
Cloudflare Tunnel
Sets up Cloudflare Tunnel within your Railway project
Cloudflared
cloudflare/cloudflared
Just deployed
Cloudflare Tunnel
This template deploys a Cloudflare Tunnel within your Railway project.
What is a Cloudflare Tunnel?
Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address.
Source: Cloudflare Tunnel
Prerequisites Before you start -
In Railway -
-
Ensure that there are no domains on the desired service, whether custom or Railway-generated.
-
Have the service you want to route traffic to listening on IPv6 -
Since Railway's internal network is IPv6 only the service will need to listen on
::
Start commands for some popular frameworks -
Gunicorn -
gunicorn main:app -b [::]:${PORT:-3000}
Uvicorn -
uvicorn main:app --host :: --port ${PORT:-3000}
Hypercorn -
hypercorn main:app --bind [::]:${PORT:-3000}
Next -
next start -H :: --port ${PORT:-3000}
Express / Nest -
app.listen(process.env.PORT || 3000, "::");
In Cloudflare -
-
Have your desired domain setup with Cloudflare's nameservers, they have a general guide for that here.
-
Have SSL/TLS mode set to Full.
SSL/TLS → Overview → Full
1. Creating the tunnel
-
Goto your Cloudflare accounts home page → Zero Trust → Networks → Tunnels.
-
Click Add a tunnel.
-
Leave the Cloudflared option selected.
-
Click Next.
-
Name your tunnel
We recommend naming it in accordance with the Railway project that contains the service(s) you want to route traffic to.
-
Click Save tunnel.
2. Getting the tunnel token
-
Choose the Docker environment.
-
Click the copy icon.
-
Paste the command into a note for later use.
Strip out
docker run cloudflare/cloudflared:latest tunnel --no-autoupdate run --token
to leave only the token.
Leave this page open
3. Deploying the tunnel
-
Open the project that contains the service you want to route traffic to.
-
Click Create → Template → Search for Cloudflare Tunnel.
-
When prompted, enter your tunnel token.
Make sure there is no leading or trailing whitespace.
-
Click Deploy Template
4. Setting up the tunnel
- Go back to the Configure Cloudflare page.
You should now see a connector appear!
-
Click Next.
-
Choose a subdomain or leave it blank if you want to use the root domain.
-
Choose a domain.
-
Choose a path, or leave it blank.
-
For type choose HTTP.
-
For the URl use your services' private domain and the port your app listens on.
E.g.
api.railway.internal:8080
-
Click Save tunnel.
5. Add another domain (Optional)
This is useful if you want to have a www subdomain or simply point different domains to the same Railway service.
This can even be used to point a subdomain or different domain to another service in the same Railway project.
-
Click on the tunnel name → Click Edit on the slide-out menu.
-
Click Public Hostname → Click Add a public hostname.
-
Follow the same steps as outlined in step #4.
Conclusion
We are done, you can now open the public domain and you will be routed to your Railway service!
Additional Resources
Template Content
Cloudflared
cloudflare/cloudflaredTUNNEL_TOKEN
Your Cloudflare Tunnel Token!