For a self-hosted application with a valid SSL certificate and support for OAuth, what are the benefits that Cloudflare Access provides? From what I can tell, it also filters traffic to possibly block attacks? Can it even be used with a self-hosted app if you aren’t also running Cloudflare Tunnel? Is there a better alternative (that also integrates with major OAuth providers like Google, Github, etc) for self-hosters? Thanks for the help in understanding how this works.

    • chin_waghing@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      For cloudflare tunnels no, it does a nat punch through I think it’s called, where it connects from inside your network out to 2 edge locations to cloudlfare, where it then can send traffic back and forwards.

      If I wanted to expose by port forwarding, then yes you are correct, I could configure ddns.

      Personally, I would configure my own version of DDNS where it’s just a cron job once every 5 minutes to run terraform and check if my public IP has changed, and if it has run an apply.

      Does that answer the question?

      • 2treesandatiger@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Ye, I though tunnels needed a public ip still but it makes sense it doesn’t given there’s a service running in your network that can do that check

      • bdonvrA
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        There’s a great tiny little program/docker container called cf-ddns that is great for this