A6-9V/MQL5-Google-Onedrive
1
0
Fork 0
forked from LengKundee/MQL5-Google-Onedrive
Code Pull requests Activity
MQL5-Google-Onedrive/docs/CLOUDFLARE_GUIDE.md
google-labs-jules[bot] b528ef932e Add Cloudflare management scripts and tunnel setup 
- Created `scripts/manage_cloudflare.py` to get/set security levels via API.
- Created `scripts/setup_cloudflare_tunnel.sh` to install `cloudflared`.
- Created `config/vault.json` with user-provided Zone/Account IDs for `lengkundee01.org`.
- Created `docs/CLOUDFLARE_GUIDE.md` with usage instructions.
- Updated `requirements.txt` to include `requests` as a core dependency.
2026-01-25 02:59:06 +00:00

2.3 KiB
Raw Permalink Blame History

Cloudflare Management & Tunnel Guide

This guide explains how to manage your Cloudflare settings and set up a secure tunnel for lengkundee01.org.

Prerequisite: API Token

  1. Log in to the Cloudflare Dashboard.
  2. Go to My Profile -> API Tokens.
  3. Create a token with the following permissions:
    • Zone - Zone Settings - Edit (for changing security levels)
    • Zone - DNS - Edit (for tunnel DNS routing)
    • Account - Cloudflare Tunnel - Edit (for managing tunnels)
  4. Copy the token.
  5. Edit config/vault.json and paste your token: 
    "api_token": "YOUR_ACTUAL_TOKEN_HERE"

Managing Security Level

You can check or change the "Under Attack Mode" or security level using the provided script.

Check Status:

python scripts/manage_cloudflare.py --status

Set Security Level: Available levels: off, essentially_off, low, medium, high, under_attack.

# Enable Under Attack Mode
python scripts/manage_cloudflare.py --set under_attack

# Set to Medium
python scripts/manage_cloudflare.py --set medium

Setting up Cloudflare Tunnel (1.1.1.1 / WARP)

To securely expose your local service or connect to your private network:

  1. Install cloudflared:

    sudo ./scripts/setup_cloudflare_tunnel.sh

  2. Login:

    cloudflared tunnel login

  3. Create a Tunnel:

    cloudflared tunnel create genx_tunnel

    Copy the Tunnel ID provided in the output.

  4. Configure Tunnel: Create a file named config.yml (or ~/.cloudflared/config.yml):

    tunnel: <Tunnel-UUID>
credentials-file: /root/.cloudflared/<Tunnel-UUID>.json

ingress:
  - hostname: lengkundee01.org
    service: http://localhost:8080
  - service: http_status:404

  5. Route DNS:

    cloudflared tunnel route dns genx_tunnel lengkundee01.org

  6. Run the Tunnel:

    cloudflared tunnel run genx_tunnel

1.1.1.1 WARP Connection

To use the 1.1.1.1 WARP client to access private resources:

  1. Ensure "Zero Trust" is configured in your Cloudflare Dashboard.
  2. Enroll your device in your Zero Trust organization.
  3. Connect via the WARP client.