[HELP] vaultwarden+cloudflared with docker compose

ram@lemmy.ca to Selfhosted@lemmy.world – 3 points –

I'm used to cloudflared CLI, and would prefer to keep the config files server-side.

My docker-compose.yml file is:

version: '3.9'
services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    environment:
      - WEBSOCKET_ENABLED=true
    volumes:
      - ./vw-data:/data
  tunnel:
    container_name: cloudflared-tunnel
    image: cloudflare/cloudflared
    restart: always
    command: tunnel --config /etc/.cloudflared/config.yml run
    volumes:
        - ./cloudflared:/etc/.cloudflared

My config.yml is:

tunnel: [tunnelid]
credentials-file: /etc/.cloudflared/[tunnelid].json
ingress:
 - hostname: [mydomain]
   service: http://localhost:80
 - service: http_status:404

I've noticed online people setting an env variable TUNNEL_TOKEN, but since I'm using self-hosted files, my token is a cert.pem.

Another issue however is that when I run this and try to browse to the page, I get the error ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 127.0.0.1:80: connect: connection refused.

Any assistance would be beloved ♥

5

Out of curiosity: why are you putting vaultwarden behind a cloudflare tunnel?

My ISP blocks ports 80 and 443. Cloudflare tunnelling was the only workaround I could figure to get web interfaces working ^^

That's a shitty ISP. Why the fuck do they tell you how you operate your access to the interwebz?!

It's against their TOS to use it for a webserver 🥴