25 lines
1017 B
Markdown
25 lines
1017 B
Markdown
# README
|
|
Cloudflare infrastructure to (safely) expose the homelab services to the outside internet via [Cloudflare Zero Trust Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/).
|
|
|
|
## Initial Setup
|
|
0. (pre-req) Cloudflare account and a domain name
|
|
1. Transfer domain from registrar to Cloudflare by creating the NS records
|
|
- `NS lloyd.ns.cloudflare.com`
|
|
- `NS meadow.ns.cloudflare.com`
|
|
2. Create an [API token](https://developers.cloudflare.com/fundamentals/api/get-started/account-owned-tokens/) with the following access rules
|
|
- DNS:Edit
|
|
- Cloudflare Tunnel:Edit
|
|
- Zero Trust:Edit
|
|
- Access: Apps and Policies:Edit
|
|
|
|
## Usage
|
|
To add a new app/service and expose it:
|
|
|
|
0. (pre-req) have a `cloudflared` authorized and running
|
|
1. deploy the app
|
|
2. describe it in the [services](https://git.madunde.ad/madundead/homelab/src/branch/master/cloudflare/services/services.tf)
|
|
3. `tofu apply`
|
|
|
|
## TODO
|
|
- [ ] Automate token creation and/or deployment of `cloudflared`.
|