A6-9V/MQL5-Google-Onedrive
1
0
Fork 0
forked from LengKundee/MQL5-Google-Onedrive
Code Pull requests Activity
MQL5-Google-Onedrive/docs/CLOUDFLARE_GUIDE.md
GenX FX Trading System 71e674fad7
 Merge pull request #329 from A6-9V/docs/cloudflare-nameservers-and-domain-unification-7774302631406904191 
docs: update Cloudflare nameservers and unify domain name
2026-02-13 11:30:49 +07:00

2.7 KiB
Raw Permalink Blame History

Cloudflare Management & Tunnel Guide

This guide explains how to manage your Cloudflare settings and set up a secure tunnel for lengkundee01.org.

Nameservers

If you are using Cloudflare to manage your DNS, ensure your domain nameservers are set to:

  • daisy.ns.cloudflare.com
  • rocco.ns.cloudflare.com

Prerequisite: API Token

  1. Log in to the Cloudflare Dashboard.
  2. Go to My Profile -> API Tokens.
  3. Create a token with the following permissions:
    • Zone - Zone Settings - Edit (for changing security levels)
    • Zone - DNS - Edit (for tunnel DNS routing)
    • Account - Cloudflare Tunnel - Edit (for managing tunnels)
  4. Copy the token.
  5. Edit config/vault.json and paste your token: 
    "api_token": "YOUR_ACTUAL_TOKEN_HERE"

Managing Security Level

You can check or change the "Under Attack Mode" or security level using the provided script.

Check Status:

python scripts/manage_cloudflare.py --status

Set Security Level: Available levels: off, essentially_off, low, medium, high, under_attack.

# Enable Under Attack Mode
python scripts/manage_cloudflare.py --set under_attack

# Set to Medium
python scripts/manage_cloudflare.py --set medium

Setting up Cloudflare Tunnel (1.1.1.1 / WARP)

To securely expose your local service or connect to your private network:

  1. Install cloudflared:

    sudo ./scripts/setup_cloudflare_tunnel.sh

  2. Login:

    cloudflared tunnel login

  3. Create a Tunnel:

    cloudflared tunnel create genx_tunnel

    Copy the Tunnel ID provided in the output.

  4. Configure Tunnel: Create a file named config.yml (or ~/.cloudflared/config.yml):

    tunnel: <Tunnel-UUID>
credentials-file: /root/.cloudflared/<Tunnel-UUID>.json

ingress:
  - hostname: lengkundee01.org
    service: http://localhost:8080
  - service: http_status:404

  5. Route DNS:

    cloudflared tunnel route dns genx_tunnel lengkundee01.org

  6. Run the Tunnel:

    cloudflared tunnel run genx_tunnel

1.1.1.1 WARP Connection

To use the 1.1.1.1 WARP client to access private resources:

  1. Ensure "Zero Trust" is configured in your Cloudflare Dashboard.
  2. Enroll your device in your Zero Trust organization.
  3. Connect via the WARP client.

DNS Configuration

For a detailed guide on how to configure your DNS records for lengkundee01.org, including cleaning up conflicts and pointing to various hosting methods, see DNS Configuration Recommendation.