Cloudflare on marktaguiad.dev https://marktaguiad.dev/tags/cloudflare/ Recent content in Cloudflare on marktaguiad.dev Hugo en-us marktaguiad@marktaguiad.dev (Mark Taguiad) marktaguiad@marktaguiad.dev (Mark Taguiad) marktaguiad.dev Sun, 17 May 2026 00:00:00 +0000 Secure Reverse Proxying Behind NAT Using WireGuard and Caddy https://marktaguiad.dev/post/tun-wg-cad-cf/ Sun, 17 May 2026 00:00:00 +0000marktaguiad@marktaguiad.dev (Mark Taguiad) https://marktaguiad.dev/post/tun-wg-cad-cf/ <p>I’m migrating my existing reverse proxy and TLS termination setup from Pangolin to a simpler and more flexible architecture using Caddy and WireGuard.</p> <h1 id="table-of-contents">Table of Contents</h1> <nav id="TableOfContents"> <ol> <li><a href="#prerequisite">Prerequisite</a></li> <li><a href="#vps-public-ip">VPS (Public IP)</a></li> <li><a href="#wireguard-peer-local-server">Wireguard Peer (Local Server)</a></li> <li><a href="#caddy-vps">Caddy (VPS)</a></li> <li><a href="#docker-network">Docker Network</a></li> </ol> </nav> <h3 id="prerequisite">Prerequisite</h3> <ul> <li>Server with public IP</li> <li>Local Server (NAT or CGNAT)</li> <li>Domain from Cloudflare</li> </ul> <h3 id="vps-public-ip">VPS (Public IP)</h3> <p>Install Wireguard.</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="ln">1</span><span class="cl">sudo apt update </span></span><span class="line"><span class="ln">2</span><span class="cl">sudo apt install wireguard resolvconf -y </span></span></code></pre></div><p>Create private key, public key and remove unnecessary permissions from the keys.</p> Reverse Tunneled Proxy with Cloudflared https://marktaguiad.dev/post/cloudflared-docker/ Sat, 03 Jan 2026 00:00:00 +0000marktaguiad@marktaguiad.dev (Mark Taguiad) https://marktaguiad.dev/post/cloudflared-docker/ <p>If you bought your domain in Cloudflare and broke just like me, then you can enjoy some of the free privileges like cloudflared which can tunnel your application to the cloud. This also handles TLS certificate and renewal.</p> <h1 id="table-of-contents">Table of Contents</h1> <nav id="TableOfContents"> <ol> <li><a href="#requirements">Requirements</a></li> <li><a href="#server-setup">Server Setup</a></li> <li><a href="#https-proxy-route">HTTPS Proxy Route</a></li> <li><a href="#ssh-proxy-route">SSH Proxy Route</a></li> <li><a href="#kubernetes">Kubernetes</a></li> </ol> </nav> <h3 id="requirements">Requirements</h3> <p>A domain in Cloudflare and a server who has access in the internet.</p> <h3 id="server-setup">Server Setup</h3> <p>Navigate to your <a href="https://dash.cloudflare.com/">dashboard</a>, click on Zero Trust - Networks - Connectors. Now create tunnel, select type as Cloudflared. Depending on the system you&rsquo;re using, but in my case I will be selecting Docker. For now copy the token, like we did in Pangolin setup, we need to create a externel Docker network.</p>