From 2beb2acc24587097e48d2cac0ca96b810d57b3e4 Mon Sep 17 00:00:00 2001 From: ed Date: Sun, 16 Feb 2025 18:59:18 +0000 Subject: [PATCH] readme: permanent cloudflare tunnel (#137) --- README.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/README.md b/README.md index a6f4195b..8feeb94a 100644 --- a/README.md +++ b/README.md @@ -94,6 +94,7 @@ turn almost any device into a file server with resumable uploads/downloads using * [reverse-proxy](#reverse-proxy) - running copyparty next to other websites * [real-ip](#real-ip) - teaching copyparty how to see client IPs * [reverse-proxy performance](#reverse-proxy-performance) + * [permanent cloudflare tunnel](#permanent-cloudflare-tunnel) - if you have a domain and want to get your copyparty online real quick * [prometheus](#prometheus) - metrics/stats can be enabled * [other extremely specific features](#other-extremely-specific-features) - you'll never find a use for these * [custom mimetypes](#custom-mimetypes) - change the association of a file extension @@ -183,6 +184,8 @@ first download [cloudflared](https://developers.cloudflare.com/cloudflare-one/co as the tunnel starts, it will show a URL which you can share to let anyone browse your stash or upload files to you +but if you have a domain, then you probably want to skip the random autogenerated URL and instead make a [permanent cloudflare tunnel](#permanent-cloudflare-tunnel) + since people will be connecting through cloudflare, run copyparty with `--xff-hdr cf-connecting-ip` to detect client IPs correctly @@ -1982,6 +1985,26 @@ in summary, `haproxy > caddy > traefik > nginx > apache > lighttpd`, and use uds * if these results are bullshit because my config exampels are bad, please submit corrections! +## permanent cloudflare tunnel + +if you have a domain and want to get your copyparty online real quick, either from your home-PC behind a CGNAT or from a server without an existing [reverse-proxy](#reverse-proxy) setup, one approach is to create a [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/) (formerly "Argo Tunnel") + +I'd recommend making a `Locally-managed tunnel` for more control, but if you prefer to make a `Remotely-managed tunnel` then this is currently how: + +* `cloudflare dashboard` » `zero trust` » `networks` » `tunnels` » `create a tunnel` » `cloudflared` » choose a cool `subdomain` and leave the `path` blank, and use `service type` = `http` and `URL` = `127.0.0.1:3923` + +* and if you want to just run the tunnel without installing it, skip the `cloudflared service install BASE64` step and instead do `cloudflared --no-autoupdate tunnel run --token BASE64` + +NOTE: since people will be connecting through cloudflare, as mentioned in [real-ip](#real-ip) you should run copyparty with `--xff-hdr cf-connecting-ip` to detect client IPs correctly + +config file example: + +```yaml +[global] + xff-hdr: cf-connecting-ip +``` + + ## prometheus metrics/stats can be enabled at URL `/.cpr/metrics` for grafana / prometheus / etc (openmetrics 1.0.0)