Cloudflare Tunnels on Raspberry Pi running OpenWrt

Hi,
I'm not sure if this is the right place to post this but here we go
I've created an install / uninstall script to setup a Cloudflare tunnel on an Rasberry Pi4 running as a OpenWrt router

I am going to start on a Luci app to make this easier to create and maintain Cloudflare tunnels

Please let me know if you find this useful or any changes

This script will quickly complete a full install of Cloudflare tunnel onto a Raspberry Pi running OpenWrt
The script pulls down the latest version of cloudflared and installs it

• sets up the service to run it
• creates the required config in the cloudflare console and system files
• sets up the service to check for new updates daily

Prerequisite:

• You have a active cloudflare account
• You have a domain with DNS managed via cloudflare
• you are logged into the cloudflare web console (time saver)

You should ask for a wiki account and add it there as well

Had some great feedback (thanks) and made some updates

Hi all
I updated the project to support cloudflare tunnels on Openwrt-x86

Hey all,
After an enhancement request, have added support for Web Managed Tunnels so the install now supports both methods

Thank you,

With this method If there is a new version for cloudflared I will get updated in /cgi-bin/luci/admin/system/opkg /updates ?

the install script manages the cloudflared agent updating automatically.

hope this helps?

You can install the Cloudflared with opkg https://github.com/Coralesoft/OpenwrtCloudflare/pull/18

@tmomas could you please update the wiki page that you created https://openwrt.org/docs/guide-user/services/vpn/cloudfare_tunnel

I recently had the opportunity to briefly review the installation process of Cloudflared using opkg. I observed that it mandates a specific yaml path and creates an init.d script confined to this path, along with other configurations which seem rather restrictive.

In contrast, my method seems to be more versatile and comprehensive, providing users with the option to configure using either approach. Additionally, I've found that managing these tunnels through the Cloudflare dashboard is generally more effective, as it allows for online configuration adjustments. It's noteworthy that Cloudflare offers a one-way conversion from Yaml to Console management, which is quite telling in itself.

Finally got around to adding an instructional wiki

wait, its confusing why you dont just use cloudflared from packages, as its current and in opkg installable format

Hi Dingo,

Thanks for your question. I understand why it might seem simpler to use the Cloudflared package available through opkg (which, by the way, was not available or working when I developed my method). Here are a few reasons why I developed this:

1. Configuration Flexibility: The opkg package for Cloudflared enforces a specific YAML path and creates an init.d script confined to this path, which can be quite restrictive. In contrast, my script provides users with the flexibility to choose between two configuration methods:

• Locally Managed Configuration: This allows users to manage all configurations directly on their device.
• Web Console Managed Configuration: This leverages the Cloudflare web console for real-time adjustments and management, which is Cloudflare’s preferred method.

2. Comprehensive Solution: My script does more than just install the daemon. It sets up the service, creates the necessary configuration files, and ensures the tunnel is running smoothly. Additionally, it includes an update service that checks for and installs the latest version of Cloudflared, keeping your installation up to date with the latest features and security patches.

3. User Preferences: By offering both local and web-managed options, my script caters to a wider range of user preferences. Some users prefer the control of local management, while others appreciate the convenience of web-based management.

4. Current Limitations of the opkg Package: The existing opkg package doesn't provide the same level of flexibility and is tied to a specific configuration method. Until the package is updated to offer more flexible configuration options, my method remains a more versatile and comprehensive solution.

Conclusion: My goal was to create a method that offers maximum flexibility and control, catering to different user needs and preferences. Ideally, the opkg package would be updated to install only the daemon, allowing users to configure it using their preferred method. Until then, my script remains a robust alternative for setting up Cloudflare tunnels on OpenWrt systems.

I did try to retire my repository, but the feedback indicated that the current implementation available was limited. Thus, it still exists today. I still maintain my GitHub repository as it is heavily used, and I'm happy to work with those who maintain the opkg package to bring this complete functionality.

For detailed instructions, you can refer to the installation guide on GitHub.

I hope this clarifies things for you as to why I chose to develop and maintain this alternative method. If you have any further questions or need assistance, feel free to reach out.

Cheers