I got it to run.
I try to explain simply what I did:
- Headless install isn't possible anymore. And you need a domain in Cloudflare.
Download cloudflared for your operating system with a browser on it. Downloads can be found here: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/
- On Windows start powershell and switch where you downloaded the file:
> cd C:\Users\Sascha\Downloads
> .\cloudflared-windows-amd64.exe version
cloudflared version 2022.3.1 (built 2022-03-07-1648 UTC)
- run following commands to generate the cert:
.\cloudflared-windows-amd64.exe tunnel login
You will see something like that in the output and your default browser should automacilly opened ip. If not, copy the URI and enter it manually.
> .\cloudflared-windows-amd64.exe tunnel login
A browser window should have opened at the following URL:
https://dash.cloudflare.com/argotunnel?callback=https%3A%2F%2Flogin.cloudflareaccess.org%2FnaLFvrre1Cp14FdlBwqAfMaEM6qPXxxxxxxxxxxxxxx%3D
If the browser failed to open, please visit the URL above directly in your browser.
-
The opened window should look like this:
(screenshot placeholder)
-
After the authorize the following output should come:
You have successfully logged in.
If you wish to copy your credentials to a server, they have been saved to:
C:\Users\Sascha\.cloudflared\cert.pem
Upload this file and move it to /etc/cloudflare/cert.pem
(root permissions required)
- Then you can go on on your headless machine:
$ sudo cloudflared tunnel create pihole
Tunnel credentials written to /etc/cloudflared/1d1261e0-xxxx-xxxx-xxxx-xxxxxxxxxxxxx.json. cloudflared chose this file based on where your origin certificate was found. Keep this file secret. To revoke these credentials, delete the tunnel.
Created tunnel pihole with id 1d1261e0-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
Tunnel Token: eyJhIjoiMzU0YzcyZGZlYTkzZjlhODA1OTY2ZjEzOWE3Mjk4YzMiLCJ0IjoiMWQxMjYxZTAtYjEzZC00NTM2Lxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
- Then edit the config file:
tunnel: 1d1261e0-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
credentials-file: /etc/cloudflared/1d1261e0-xxxx-xxxx-xxxx-xxxxxxxxxxxxx.json
proxy-dns: true
proxy-dns-port: 5053
proxy-dns-upstream:
- https://1.1.1.1/dns-query
- https://1.0.0.1/dns-query
- https://[2606:4700:4700::1111]/dns-query
- https://[2606:4700:4700::1001]/dns-query
- An normal start works now and redirects DNS traffic:
$ sudo cloudflared --config /etc/cloudflared/config.yml tunnel run
2022-03-11T10:01:13Z INF Starting tunnel tunnelID=1d1261e0-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
2022-03-11T10:01:13Z INF Version 2022.3.1
2022-03-11T10:01:13Z INF GOOS: linux, GOVersion: go1.17.5, GoArch: arm64
2022-03-11T10:01:13Z INF Settings: map[proxy-dns:true proxy-dns-port:5053 proxy-dns-upstream:[https://1.1.1.1/dns-query https://1.0.0.1/dns-query https://[2606:4700:4700::1111]/dns-query https://[2606:4700:4700::1001]/dns-query]]
2022-03-11T10:01:13Z INF Adding DNS upstream url=https://1.1.1.1/dns-query
2022-03-11T10:01:13Z INF Adding DNS upstream url=https://1.0.0.1/dns-query
2022-03-11T10:01:13Z INF Adding DNS upstream url=https://[2606:4700:4700::1111]/dns-query
2022-03-11T10:01:13Z INF Adding DNS upstream url=https://[2606:4700:4700::1001]/dns-query
2022-03-11T10:01:13Z INF Starting DNS over HTTPS proxy server address=dns://localhost:5053
2022-03-11T10:01:13Z INF cloudflared will not automatically update when run from the shell. To enable auto-updates, run cloudflared as a service: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/run-tunnel/as-a-service/
2022-03-11T10:01:13Z INF Generated Connector ID: b74a38d2-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
2022-03-11T10:01:13Z INF Initial protocol http2
2022-03-11T10:01:13Z INF Starting metrics server on 127.0.0.1:44611/metrics
2022-03-11T10:01:14Z INF Connection 723de50b-6f89-4f7a-808b-4171271659f7 registered connIndex=0 location=AMS
2022-03-11T10:01:15Z INF Connection 6247f312-09f0-4e32-ac69-a4770aee541f registered connIndex=1 location=TXL
2022-03-11T10:01:16Z INF Connection 8f297940-e3f0-434b-89f2-23662c12f57d registered connIndex=2 location=AMS
2022-03-11T10:01:17Z INF Connection 55ebaac5-89ae-4fc1-bfa6-56e5201030db registered connIndex=3 location=TXL
- The command
sudo cloudlfared service install
works now like a charm
$ sudo cloudflared service install
2022-03-11T10:05:18Z INF Using Systemd
2022-03-11T10:05:18Z INF systemctl daemon-reload
pi@raspberrypi:~ $ sudo service cloudflared start
pi@raspberrypi:~ $ sudo service cloudflared status
โ cloudflared.service - Cloudflare Tunnel
Loaded: loaded (/etc/systemd/system/cloudflared.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2022-03-11 11:45:03 CET; 3s ago
Main PID: 20000 (cloudflared)
Tasks: 10 (limit: 8986)
CPU: 301ms
CGroup: /system.slice/cloudflared.service
โโ20000 /usr/local/bin/cloudflared --no-autoupdate --config /etc/cloudflared/config.yml tunnel run
Mar 11 11:45:02 raspberrypi cloudflared[20000]: 2022-03-11T10:45:02Z INF Adding DNS upstream url=https://[2606:4700:4700::1001]/dns-query
Mar 11 11:45:02 raspberrypi cloudflared[20000]: 2022-03-11T10:45:02Z INF Starting DNS over HTTPS proxy server address=dns://localhost:5053
Mar 11 11:45:02 raspberrypi cloudflared[20000]: 2022-03-11T10:45:02Z INF Generated Connector ID: 7ec871d3-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
Mar 11 11:45:02 raspberrypi cloudflared[20000]: 2022-03-11T10:45:02Z INF Initial protocol http2
Mar 11 11:45:03 raspberrypi cloudflared[20000]: 2022-03-11T10:45:03Z INF Starting metrics server on 127.0.0.1:44257/metrics
Mar 11 11:45:03 raspberrypi cloudflared[20000]: 2022-03-11T10:45:03Z INF Connection 7ac4c1a1-559e-4d76-98c1-817c6d0cf330 registered connIndex=0 location=AMS
Mar 11 11:45:03 raspberrypi systemd[1]: Started Cloudflare Tunnel.
Mar 11 11:45:04 raspberrypi cloudflared[20000]: 2022-03-11T10:45:04Z INF Connection c2aead71-6a17-4e40-a627-81b15863d507 registered connIndex=1 location=TXL
Mar 11 11:45:05 raspberrypi cloudflared[20000]: 2022-03-11T10:45:05Z INF Connection 4aaafa40-f113-49a4-b997-459c34206f0e registered connIndex=2 location=AMS
Mar 11 11:45:06 raspberrypi cloudflared[20000]: 2022-03-11T10:45:06Z INF Connection 8be70431-79b4-489d-a1c9-62d7f15f1170 registered connIndex=3 location=TXL