Last active
April 10, 2025 03:48
-
-
Save hcgatewood/b3423b3c9a1ef9c8e6f3cc3d5a39599f to your computer and use it in GitHub Desktop.
Revisions
-
hcgatewood revised this gist
Apr 10, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ # Uptime Kuma via Cloudflare Tunnel This guide outlines steps to access [Uptime Kuma](https://github.com/louislam/uptime-kuma) through a semi-protected [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). -
Apr 10, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ # Access Uptime Kuma via Cloudflare Tunnel This guide outlines steps to access [Uptime Kuma](https://github.com/louislam/uptime-kuma) through a semi-protected [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). -
Feb 25, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,6 @@ # Uptime Kuma via Cloudflare Tunnel This guide outlines steps to access [Uptime Kuma](https://github.com/louislam/uptime-kuma) through a semi-protected [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). Semi-protected meaning the status page is public, while all other endpoints are private. -
Feb 25, 2025 . 1 changed file with 5 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,18 +1,18 @@ # Uptime Kuma via Cloudflare Tunnel This guide outlines the steps to access [Uptime Kuma](https://github.com/louislam/uptime-kuma) through a semi-protected [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). Semi-protected meaning the status page is public, while all other endpoints are private. ## Step 0: deploy Uptime Kuma Consider e.g. [Fly.io](https://fly.io/) [(repo)](https://github.com/lubien/fly-uptime-kuma) [(howto)](https://community.fly.io/t/hosting-uptime-kuma-on-fly-io/14352). ## Step 1: access via Cloudflare Tunnel Follow Uptime Kuma's [guide for setting up Cloudflare Tunnel as a reverse proxy](https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy-with-Cloudflare-Tunnel). ## Step 2: protect via Cloudflare Access ### Create policies @@ -47,7 +47,7 @@ Disable Uptime Kuma's native auth at your Uptime Kuma instance via `Settings > S ## Step 4: validate Validate the following access scenarios - Can access dashboards page after authenticating - Can access status page after authenticating -
Feb 25, 2025 . 1 changed file with 4 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,11 +8,11 @@ Semi-protected meaning the status page is public, while all other endpoints are Consider e.g. deploying via [Fly.io](https://fly.io/) [(repo)](https://github.com/lubien/fly-uptime-kuma) [(howto)](https://community.fly.io/t/hosting-uptime-kuma-on-fly-io/14352). ## Step 1: access with Cloudflare Tunnel Follow Uptime Kuma's [guide for setting up Cloudflare Tunnel as a reverse proxy](https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy-with-Cloudflare-Tunnel). ## Step 2: protect with Cloudflare Access ### Create policies @@ -41,9 +41,9 @@ Create two applications, optionally using the above identity provider for both - {type: `public hostname`, subdomain: `uptime`, domain: `YOUR_DOMAIN`, path: `api/status-page`} - {type: `public hostname`, subdomain: `uptime`, domain: `YOUR_DOMAIN`, path: `icon.svg`} ## Step 3: disable native auth Disable Uptime Kuma's native auth at your Uptime Kuma instance via `Settings > Security > Disable auth`. ## Step 4: validate -
Feb 25, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,7 @@ Consider e.g. deploying via [Fly.io](https://fly.io/) [(repo)](https://github.co Follow Uptime Kuma's [guide for setting up Cloudflare Tunnel as a reverse proxy](https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy-with-Cloudflare-Tunnel). ## Step 2: protect tunnel with Cloudflare Access ### Create policies -
Feb 25, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,56 @@ # Uptime Kuma via Cloudflare Tunnel This guide outlines the steps to access [Uptime Kuma](https://github.com/louislam/uptime-kuma) via a semi-protected [Cloudflare Tunnel](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/). Semi-protected meaning the status page is public, while all other endpoints are private. ## Step 0: deploy Uptime Kuma Consider e.g. deploying via [Fly.io](https://fly.io/) [(repo)](https://github.com/lubien/fly-uptime-kuma) [(howto)](https://community.fly.io/t/hosting-uptime-kuma-on-fly-io/14352). ## Step 1: access via Cloudflare Tunnel Follow Uptime Kuma's [guide for setting up Cloudflare Tunnel as a reverse proxy](https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy-with-Cloudflare-Tunnel). ## Step 2: protect tunnels with Cloudflare Access ### Create policies Create two policies - `admin` - `allow` action - `include` rule with `emails` selector, value set to your personal (or other desired) email address - `public` - `bypass` action - `include` rule with `everyone` selector ### Add identity provider Optionally, [add an identity provider](https://developers.cloudflare.com/cloudflare-one/identity/idp-integration/) to Cloudflare, e.g. Google. ### Create applications Create two applications, optionally using the above identity provider for both - `uptimekuma-admin` with 1 input method - {type: `public hostname`, subdomain: `uptime`, domain `YOUR_DOMAIN`} - `uptimekuma-public` with 4 input methods - {type: `public hostname`, subdomain: `uptime`, domain: `YOUR_DOMAIN`, path: `status`} - {type: `public hostname`, subdomain: `uptime`, domain: `YOUR_DOMAIN`, path: `assets`} - {type: `public hostname`, subdomain: `uptime`, domain: `YOUR_DOMAIN`, path: `api/status-page`} - {type: `public hostname`, subdomain: `uptime`, domain: `YOUR_DOMAIN`, path: `icon.svg`} ## Step 3: disable Uptime Kuma native auth Disable native auth at your Uptime Kuma instance via `Settings > Security > Disable auth`. ## Step 4: validate Validate the following - Can access dashboards page after authenticating - Can access status page after authenticating - Can't access dashboards when unauthenticated - Can't access dashboards when identified but with unauthorized identity - Can access status page when unauthenticated