This is unofficial instructions proposed by the community. We don't officially support this and don't know what problems may arise when using cloudflared.
Cloudflare Tunnels can be used to access PiKVM over the internet securely using Cloudflare Zero Trust with Cloudflared. This is a convenient and free (for 50 users) tool for allowing access to web services running on your internal network without port forwarding or IPv4/IPv6 compatability issues. This document is provided as an example for accessing your PiKVM over the internet but you can also use Zerotier/Tailscale/Insert XYZ VPN service here. Basic support like whats shown below is provided as an example, any other setting or functionality needs to be redirected to the appropriate community.
If you get error 1033 / lookup localhost error
You might need to add
127.0.0.1 localhost into your /etc/hosts file
A domain utilizing Cloudflare for DNS
A Cloudflare tunnel configured with an application created and secured by an access policy
Custom firewall rules configured in Cloudflare as needed
Cloudflare Tunnel Steps¶
Create a self-hosted application with the URL matching one created in the previous step by following the steps here.
You will need to check the http options to disable SSL certificate verification under
Tunnels -> Configure -> Public Hostname -> yourapplication.yourdomain -> Edit -> TLS Settings -> No TLS Verifyas the PiKVM uses self-signed certificates.
Don't skip the access policies as this important to preventing randoms from the internet from gaining access to your PiKVM. Cloudflare offers a variety of login options with the simplest being One-time PINs that are emailed to you. NOTE: This external authentication will not replace the username/password for the PiKVM but instead supplement it acting as a first line of defense from the internet.
Installation on the PiKVM¶
Use these commands to install Cloudflared:
# rw # curl -L -o /usr/local/bin/cloudflared "$(curl -s "https://api.github.com/repos/cloudflare/cloudflared/releases/latest" | grep -e 'browser_download_url.*/cloudflared-linux-armhf"' | sed -e 's/[\ \":]//g' -e 's/browser_download_url//g' -e 's/\/\//:\/\//g')" # chmod +x /usr/local/bin/cloudflared # cloudflared version
Install the Cloudflare tunnel service to Cloudflared:
# sudo cloudflared service install SERVICE_TOKEN_HERE
Open a web browser and attempt to connect
Drop back in to read only mode
Use these commands to update Cloudflared:
# rw # cloudflared update # ro