The official instructions doesn’t include a connector for the Raspberry PI armv7l processor when setting up a tunnel. Even the Docker file doesn’t have the correct architecture for the RPI.
To get cloudflared running on the RPI, we can use the offical binary released in Github by cloudflare.
# Fetch the file
wget https://github.com/cloudflare/cloudflared/releases/download/2023.3.1/cloudflared-linux-armhf
# Move it to our bin directory so we can just call it
sudo mv cloudflared-linux-armhf /usr/local/bin/cloudflared
# Make it executable
sudo chmod +x cloudflaredAt the time of writing this post, the latest version is 2023.3.1 .
Now head to Cloudflare Zero Trust Dashboard -> Access -> Tunnels and create a tunnel. You will get a token to configure the connector. Then run the command with the flags below.
# Start the tunnel
cloudflared tunnel --no-autoupdate run --token eyJh...This will establish the connection and you should see some response like this.
2023-03-21T02:30:51Z INF Starting tunnel tunnelID=xxxx
2023-03-21T02:30:51Z INF Version 2023.3.1
2023-03-21T02:30:51Z INF GOOS: linux, GOVersion: go1.19.3, GoArch: arm
2023-03-21T02:30:51Z INF Settings: map[token:*****]
2023-03-21T02:30:51Z INF cloudflared will not automatically update when run from the shell. To enable auto-updates, run cloudflared as a service: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/run-tunnel/as-a-service/
2023-03-21T02:30:51Z INF Generated Connector ID: xxxx
2023-03-21T02:30:51Z WRN No ingress rules were defined in provided config (if any) nor from the cli, cloudflared will return 503 for all incoming HTTP requests
2023-03-21T02:30:51Z INF Initial protocol quic
2023-03-21T02:30:51Z INF ICMP proxy will use xxxx as source for IPv4
2023-03-21T02:30:51Z INF ICMP proxy will use xxxx in zone eth0 as source for IPv6
2023-03-21T02:30:51Z INF Starting metrics server on 127.0.0.1:43095/metrics
2023/03/21 10:30:51 failed to sufficiently increase receive buffer size (was: 176 kiB, wanted: 2048 kiB, got: 352 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.
2023-03-21T02:30:52Z INF Connection xxxx registered with protocol: quic connIndex=0 ip=xxxx location=xx
2023-03-21T02:30:53Z INF Connection xxxx registered with protocol: quic connIndex=1 ip=xxxx location=xx
2023-03-21T02:30:54Z INF Connection xxxx registered with protocol: quic connIndex=2 ip=xxxx location=xx
2023-03-21T02:30:55Z INF Connection xxxx registered with protocol: quic connIndex=3 ip=xxxx location=xxWith that, the tunnel is setup successfully. Now we have a HTTPS cert, and we can set authentication using One-time pin or Google Authentication in front of any web application.
