d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
cb47cce074da46f3ce5910b752d435c4a3ee87d0
proxmox/docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_CONFIGURATION_GUIDE.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

4.6 KiB
Raw Blame History

Cloudflare Tunnel Configuration Guide

Tunnel ID: 10ab22da-8ea3-4e2e-a896-27ece2211a05
Status: Currently DOWN - Needs Configuration
Purpose: Route all services through central Nginx (VMID 105)

Current Status

From the Cloudflare dashboard, the tunnel rpc-http-pub.d-bis.org is showing as DOWN. This tunnel needs to be configured to route all hostnames to the central Nginx.

Configuration Steps

1. Access Tunnel Configuration

  1. Go to: https://one.dash.cloudflare.com/
  2. Navigate to: Zero TrustNetworksTunnels
  3. Click on the tunnel: rpc-http-pub.d-bis.org (Tunnel ID: 10ab22da-8ea3-4e2e-a896-27ece2211a05)
  4. Click Configure button

2. Configure Public Hostnames

In the Public Hostnames section, configure all hostnames to route to the central Nginx:

Target: http://192.168.11.21:80

Required Hostname Configurations:

Hostname Service Type Target
explorer.d-bis.org HTTP http://192.168.11.21:80
rpc-http-pub.d-bis.org HTTP http://192.168.11.21:80
rpc-ws-pub.d-bis.org HTTP http://192.168.11.21:80
rpc-http-prv.d-bis.org HTTP http://192.168.11.21:80
rpc-ws-prv.d-bis.org HTTP http://192.168.11.21:80
dbis-admin.d-bis.org HTTP http://192.168.11.21:80
dbis-api.d-bis.org HTTP http://192.168.11.21:80
dbis-api-2.d-bis.org HTTP http://192.168.11.21:80
mim4u.org HTTP http://192.168.11.21:80
www.mim4u.org HTTP http://192.168.11.21:80

3. Configuration Details

For each hostname:

  1. Subdomain: Enter the subdomain (e.g., explorer, rpc-http-pub)
  2. Domain: Select d-bis.org (or enter mim4u.org for those domains)
  3. Service: Select HTTP
  4. URL: Enter 192.168.11.21:80
  5. Save the configuration

4. Add Catch-All Rule (Optional but Recommended)

Add a catch-all rule at the end:

  • Service: HTTP 404: Not Found
  • This handles any unmatched hostnames

Expected Configuration (YAML Format)

The tunnel configuration should look like this:

ingress:
  # Explorer
  - hostname: explorer.d-bis.org
    service: http://192.168.11.21:80
  
  # RPC Public
  - hostname: rpc-http-pub.d-bis.org
    service: http://192.168.11.21:80
  
  - hostname: rpc-ws-pub.d-bis.org
    service: http://192.168.11.21:80
  
  # RPC Private
  - hostname: rpc-http-prv.d-bis.org
    service: http://192.168.11.21:80
  
  - hostname: rpc-ws-prv.d-bis.org
    service: http://192.168.11.21:80
  
  # DBIS Services
  - hostname: dbis-admin.d-bis.org
    service: http://192.168.11.21:80
  
  - hostname: dbis-api.d-bis.org
    service: http://192.168.11.21:80
  
  - hostname: dbis-api-2.d-bis.org
    service: http://192.168.11.21:80
  
  # Miracles In Motion
  - hostname: mim4u.org
    service: http://192.168.11.21:80
  
  - hostname: www.mim4u.org
    service: http://192.168.11.21:80
  
  # Catch-all
  - service: http_status:404

After Configuration

  1. Save the configuration in Cloudflare dashboard
  2. Wait 1-2 minutes for the tunnel to reload
  3. Check tunnel status - it should change from DOWN to HEALTHY
  4. Test endpoints: 
    curl https://explorer.d-bis.org/api/v2/stats
curl -X POST https://rpc-http-pub.d-bis.org \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}'

Troubleshooting

Tunnel Still DOWN After Configuration

  1. Check cloudflared service:

    ssh root@192.168.11.12 "pct exec 102 -- systemctl status cloudflared"

  2. Check tunnel logs:

    ssh root@192.168.11.12 "pct exec 102 -- journalctl -u cloudflared -n 50"

  3. Verify Nginx is accessible:

    curl http://192.168.11.21:80

  4. Restart cloudflared (if needed):

    ssh root@192.168.11.12 "pct exec 102 -- systemctl restart cloudflared"

Service Not Routing Correctly

  1. Verify Nginx configuration on VMID 105:

    ssh root@192.168.11.12 "pct exec 105 -- cat /data/nginx/custom/http.conf"

  2. Test Nginx routing directly:

    curl -H "Host: explorer.d-bis.org" http://192.168.11.21/

  3. Check Nginx logs:

    ssh root@192.168.11.12 "pct exec 105 -- tail -f /data/logs/fallback_error.log"

Notes

  • Central Nginx IP: 192.168.11.21 (VMID 105)
  • Central Nginx Port: 80 (HTTP)
  • All SSL/TLS termination: Handled by Cloudflare
  • Internal routing: Nginx routes based on Host header to appropriate internal services

Last Updated: December 27, 2025

Reference in New Issue View Git Blame Copy Permalink