cb47cce074
- Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards.
3.2 KiB
3.2 KiB
How to Get Cloudflare Tunnel Credentials
The Problem
cloudflared tunnel token doesn't work for existing tunnels. For existing tunnels created via API, you need to use credentials files (JSON format), not tokens.
Solution: Download from Cloudflare Dashboard
Step 1: Access Cloudflare Dashboard
- Go to: https://one.dash.cloudflare.com/
- Navigate to: Zero Trust > Networks > Tunnels
- You should see your 3 tunnels:
tunnel-ml110(ID:ccd7150a-9881-4b8c-a105-9b4ead6e69a2)tunnel-r630-01(ID:4481af8f-b24c-4cd3-bdd5-f562f4c97df4)tunnel-r630-02(ID:0876f12b-64d7-4927-9ab3-94cb6cf48af9)
Step 2: Download Credentials for Each Tunnel
For each tunnel:
- Click on the tunnel name
- Click "Configure" tab
- Scroll to "Local Management" section
- Click "Download credentials file"
- Save the file as:
credentials-ml110.jsoncredentials-r630-01.jsoncredentials-r630-02.json
Step 3: Use the Credentials
The credentials file format looks like:
{
"AccountTag": "52ad57a71671c5fc009edf0744658196",
"TunnelSecret": "base64-encoded-secret-here",
"TunnelID": "ccd7150a-9881-4b8c-a105-9b4ead6e69a2",
"TunnelName": "tunnel-ml110"
}
Step 4: Copy to VMID 102
Once you have the credentials files, run:
cd /home/intlc/projects/proxmox/scripts/cloudflare-tunnels
./scripts/generate-credentials.sh
This script will:
- Prompt you for each credentials file path
- Validate the JSON format
- Copy to VMID 102 at
/etc/cloudflared/credentials-<name>.json - Update config files with correct paths
- Set proper permissions (600)
Alternative: Manual Copy
If you prefer to copy manually:
# From your local machine (where you downloaded credentials)
scp credentials-ml110.json root@192.168.11.10:/tmp/
scp credentials-r630-01.json root@192.168.11.10:/tmp/
scp credentials-r630-02.json root@192.168.11.10:/tmp/
# Then on Proxmox host
ssh root@192.168.11.10
pct push 102 /tmp/credentials-ml110.json /etc/cloudflared/credentials-ml110.json
pct push 102 /tmp/credentials-r630-01.json /etc/cloudflared/credentials-r630-01.json
pct push 102 /tmp/credentials-r630-02.json /etc/cloudflared/credentials-r630-02.json
pct exec 102 -- chmod 600 /etc/cloudflared/credentials-*.json
Verify
After copying credentials:
ssh root@192.168.11.10 "pct exec 102 -- ls -la /etc/cloudflared/"
You should see:
credentials-ml110.jsoncredentials-r630-01.jsoncredentials-r630-02.jsontunnel-ml110.ymltunnel-r630-01.ymltunnel-r630-02.yml
Start Services
Once credentials are in place:
ssh root@192.168.11.10 "pct exec 102 -- systemctl start cloudflared-ml110 cloudflared-r630-01 cloudflared-r630-02"
ssh root@192.168.11.10 "pct exec 102 -- systemctl enable cloudflared-*"
Why Not Tokens?
- Tokens are used for new tunnels created via
cloudflared tunnel create - Credentials files are used for existing tunnels (created via API or dashboard)
- Our tunnels were created via API, so we need credentials files, not tokens