starred/kvm

Fork 0

mirror of https://github.com/jetkvm/kvm.git synced 2026-03-02 22:58:00 -05:00

Add Cloudflared as Tunnel #312

New issue

Open

opened 2026-02-20 08:21:53 -05:00 by deekerman · 6 comments

deekerman commented

2026-02-20 08:21:53 -05:00

Owner

Originally created by @shedowe19 on GitHub (Jun 4, 2025).

https://github.com/cloudflare/cloudflared

Originally created by @shedowe19 on GitHub (Jun 4, 2025). https://github.com/cloudflare/cloudflared

deekerman added the

component: network

label

2026-02-20 08:21:53 -05:00

deekerman commented

2026-02-20 08:21:54 -05:00

Author

Owner

@shedowe19 commented on GitHub (Jun 4, 2025):

Adding Cloudflared as a service would significantly enhance the remote accessibility and security posture for JetKVM users. It would simplify exposing services for personal use, development, or small-scale hosting, leveraging Cloudflare's robust network infrastructure. This aligns well with modern secure access patterns (Zero Trust) and would be a valuable addition for users who wish to avoid direct exposure of their IP addresses or complex network configurations.

@shedowe19 commented on GitHub (Jun 4, 2025): Adding Cloudflared as a service would significantly enhance the remote accessibility and security posture for JetKVM users. It would simplify exposing services for personal use, development, or small-scale hosting, leveraging Cloudflare's robust network infrastructure. This aligns well with modern secure access patterns (Zero Trust) and would be a valuable addition for users who wish to avoid direct exposure of their IP addresses or complex network configurations.

deekerman commented

2026-02-20 08:21:54 -05:00

Author

Owner

@shedowe19 commented on GitHub (Jun 4, 2025):

And i will this for extra Settings then you must only Paste the Tunnel Token in the Field and the Tunnel are ready after save the Tunnel automaticaly connect

@shedowe19 commented on GitHub (Jun 4, 2025): And i will this for extra Settings then you must only Paste the Tunnel Token in the Field and the Tunnel are ready after save the Tunnel automaticaly connect

deekerman commented

2026-02-20 08:21:54 -05:00

Author

Owner

@ioctlsg commented on GitHub (Jun 11, 2025):

@shedowe19 have you try if this is possible? I have seen acticle on installing Tailscale on jekkvm.

@ioctlsg commented on GitHub (Jun 11, 2025): @shedowe19 have you try if this is possible? I have seen acticle on installing Tailscale on jekkvm.

deekerman commented

2026-02-20 08:21:54 -05:00

Author

Owner

@shedowe19 commented on GitHub (Jun 30, 2025):

@ym can you Add it?

Or its Not practicable?

@shedowe19 commented on GitHub (Jun 30, 2025): @ym can you Add it? Or its Not practicable?

deekerman commented

2026-02-20 08:21:54 -05:00

Author

Owner

@raypappa commented on GitHub (Aug 24, 2025):

On JetKVM

mkdir -p /userdata/cloudflared
cd /userdata/cloudflared
wget https://github.com/cloudflare/cloudflared/releases/download/2025.8.1/cloudflared-linux-armhf
chmod +x cloudflared-linux-armhf

On a different computer create tunnel and copy credentials to jetkvm

cloudflared tunnel create ${tunnel_name}
tunnel_id=$(cloudflared tunnel info -o json ${tunnel_name} | jq '.id' -r)
cat ~/.cloudflared/${tunnel_id}.json  | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/credentials.json'

create config

file ${jetkvm_host}.yaml

tunnel: $tunnel_id
credentials-file: /userdata/cloudflared/credentials.json
ingress:
  - hostname: $external_host
    service: http://localhost
  - service: http_status:404

copy config to jetkvm

cat ${jetkvm_host}.yaml  | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/config.yaml'

configure your access application

configure dns entry

cloudflared tunnel route dns ${tunnel_name} ${external_host}

start tunnel

./cloudflared-linux-armhf tunnel --config config.yaml run

There's loads to be improved in this workflow. I tried all 3 arm versions cloudflared provides, arm and armhf worked, arm64 didn't.

@raypappa commented on GitHub (Aug 24, 2025): 1. On JetKVM ```shell mkdir -p /userdata/cloudflared cd /userdata/cloudflared wget https://github.com/cloudflare/cloudflared/releases/download/2025.8.1/cloudflared-linux-armhf chmod +x cloudflared-linux-armhf ``` 1. On a different computer create tunnel and copy credentials to jetkvm ```shell cloudflared tunnel create ${tunnel_name} tunnel_id=$(cloudflared tunnel info -o json ${tunnel_name} | jq '.id' -r) cat ~/.cloudflared/${tunnel_id}.json | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/credentials.json' ``` 1. create config file `${jetkvm_host}.yaml` ```yaml tunnel: $tunnel_id credentials-file: /userdata/cloudflared/credentials.json ingress: - hostname: $external_host service: http://localhost - service: http_status:404 ``` 1. copy config to jetkvm ```shell cat ${jetkvm_host}.yaml | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/config.yaml' ``` 1. configure your access application 1. configure dns entry ```shell cloudflared tunnel route dns ${tunnel_name} ${external_host} ``` 1. start tunnel ```shell ./cloudflared-linux-armhf tunnel --config config.yaml run ``` There's loads to be improved in this workflow. I tried all 3 arm versions cloudflared provides, arm and armhf worked, arm64 didn't.

deekerman commented

2026-02-20 08:21:54 -05:00

Author

Owner

@heig commented on GitHub (Dec 26, 2025):

Thanks! That helped a lot setting it up. Works amazing.
If you want to setup a init.d Script make sure it's named as required - e.g. "S99cloudlared" and have a check in it, that the network is already up & running. e.g. this quick'n'dirty snippet

TIMEOUT=60
IF=eth0
t=0
while [ $t -lt $TIMEOUT ]; do
  IP4="$(ip -4 addr show "$IF" 2>/dev/null | awk '/inet /{print $2}' | cut -d/ -f1)"
  [ -n "$IP4" ] && break
  sleep 1
  t=$((t+1))
done
echo "$(date -Iseconds) IPv4 on $IF: ${IP4:-none}" >>"$LOG"


t=0
while [ $t -lt $TIMEOUT ]; do
  ip route | grep -q "^default " && break
  sleep 1
  t=$((t+1))
done
echo "$(date -Iseconds) default route: $(ip route | awk '/^default/{print $0}')" >>"$LOG"

On JetKVM
mkdir -p /userdata/cloudflared
cd /userdata/cloudflared
wget https://github.com/cloudflare/cloudflared/releases/download/2025.8.1/cloudflared-linux-armhf
chmod +x cloudflared-linux-armhf

On a different computer create tunnel and copy credentials to jetkvm
cloudflared tunnel create ${tunnel_name}
tunnel_id=$(cloudflared tunnel info -o json ${tunnel_name} | jq '.id' -r)
cat ~/.cloudflared/${tunnel_id}.json | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/credentials.json'

create config
file ${jetkvm_host}.yaml
tunnel: $tunnel_id
credentials-file: /userdata/cloudflared/credentials.json
ingress:

hostname: $external_host
service: http://localhost

service: http_status:404

copy config to jetkvm
cat ${jetkvm_host}.yaml | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/config.yaml'

configure your access application

configure dns entry
cloudflared tunnel route dns ${tunnel_name} ${external_host}

start tunnel

./cloudflared-linux-armhf tunnel --config config.yaml run
There's loads to be improved in this workflow. I tried all 3 arm versions cloudflared provides, arm and armhf worked, arm64 didn't.

@heig commented on GitHub (Dec 26, 2025): Thanks! That helped a lot setting it up. Works amazing. If you want to setup a init.d Script make sure it's named as required - e.g. "S99cloudlared" and have a check in it, that the network is already up & running. e.g. this quick'n'dirty snippet ``` TIMEOUT=60 IF=eth0 t=0 while [ $t -lt $TIMEOUT ]; do IP4="$(ip -4 addr show "$IF" 2>/dev/null | awk '/inet /{print $2}' | cut -d/ -f1)" [ -n "$IP4" ] && break sleep 1 t=$((t+1)) done echo "$(date -Iseconds) IPv4 on $IF: ${IP4:-none}" >>"$LOG" t=0 while [ $t -lt $TIMEOUT ]; do ip route | grep -q "^default " && break sleep 1 t=$((t+1)) done echo "$(date -Iseconds) default route: $(ip route | awk '/^default/{print $0}')" >>"$LOG" ``` > 1. On JetKVM > mkdir -p /userdata/cloudflared > cd /userdata/cloudflared > wget https://github.com/cloudflare/cloudflared/releases/download/2025.8.1/cloudflared-linux-armhf > chmod +x cloudflared-linux-armhf > 2. On a different computer create tunnel and copy credentials to jetkvm > cloudflared tunnel create ${tunnel_name} > tunnel_id=$(cloudflared tunnel info -o json ${tunnel_name} | jq '.id' -r) > cat ~/.cloudflared/${tunnel_id}.json | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/credentials.json' > 3. create config > file `${jetkvm_host}.yaml` > tunnel: $tunnel_id > credentials-file: /userdata/cloudflared/credentials.json > ingress: > - hostname: $external_host > service: http://localhost > - service: http_status:404 > 4. copy config to jetkvm > cat ${jetkvm_host}.yaml | ssh root@${jetkvm_host} 'cat > /userdata/cloudflared/config.yaml' > 5. configure your access application > 6. configure dns entry > cloudflared tunnel route dns ${tunnel_name} ${external_host} > 7. start tunnel > > ./cloudflared-linux-armhf tunnel --config config.yaml run > There's loads to be improved in this workflow. I tried all 3 arm versions cloudflared provides, arm and armhf worked, arm64 didn't.