d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
proxmox/scripts/cloudflare-tunnels/GET_CREDENTIALS.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

113 lines
3.2 KiB
Markdown
Raw Permalink Blame History

# How to Get Cloudflare Tunnel Credentials
## The Problem
`cloudflared tunnel token` doesn't work for existing tunnels. For existing tunnels created via API, you need to use **credentials files** (JSON format), not tokens.
## Solution: Download from Cloudflare Dashboard
### Step 1: Access Cloudflare Dashboard
1. Go to: https://one.dash.cloudflare.com/
2. Navigate to: **Zero Trust** > **Networks** > **Tunnels**
3. You should see your 3 tunnels:
- `tunnel-ml110` (ID: `ccd7150a-9881-4b8c-a105-9b4ead6e69a2`)
- `tunnel-r630-01` (ID: `4481af8f-b24c-4cd3-bdd5-f562f4c97df4`)
- `tunnel-r630-02` (ID: `0876f12b-64d7-4927-9ab3-94cb6cf48af9`)
### Step 2: Download Credentials for Each Tunnel
For each tunnel:
1. Click on the tunnel name
2. Click **"Configure"** tab
3. Scroll to **"Local Management"** section
4. Click **"Download credentials file"**
5. Save the file as:
- `credentials-ml110.json`
- `credentials-r630-01.json`
- `credentials-r630-02.json`
### Step 3: Use the Credentials
The credentials file format looks like:
```json
{
"AccountTag": "52ad57a71671c5fc009edf0744658196",
"TunnelSecret": "base64-encoded-secret-here",
"TunnelID": "ccd7150a-9881-4b8c-a105-9b4ead6e69a2",
"TunnelName": "tunnel-ml110"
}
```
### Step 4: Copy to VMID 102
Once you have the credentials files, run:
```bash
cd /home/intlc/projects/proxmox/scripts/cloudflare-tunnels
./scripts/generate-credentials.sh
```
This script will:
- Prompt you for each credentials file path
- Validate the JSON format
- Copy to VMID 102 at `/etc/cloudflared/credentials-<name>.json`
- Update config files with correct paths
- Set proper permissions (600)
## Alternative: Manual Copy
If you prefer to copy manually:
```bash
# From your local machine (where you downloaded credentials)
scp credentials-ml110.json root@192.168.11.10:/tmp/
scp credentials-r630-01.json root@192.168.11.10:/tmp/
scp credentials-r630-02.json root@192.168.11.10:/tmp/
# Then on Proxmox host
ssh root@192.168.11.10
pct push 102 /tmp/credentials-ml110.json /etc/cloudflared/credentials-ml110.json
pct push 102 /tmp/credentials-r630-01.json /etc/cloudflared/credentials-r630-01.json
pct push 102 /tmp/credentials-r630-02.json /etc/cloudflared/credentials-r630-02.json
pct exec 102 -- chmod 600 /etc/cloudflared/credentials-*.json
```
## Verify
After copying credentials:
```bash
ssh root@192.168.11.10 "pct exec 102 -- ls -la /etc/cloudflared/"
```
You should see:
- `credentials-ml110.json`
- `credentials-r630-01.json`
- `credentials-r630-02.json`
- `tunnel-ml110.yml`
- `tunnel-r630-01.yml`
- `tunnel-r630-02.yml`
## Start Services
Once credentials are in place:
```bash
ssh root@192.168.11.10 "pct exec 102 -- systemctl start cloudflared-ml110 cloudflared-r630-01 cloudflared-r630-02"
ssh root@192.168.11.10 "pct exec 102 -- systemctl enable cloudflared-*"
```
## Why Not Tokens?
- **Tokens** are used for **new tunnels** created via `cloudflared tunnel create`
- **Credentials files** are used for **existing tunnels** (created via API or dashboard)
- Our tunnels were created via API, so we need credentials files, not tokens
## Reference
- [Cloudflare Tunnel Credentials Documentation](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/#download-the-credentials-file)
Reference in New Issue View Git Blame Copy Permalink