For a self-hosted application with a valid SSL certificate and support for OAuth, what are the benefits that Cloudflare Access provides? From what I can tell, it also filters traffic to possibly block attacks? Can it even be used with a self-hosted app if you aren’t also running Cloudflare Tunnel? Is there a better alternative (that also integrates with major OAuth providers like Google, Github, etc) for self-hosters? Thanks for the help in understanding how this works.

  • chin_waghing@alien.topB
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    I use it within my Kubernetes to expose services outsides my house, and then I use Azure AD to manage access.

    I know this isn’t very self hosted, but for me where I have a dynamic IP and don’t want to play with port forwarding, it’s really good. Nice and easy especially with Kubernetes and the helm chart I wrote

      • chin_waghing@alien.topB
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        For cloudflare tunnels no, it does a nat punch through I think it’s called, where it connects from inside your network out to 2 edge locations to cloudlfare, where it then can send traffic back and forwards.

        If I wanted to expose by port forwarding, then yes you are correct, I could configure ddns.

        Personally, I would configure my own version of DDNS where it’s just a cron job once every 5 minutes to run terraform and check if my public IP has changed, and if it has run an apply.

        Does that answer the question?

        • bdonvr@thelemmy.club
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          11 months ago

          There’s a great tiny little program/docker container called cf-ddns that is great for this