I read a comment on here some time ago where the person said they were using cloudflared to expose some of their self-hosted stuff to the Internet so they can access it remotely.
I am currently using it to expose my RSS feed reader, and it works out fine. I also like the simplicity of Cloudflare’s other offerings.
Any thoughts on why cloudflared is not a good idea? What alternatives would you suggest? How easy/difficult are they to setup?
Using CloudFlare and using the cloudflared tunnel service aren’t necessarily the same thing.
For instance, I used cloudflared to proxy my Pihole servers’ requests to CF’s DNSoHTTPS servers, for maximum DNS privacy. Yes, I’m trusting CF’s DNS servers, but I need to trust an upstream DNS somewhere, and it’s not going to be Google’s or my ISP’s.
I used CloudFlare to proxy access to my private li’l Lemmy instance, as I don’t want to expose the IP address I host it on. That’s more about privacy than security.
For the few self-hosted services I expose on the internet (Home Assistant being a good example), I don’t even both with CF at all. use Nginx Proxy Manager and Authelia, providing SSL I control, enforcing a 2FA policy I administer.
Actually you dont need to trust a upstream DNS server. Checkout dnscrypt-proxy in github. You can use dnscrypt with Anonymized DNS relays. You can use the IP of this dnscrypt-proxy as your DNS resolver.
Yeah, I cam across this project a few months ago, and got distracted before wrapping my head around the architecture. Another weekend project to try out!