DNS record cloudcreatr.com is already pointing to 85bdf984-f2e3-4353-a94b-705ae8561e4d.cfargotunnel.com (where 85bdf984-f2e3-4353-a94b-705ae8561e4d is your “ccm” tunnel).

I’ve reported internally the error you faced — since that should never happen anyway regardless — and it will be addressed.

1 Like

I have CName record from www to root

There’s two way I guess. First

Cloudflare edge (redirect to www and or gets request to www) → cloudflared Argo tunnel (receives www request ) → nginx gives the file (for www)

Second

Cloudflare edge (bare domain request) → cloudflared Argo tunnel (bare domain request) → nginx gives the file (redirect to www and servis file.)

Am I Correct :blush:

I added it manually

I guess it happened because I had revoked all the api from dashboard but if that’s the case I can add other routes other than root

That sounds about right. You can essentially decide whether to redirect in Cloudflare or at the origin.

I decided not use www and go with bare domain. If anyone is deciding to use cloudflare redirecting then I guess you will be saving some resources

Today I faced the issue again on a fresh install of Ubuntu

I can add other route but the root can not be added so I added it through dashboard.

That’s expected, we haven’t yet deployed the fix for that.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.