How I handle Dynamic IP for my Home Server

Running a home server is a great learning experience, but it comes with a major headache: Connectivity.

I recently ran into a specific problem. I am running my Ubuntu home server using a SIM card through a mobile hotspot rather than a traditional wired connection. As a result, my public IP address is dynamic and changes every time I restart the connection or the device. Additionally, mobile networks often use CGNAT, which makes traditional port forwarding impossible.

Re-configuring my domain to point to a new IP address every single day was painful and unsustainable.

I found a solution that eliminates the need for a static IP entirely: Cloudflare Tunnel. Here is how I set it up to expose my Docker containers to the internet securely.

What You Need

1. A Server: I am using a laptop running Ubuntu.
2. A Domain Name: You need a custom domain.
   • Tip: If you are a student, you can get a free domain from Name.com via the GitHub Student Developer Pack. Alternatively, eu.org offers free subdomains (for non-commercial use).
3. A Cloudflare Account: The free tier works perfectly for this.

---

Step 1: Connect Your Domain to Cloudflare

Before setting up the server, Cloudflare needs to manage your domain’s DNS.

1. Log in to Cloudflare and click "Add a Site."

1. Enter your domain name (e.g., nevatal.tech) and click Quick Scan.
2. Select the Free Plan. Cloudflare will scan your current DNS records.

1. The Important Part: Cloudflare will provide you with two Nameservers (e.g., ns1.cloudflare.com and ns2.cloudflare.com).
2. Go to your domain registrar (Name.com, GoDaddy, etc.).

1. Find the Nameservers setting, delete the existing ones, and input the two provided by Cloudflare.
2. Save changes.

Note: It may take anywhere from a few minutes to a few hours for the nameservers to update globally. You can bookmark the page and come back later if it’s taking time.

---

Step 2: Create the Tunnel in Cloudflare Zero Trust

Once your domain is active on Cloudflare, you need to create the tunnel configuration.

1. Go to the Cloudflare Dashboard.
2. On the left sidebar, click Zero Trust.

1. In the Zero Trust dashboard, go to Networks -> Tunnels (sometimes labeled as "Connectors").

2. Click Create a Tunnel.

1. Select Cloudflared as the connector type.

2. Name your tunnel: I named mine my-server.

3. Click Save Tunnel.

---

Step 3: Install Cloudflared on Ubuntu

After saving the tunnel name, Cloudflare will ask you to choose your environment. Since I am using Ubuntu, I selected Debian.

Cloudflare provides a set of commands to install the cloudflared agent and link it to your account. Open your Ubuntu terminal and run the following:

1. Add Cloudflare GPG Key

sudo mkdir -p --mode=0755 /usr/share/keyrings
curl -fsSL https://pkg.cloudflare.com/cloudflare-public-v2.gpg | sudo tee /usr/share/keyrings/cloudflare-public-v2.gpg >/dev/null

2. Add the Repository

echo 'deb [signed-by=/usr/share/keyrings/cloudflare-public-v2.gpg] https://pkg.cloudflare.com/cloudflared any main' | sudo tee /etc/apt/sources.list.d/cloudflared.list

3. Install Cloudflared

sudo apt-get update && sudo apt-get install cloudflared

4. authenticate and Start the Service

Look at your Cloudflare browser window. It will provide a command that looks like sudo cloudflared service install [LONG-TOKEN]. Copy and paste that into your terminal:

sudo cloudflared service install [YOUR_TOKEN_HERE]

Once you run this, the cloudflared service will start automatically. If you look at your Cloudflare dashboard, the status of your Connector should change from "Inactive" to "Healthy" or "Connected".

If you are unable to activate it, or if it has already been registered but the terminal session was exited, you can activate it again by

cloudflared tunnel run --protocol http2 --token [YOUR_TOKEN_HERE]

---

Step 4: Exposing Your Applications (Routing)

Now that the tunnel is running, your server is connected to Cloudflare, but no one can access your apps yet. You need to tell Cloudflare where to send the traffic.

1. In the Zero Trust Dashboard, inside your Tunnel configuration, open the Public Hostname or Published Application Routes tab.

2. Click Add a Public Hostname / Published Application Routes.

3. Subdomain Choose a prefix that represents your application. This can be any value that makes sense in your context, for example:

   • www for a main website
   • app for a web application
   • blog for a blog service
   • note if you are deploying a note-taking application This subdomain will be combined with your domain (e.g., note.nevatal.tech).

4. Domain Select your registered domain, nevatal.tech, from the dropdown list. Cloudflare will automatically bind the chosen subdomain to this domain.

5. Service Type Select HTTP if your application is served over HTTP internally (Cloudflare Tunnel will handle HTTPS externally).

6. URL / Service Address Specify the internal service that Cloudflare should forward traffic to, for example:

   • http://localhost:3000
   • http://127.0.0.1:8080

7. (Optional) Path If your application is exposed under a specific path or you want to route different paths to different services, you can define it here. Examples:

   • /api → forwards to an API service running on a different port
   • /admin → forwards to an admin panel on another server This is useful when multiple applications are running on the same host but different ports or backends.

1. Click Save Hostname.

Conclusion

That’s it! Now, when I type app.nevatal.tech into my browser, Cloudflare receives the request, sends it through the secure tunnel to my laptop (connected via SIM card), and my Ubuntu server responds.

I no longer have to worry about my IP address changing or setting up complicated port forwarding rules. My home server is accessible from anywhere, completely free of charge.