Bumpped into this video by Crosstalk and another one by NetworkChuck about exposing your local (home) service to internet through Cloudflare Tunnel, without exposing your home network. Super cool!

Prerequisite

You will need a domain name. I got one from Cloudflare which is super cheap (at-cost).

Installation on Kubernetes

The videos from Crosstalk and NetworkChuck have provided pretty detailed instructions on how to setup Cloudflared Tunnel for the home network. Here I will only cover the part to run the cloudflared container on the Kubernetes cluster.

First, create a namespace for cloudflare

1
2
3
4
apiVersion: v1
kind: Namespace
metadata:
  name: cloudflare

Create a secret for the token

1
2
k -n cloudflare create secret generic cloudflared-token \
	--from-literal='token=<TOKEN-STRING>'

Finally, create the deployment for cloudflared

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
apiVersion: apps/v1
kind: Deployment
metadata:
  name: cloudflare
  namespace: cloudflare
spec:
  selector:
    matchLabels:
      app: cloudflare
  replicas: 1
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    metadata:
      labels:
        app: cloudflare
    spec:
      containers:
      - name: cloudflared
        image: cloudflare/cloudflared:2023.4.2
        imagePullPolicy: IfNotPresent
        env:
        - name: CLOUDFLARED_TOKEN
          valueFrom:
            secretKeyRef:
              name: cloudflared-token
              key: token
        args:
        - "tunnel"
        - "--no-autoupdate"
        - "run"
        - "--token"
        - "$(CLOUDFLARED_TOKEN)"

That’s it.

Reference