Puppetserver with Cloudflared Tunnel

Hello guys,
i want to run puppet on my infrastructure an have some problems / or more, I am confused.
Puppetagent (Send https://puppetserver.example.com:8140) → Internet → Cloudflare → Cloudflared Tunnel → TunnelVM → Puppetserver

Puppetagent always sends requests with ports.
Can i have a single domain/hostname inside my tunnel and open this domain (for example with my browser) with different ports like: https://puppetserver.example.com:8140 or https://puppetserver.example.com:8081 or https://puppetserver.example.com:8143

I mean, can i open the connection with my domain->tunnel and send my port to open the service under this port? Is this possible if you have a service with more than one port but the same domain is required (Web, API …)

  1. Can you give me a ideas how i can get this working?

Thank you very much

I wonder if it’s even possible to run Puppet server behind Cloudflare. Does it not also require mTLS which will break?