I’m recently migrating to using Cloudflare tunnels for personal use, and slowly getting things working. There is one part I haven’t succeeded in, however; that is migrating my previous Apache container to be routed through the tunnel.
This container was previously the reverse proxy for all my services. This role has now been replaced by the tunnel
It has a small number of basic web sites under subdomains (foo.mydomain.com, bar.mydomain.com)
I would like to now use the tunnel to sit between the internet and Apache, to access those sites with the same domains from the outside
I’ve currently done this by renaming the sites to have subdomains for the container:
foo.mydomain.com → foo.apache
bar.mydomain.com → bar.apache
Then the Docker shared network has these subdomains (foo.apache, bar.apache as aliases to the container apache). Then in my config.yml, I have something like:
cloudflared is also running in a container. If I use curl from that container, I can successfully get the correct sites from Apache:
curl http://foo.apache → expected HTML
curl http://bar.apache → expected HTML
So it seems like Apache can do what I want. The problem now is, when I then try to use the tunnel to access the public domains foo.mydomain.combar.mydomain.com from the internet, I don’t get the expected sites, and actually just get the Apache default sites.
curl https://foo.mydomain.com → Apache’s default site
curl https://bar.mydomain.com → Apache’s default site
So, once the tunnel is in play, the routing is broken. Can anyone help/suggest why that might be?
cloudflared container, connecting to the “outside”
Apache container hosting n number of sites on subdomains
Previously connected to the open internet through port 443. Now it’s behind the tunnel
The question is about how cloudflared can server the n number of sites. Any way would be fine, really, but it seems like something like the subdomain approach should be possible. It’s just that the tunnel seems to strip the information Apache needs to address the right site
I’m not sufficiently knowledgeable about how the HTTP works here, this may be something fairly obvious…
Preface: I’m not an expert in web servers but am running a similar setup
Can you just confirm that you tried routing both hostnames like the below, Apache serves 2 sites on foo.mydomain.com & bar.mydomain.com and it didn’t work:
The http traffic hitting Apache should contain the requested path and Apache will recognise that and route accordingly. In theory, the Cloudflare tunnel should be transparent when it comes to the traffic that it routes.
I admit that I’m using Traefik, not Apache but I have a fairly large number of subdomains all routed to the same traefik container in Docker and it works just fine without any network changes.
@asher thanks for your reply! Glad to hear you’re doing something similar. In my setup I was using subdomain aliases that point to the same apache host. As a test, I removed those, and just used the hostname, so my config is effectively the same as yours. Same effect - I only get the Apache default site (but I need to double check this).
I tailed other_vhosts_access.log for Apache, and noted that whatever subdomain I curl (through cloudflared) ends up requesting that same host. It could be that something is wrong in the Apache config (also not an expert!), so I’ll see if I can get more logging to work out what that might be
: