DEV Community

Maksim Lanies
Maksim Lanies

Posted on • Edited on

Desktop UI for Cloudflare Tunnel: Making Remote Access Simple

#cloud #tooling #productivity #ui

What is Cloudflare Tunnel?

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address.

Instead of sending traffic to an external IP, a lightweight daemon (cloudflared) in your infrastructure creates outbound-only connections to Cloudflare's global network. This means:

  • No inbound ports to open - Your firewall stays closed
  • No exposed origin IP - Your infrastructure stays hidden
  • Bidirectional communication - Despite being outbound-only, traffic flows both ways
  • Protection from bypass attacks - All traffic routes through Cloudflare's edge

What Can You Connect?

Cloudflare Tunnel can securely connect:

  • HTTP/HTTPS web servers - Expose web applications
  • SSH servers - Secure shell access (guide)
  • RDP (Remote Desktop) - Windows remote desktop (guide)
  • TCP services - Databases, custom applications, any TCP protocol
  • SMB file shares - Network file access
  • gRPC services - Modern API protocols

Learn more in the official documentation.

The Challenge

cloudflared is an amazing tool — lightweight, secure, and battle-tested by millions of connections daily.

But there's a common pain point:

For quick, ad-hoc connections, the CLI/YAML workflow can feel heavy.

If you want to:

  • Quickly RDP into a remote Windows machine
  • Open an SSH tunnel for a few minutes
  • Share a local dev server with a colleague

You typically need to:

  • Write or edit a YAML configuration file
  • Remember specific CLI flags and syntax
  • Manually manage tunnel processes
  • Track which ports are in use

For production deployments, this workflow makes sense. But for temporary, one-off connections, it can slow you down.

The Solution: A Desktop UI for cloudflared

What if you could:

  • Click "Connect to RDP" and get instant access?
  • See all your active tunnels in one place?
  • Never worry about port conflicts or process management?

I built exactly that:

https://github.com/mlanies/desktop-argo-tunnel

Dashboard

Dashboard

What the app does

The UI wraps cloudflared to make common tasks instant:

Core Features

  • One-Click Connections

    • Launch RDP tunnels instantly
    • Connect to SSH servers with a button click
    • Forward any TCP service without typing commands

  • Zero Configuration

    • App automatically downloads and installs cloudflared if needed
    • No manual setup required
    • Works out of the box

  • Intelligent Port Management

    • Automatic port assignment (10000-60000 range)
    • No port conflicts
    • See exactly which local port each tunnel uses

  • Secure Credential Storage

    • Built-in KeePass (.kdbx) integration
    • AES-256 encrypted password storage
    • Import/export existing KeePass databases
    • Password quality analysis

  • Real-Time Monitoring

    • View all active tunnels with their PIDs
    • Monitor connection health
    • Track recent activity
    • Stop tunnels with one click

No YAML files.

No terminal commands.

Just "Connect" and "Disconnect".

Why build this?

The Use Case Gap

Cloudflare Tunnel documentation covers two main scenarios well:

  1. Production deployments - Full YAML configs, ingress rules, DNS routing
  2. Cloudflare Access integration - Zero Trust with identity policies

But there's a third scenario that's less documented:

  1. Quick, temporary TCP tunneling - "I just need to RDP into that server right now"

This app fills that gap.

Who Benefits?

DevOps Engineers

Quick access to remote servers without VPN overhead

Support Teams

Non-technical staff can connect to services without CLI knowledge

Developers

Instant SSH/RDP access during debugging sessions

Small Teams

Simple remote access without complex Zero Trust setup

How it works

The app acts as a friendly wrapper around cloudflared:

  1. Auto-Installation: Downloads and installs cloudflared if not present
  2. Command Generation: Translates UI actions into correct cloudflared CLI arguments
  3. Process Management: Starts, monitors, and stops cloudflared processes
  4. Visual Feedback: Shows active connections, local ports, and process IDs

Under the hood, it's using cloudflared access tcp commands like:

cloudflared access tcp --hostname ssh.example.com --url localhost:12345
Enter fullscreen mode Exit fullscreen mode

But you never have to type that.

Technical Architecture

Built with modern, performant technologies:

  • Rust + Tauri 2.0 - Lightweight native backend (~50MB total)
  • React 18 + TypeScript - Type-safe, responsive UI
  • KeePass integration - Secure credential storage
  • Cross-platform - Windows, macOS, and Linux

For technical details, see the Architecture Documentation.

Key Features in Detail

Zero Configuration

The app can automatically download and install cloudflared if it's not present on your system. No manual setup required.

Secure Credential Management

Built-in KeePass (.kdbx) database support:

  • Create and manage password containers
  • Store credentials with AES-256 encryption
  • Import/export existing KeePass databases
  • Password quality analysis and security scoring

Real-time Monitoring

  • View all active tunnels with local ports and PIDs
  • Monitor connection health and statistics
  • Track recent activity and connection history
  • Copy local ports to clipboard

Multi-language Support

Full internationalization with English and Russian support (more languages coming soon).

Comparison with Standard Workflow

Traditional CLI Approach 

# 1. Remember the syntax
cloudflared access tcp --hostname rdp.example.com --url localhost:3389

# 2. Keep track of the process
# 3. Remember to kill it when done
# 4. Hope you didn't forget which port you used
Enter fullscreen mode Exit fullscreen mode

With Desktop UI

  1. Click server name
  2. Click "Connect"
  3. See local port displayed
  4. Click "Disconnect" when done

Looking for feedback

I would love to hear your thoughts:

  • Does this fill a real need in your workflow?
  • What other features would make this more useful?
  • Should Cloudflare consider an official desktop UI?
  • Any UX suggestions or improvements?

I'm actively collecting feedback to shape the next iteration.

Repo: https://github.com/mlanies/desktop-argo-tunnel

Resources

Official Cloudflare Documentation

This Project

Note: This is a community project, not an official Cloudflare tool. It's designed to complement cloudflared for specific use cases, not replace it.

Thanks for reading and huge respect to the Cloudflare team for building an amazing tunneling ecosystem!

Top comments (0)