Cloudflare Zero Trust

Refer to the following documentation for creation and management of Cloudflare services

Remote Access
External Access to Systems
Authentication, Access and Accounts

Zero Trust / Tunnels

The Cloudflare tunnel is a port-forwarding-less reverse proxy. The traffic is tunneled through Cloudflare servers reducing the risk of DDOS and other malicious attacks. Another advantage is that Cloudflare handles authentication, so its harder to brute force one of our internal services.

Flowchart

Tunnels

Internal

The Tunnels are hosted as Docker containers, on

Espresso
Americano
Fettuccine
Lasagna

This is to allow for load balancing / fail over when required.

External

Cola tunnel is hosted on the Vultr VPS 'Cola'

PreviousRemote Access NextUniFi - Wireguard

Last updated 7 months ago