DEV Community: Tan

From localhost:3000 to the World: Deploying Your Dockerized Website with Cloudflared + Traefik

Tan — Wed, 09 Jul 2025 17:52:16 +0000

“When you send your localhost link to a friend...”

You’ve built an amazing website. It's sleek, fast, and maybe even running on localhost:3000. You're proud of it. So you share it with a friend… and they hit you with:

"Bro, I can't open localhost:3000."

Yep, we've all been that donkey.

Let’s fix that by taking your Dockerized app, pushing it to Docker Hub, then deploying it with Traefik and Cloudflared—securely accessible over the web.

✅ Prerequisites: Your app is Dockerized and you’ve already set up Cloudflared tunnels and domain.

👉 Not done yet? Check this guide first: How to Set Up Cloudflared Tunnel
💡 Note: You’ll need a custom domain (typically ~$10/year), but everything else Cloudflared, Traefik, Docker is completely free.

Architecture Overview

Why Cloudflared?

No need to expose ports.
Free SSL via Cloudflare.
Keeps your server safe behind Cloudflare’s edge.

Why Traefik?

Automatically routes traffic to your containers.
Manages HTTPS certificates.
Great for multi-container setups.

Step 1: Push Your Dockerized App to Docker Hub

Let’s make your app globally available.

1.1. Build the Docker Image

docker build -t your-dockerhub-username/your-app-name:latest .

1.2. Log in to Docker Hub

docker login

1.3. Push the Image

docker push your-dockerhub-username/your-app-name:latest

Step 2: Define Docker Compose for Deployment

version: '3.8'

services:
   traefik:
    image: traefik:v3.4
    container_name: traefik
    restart: always
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--entrypoints.web.address=:80"
    ports:
      - "80:80"
      - "8181:8181" # dashboard Traefik
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  my-app:
    image: your-dockerhub-username/your-app-name:latest
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.myapp.rule=Host(`app1.example.com`)"
      - "traefik.http.routers.myapp.entrypoints=websecure"
      - "traefik.http.services.myapp.loadbalancer.server.port=3000"

Step 3: Configure Cloudflared Tunnel

config.yml:

tunnel: my-tunnel-id
credentials-file: /root/.cloudflared/my-tunnel-id.json

ingress:
  - hostname: app1.example.com
    service: http://traefik:80
  - service: http_status:404

Step 4: Deploy the Stack

docker-compose up -d
cloudflared tunnel run my-tunnel-id

Final Result

“Hey, check out my app at https://app1.example.com — secure, Dockerized, and running via tunnel magic.”

No more "localhost:3000" heartbreaks.

Summary

✅ You learned:

How to push your Docker app to Docker Hub
How to pull and deploy it with Traefik
How to tunnel traffic with Cloudflared

Sources

Author: Hoang Tan Tan
GitHub | LinkedIn

How to Set Up a Cloudflared Tunnel on Your Homelab

Tan — Mon, 30 Jun 2025 19:12:24 +0000

Want to expose your private service to the world without revealing your real IP? Let Cloudflared Tunnel be your secret weapon.

Running a homelab can be exciting, especially when you want secure remote access to your self-hosted services without exposing your entire network. With Cloudflare Tunnel (previously known as Argo Tunnel), you can expose local services to the internet via a secure, private tunnel, even without a public IP.

Forget Port Forwarding
One of the biggest advantages of using Cloudflared Tunnel is eliminating the need to expose ports on your router. No more struggling with NAT, firewall rules, or worrying about open ports being scanned by bots.

This guide walks you through setting up a Cloudflared tunnel on your homelab

Forget Port Forwarding
One of the biggest advantages of using Cloudflared Tunnel is eliminating the need to expose ports on your router. No more struggling with NAT, firewall rules, or worrying about open ports being scanned by bots.

This guide walks you through setting up a Cloudflared tunnel on your homelab.

Prerequisites:

A Cloudflare account
A domain managed by Cloudflare
A machine in your homelab (Linux or Windows) with Docker or direct access
Basic command line skills

Step 1: Install Cloudflared

On Linux (Debian/Ubuntu):

sudo apt update && sudo apt install cloudflared

Or via Docker:

docker pull cloudflare/cloudflared:latest

Step 2: Authenticate with Cloudflare

Run the following command and log in via the browser when prompted:

cloudflared tunnel login

This authorizes the machine to create/manage tunnels under your account.

Step 3: Create a Tunnel

cloudflared tunnel create <TUNNEL_NAME>

This generates credentials and assigns a unique tunnel ID.

Step 4: Configure Tunnel Routing

Create a configuration file at ~/.cloudflared/config.yml (Linux) or %USERPROFILE%\.cloudflared\config.yml (Windows):

tunnel: <TUNNEL_ID>
credentials-file: /home/user/.cloudflared/<TUNNEL_ID>.json

ingress:
  - hostname: service.example.com
    service: http://localhost:8080
  - service: http_status:404

Make sure to replace <TUNNEL_ID> and paths appropriately.

Step 5: Set Up DNS Record

Use the Cloudflare dashboard or run:

cloudflared tunnel route dns <TUNNEL_NAME> service.example.com

Step 6: Run the Tunnel

For testing:

cloudflared tunnel run <TUNNEL_NAME>

To run as a service:

sudo cloudflared service install

Or with Docker Compose:

version: '3.8'
services:
  cloudflared:
    image: cloudflare/cloudflared:latest
    restart: unless-stopped
    command: tunnel run <TUNNEL_NAME>
    volumes:
      - ~/.cloudflared:/etc/cloudflared

Final Notes:

Make sure your local service (e.g., Nginx, Home Assistant, etc...) is accessible at the configured internal URL.
Check Cloudflare Zero Trust dashboard for traffic and analytics.
Always secure your Cloudflare account with 2FA.

Happy tunneling! This setup allows you securely access your homelab services from anywhere without dealing with port forwarding or public IP concerns.

Source: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/

Author: Hoang Tan Tan
GitHub | LinkedIn

Building My Home Server

Tan — Wed, 04 Jun 2025 13:19:49 +0000

🧠 Why Build a Home Server?

My home server is a real-world lab where I practice DevOps and Linux, explore self-hosted tools, and prepare for cloud certs like AWS and Kubernetes — all while showcasing my backend and infrastructure skills through personal projects, Git repos, and internal tools

This is my initial infrastructure sketch. I’ll continue to improve it, and if you have any suggestions or ideas, feel free to share them in the comments.

🖥️ My Home Server Specs

Model: T9 Plus Mini PC
CPU: Intel N100 (Alder Lake)
RAM: 16GB
Storage: 512GB NVMe SSD
Operating System: Ubuntu Server 24.04 LTS
Location: Home Office
Network: Wired Ethernet connection for stability and speed

🔑 Secure Remote Access with Cloudflared Tunnel

Instead of exposing port 22 to the internet, I used Cloudflare Tunnel for secure, zero-trust SSH access to my home server which is no public IP or VPN needed.

Here’s how I did it:

📝 Prepare a Domain

Before setting up the tunnel, I registered a domain (e.g., yourdomain.com) and connected it to Cloudflare. This gave me access to DNS management and Cloudflare Tunnel services.

Go to Cloudflare and create an account.
Add your domain to Cloudflare and update your domain registrar's nameservers.
Once DNS propagation is complete, you're ready to create tunnels using Cloudflare services.

🛠️ On My Ubuntu Server

Install cloudflared:

# Add cloudflare gpg key
sudo mkdir -p --mode=0755 /usr/share/keyrings
curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null

# Add this repo to your apt repositories
echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared any main' | sudo tee /etc/apt/sources.list.d/cloudflared.list

# install cloudflared
sudo apt-get update && sudo apt-get install cloudflared

Authenticate Cloudflared:

cloudflared tunnel login

Create a Tunnel:

cloudflared tunnel create my-tunnel

Configure the Tunnel:

/home/your-username/.cloudflared/config.yml

tunnel: my-home-server
credentials-file: /home/your-username/.cloudflared/[TUNNEL-ID].json

ingress:
  - hostname: ssh.yourdomain.com
    service: ssh://localhost:22
  - service: http_status:404

. Create the DNS record automatically:

cloudflared tunnel route dns my-home-server ssh.yourdomain.com

Start the tunnel:

cloudflared tunnel run my-home-server

On My Windows Laptop

Install Cloudflared:

winget install --id Cloudflare.cloudflared

Access ssh config:

cloudflared access ssh-config --hostname ssh.yourdomain.com

# result:
Add to your /.ssh/config:
Host ssh.yourdomain.com
  ProxyCommand C:\\Program Files (x86)\cloudflared\cloudflared.exe access ssh --hostname %h

Copy the output to your SSH config file:

notepad C:\Users\YourUsername\.ssh\config

Connect to your home server:

ssh ssh.yourdomain.com

if you encounter this error:

Bad permissions. Try removing permissions for user: UNKNOWN\\UNKNOWN (S-1-5-21-13844415-2831775885-76735119-1002)....

Detailed steps:

Right-click on the file C:\Users{UserName}.ssh\config → select Properties.
Go to the Security tab → click the Advanced button.
At the top of the new window, click "Disable inheritance".
When prompted:
- Choose "Convert inherited permissions into explicit permissions".
You will now see all permission entries listed.
Select the line with "UNKNOWN..." → click Remove.
Click Apply, then OK to save the changes.

Unlocking the Power of Linux: Essential Command Line Skills from Linux Basics for Hackers

Tan — Mon, 02 Sep 2024 14:33:30 +0000

Understanding the Command Line Interface (CLI):

The chapter starts by explaining the significance of the command line in Linux, emphasizing how it allows users to perform tasks more efficiently than through a graphical interface.
It discusses the command-line shell, specifically focusing on Bash (Bourne Again Shell), which is the most common shell in Linux.

Basic Command Syntax:

The structure of a command in Linux is explained, breaking it down into the command itself, options (or flags), and arguments.
Examples of simple commands are provided to illustrate this syntax, such as echo, date, and uname.

Navigating the Filesystem:

The chapter teaches readers how to move around the Linux filesystem using the command line. It covers commands like pwd (print working directory), cd (change directory), and ls (list directory contents).
It also introduces the concept of absolute and relative paths, helping users understand how to navigate between different directories.

File and Directory Operations:

Readers learn how to create, delete, and manage files and directories. Commands covered include touch (create a file), mkdir (create a directory), rm (remove files or directories), and mv (move or rename files).
The chapter also discusses how to view the contents of files using commands like cat, more, and less.

Permissions and Ownership:

The chapter introduces the concepts of file permissions and ownership in Linux, explaining how these are crucial for system security.
It covers the chmod command to change file permissions, and the chown command to change file ownership.

Using Wildcards and Pipes:

Wildcards, like * and ?, are explained as tools for simplifying file operations.
The chapter introduces pipes (|), which allow users to pass the output of one command as input to another, enabling more complex command chains.

Getting Help with Commands:

The chapter emphasizes the importance of understanding how to use commands by accessing their manuals. It introduces the man command (manual) and the --help option for getting quick command syntax references.

Practice and Application:

Throughout the chapter, there are examples and exercises to help readers practice the commands and concepts introduced. This practical approach is designed to build proficiency and confidence in using the command line.

Conclusion:

Chapter 2 is foundational for anyone looking to master Linux, especially in the context of ethical hacking. It emphasizes the importance of the command line as a tool for controlling and interacting with the operating system. By the end of the chapter, readers should feel more comfortable using basic Linux commands and navigating the filesystem.

Linux Basics for Hackers: Key Takeaways from Chapter 1

Tan — Sat, 24 Aug 2024 15:55:42 +0000

Chapter 1: "Getting Started"

Chapter 1 of "Linux Basics for Hackers" introduces readers to the fundamental concepts of Linux, focusing on its importance in cybersecurity and ethical hacking. The chapter begins by explaining why Linux is a preferred platform for hackers due to its open-source nature, flexibility, and the vast array of tools available for penetration testing.

Key Points:

Introduction to Linux:

Linux is presented as an open-source operating system that is highly customizable, secure, and widely used in both personal and professional environments.
The chapter discusses the different distributions (distros) of Linux, focusing on Kali Linux, which is tailored for security professionals.

Why Linux for Hackers:

The text highlights the importance of using Linux in hacking due to its command-line interface (CLI), which provides more control and precision than graphical interfaces.
Linux's native support for programming and scripting languages (like Python, Bash, and Perl) is emphasized as a crucial tool for hackers.
Getting Started with Linux:
The chapter guides readers on how to set up their first Linux environment, recommending virtual machines as a safe way to experiment.
Instructions are provided for downloading and installing Kali Linux using virtualization software like VirtualBox or VMware.
Basic Command-Line Skills:
The chapter introduces essential Linux commands that every beginner should know. Commands like ls, cd, mkdir, and _cp _are explained, allowing the reader to navigate the file system and manage files.
The concept of superuser (root) privileges is introduced, with a discussion on the importance of responsibly understanding and using the sudo command.

Security and Precautions:

The chapter closes by stressing the importance of practicing ethical hacking. It encourages readers to use their skills responsibly and within legal boundaries.

Overall, Chapter 1 lays the groundwork for readers who are new to Linux, providing them with the knowledge needed to start using Linux effectively for cybersecurity tasks. It emphasizes the significance of learning the command line and setting up a secure and controlled environment for hacking practices.