For a self-hosted application with a valid SSL certificate and support for OAuth, what are the benefits that Cloudflare Access provides? From what I can tell, it also filters traffic to possibly block attacks? Can it even be used with a self-hosted app if you aren’t also running Cloudflare Tunnel? Is there a better alternative (that also integrates with major OAuth providers like Google, Github, etc) for self-hosters? Thanks for the help in understanding how this works.

  • chin_waghing@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    For cloudflare tunnels no, it does a nat punch through I think it’s called, where it connects from inside your network out to 2 edge locations to cloudlfare, where it then can send traffic back and forwards.

    If I wanted to expose by port forwarding, then yes you are correct, I could configure ddns.

    Personally, I would configure my own version of DDNS where it’s just a cron job once every 5 minutes to run terraform and check if my public IP has changed, and if it has run an apply.

    Does that answer the question?

    • 2treesandatiger@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Ye, I though tunnels needed a public ip still but it makes sense it doesn’t given there’s a service running in your network that can do that check

    • bdonvrA
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      There’s a great tiny little program/docker container called cf-ddns that is great for this