For a self-hosted application with a valid SSL certificate and support for OAuth, what are the benefits that Cloudflare Access provides? From what I can tell, it also filters traffic to possibly block attacks? Can it even be used with a self-hosted app if you aren’t also running Cloudflare Tunnel? Is there a better alternative (that also integrates with major OAuth providers like Google, Github, etc) for self-hosters? Thanks for the help in understanding how this works.
I use it within my Kubernetes to expose services outsides my house, and then I use Azure AD to manage access.
I know this isn’t very self hosted, but for me where I have a dynamic IP and don’t want to play with port forwarding, it’s really good. Nice and easy especially with Kubernetes and the helm chart I wrote
Don’t you need to configure DDNS regardless? And port forwarding as well unless you went with tunnels?
For cloudflare tunnels no, it does a nat punch through I think it’s called, where it connects from inside your network out to 2 edge locations to cloudlfare, where it then can send traffic back and forwards.
If I wanted to expose by port forwarding, then yes you are correct, I could configure ddns.
Personally, I would configure my own version of DDNS where it’s just a cron job once every 5 minutes to run terraform and check if my public IP has changed, and if it has run an apply.
Does that answer the question?
Ye, I though tunnels needed a public ip still but it makes sense it doesn’t given there’s a service running in your network that can do that check
Whoa that’s a clever solution for ddns
There’s a great tiny little program/docker container called cf-ddns that is great for this