Cloudflared

`services.cloudflared.enable`

Whether to enable Cloudflare Tunnel client daemon (formerly Argo Tunnel). Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.group`

Group under which cloudflared runs. Type: string

Default

"cloudflared"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.package`

The cloudflared package to use. Type: package

Default

pkgs.cloudflared

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels`

Cloudflare tunnels.

Type: attribute set of (submodule)

Default

{ }

Example

{"00000000-0000-0000-0000-000000000000" = {credentialsFile = "/tmp/test";default = "http_status:404";ingress = {"*.domain1.com" = {service = "http://localhost:80";};};};}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.credentialsFile`

Credential file.

See Credentials file.

Type: string

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.default`

Catch-all service if no ingress matches.

See service.

Type: string

Example

"http_status:404"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.ingress`

Ingress rules.

See Ingress rules.

Type: attribute set of (string or (submodule))

Default

{ }

Example

{"*.anotherone.com" = "http://localhost:80";"*.domain.com" = "http://localhost:80";}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.caPool`

Path to the certificate authority (CA) for the certificate of your origin. This option should be used only if your certificate is not signed by Cloudflare.

Type: null or string or path

Default

null

Example

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.connectTimeout`

Timeout for establishing a new TCP connection to your origin server. This excludes the time taken to establish TLS, which is controlled by tlsTimeout.

Type: null or string

Default

null

Example

"30s"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.disableChunkedEncoding`

Disables chunked transfer encoding. Useful if you are running a WSGI server.

Type: null or boolean

Default

null

Example

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.httpHostHeader`

Sets the HTTP Host header on requests sent to the local service.

Type: null or string

Default

null

Example

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.keepAliveConnections`

Maximum number of idle keepalive connections between Tunnel and your origin. This does not restrict the total number of concurrent connections.

Type: null or signed integer

Default

null

Example

100

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.keepAliveTimeout`

Timeout after which an idle keepalive connection can be discarded.

Type: null or string

Default

null

Example

"1m30s"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.noHappyEyeballs`

Disable the “happy eyeballs” algorithm for IPv4/IPv6 fallback if your local network has misconfigured one of the protocols.

Type: null or boolean

Default

null

Example

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.noTLSVerify`

Disables TLS verification of the certificate presented by your origin. Will allow any certificate from the origin to be accepted.

Type: null or boolean

Default

null

Example

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.originServerName`

Hostname that cloudflared should expect from your origin server certificate.

Type: null or string

Default

null

Example

""

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.proxyAddress`

cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen address for that proxy.

Type: null or string

Default

null

Example

"127.0.0.1"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.proxyPort`

cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures the listen port for that proxy. If set to zero, an unused port will randomly be chosen.

Type: null or signed integer

Default

null

Example

0

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/networking/cloudflared.nix

`services.cloudflared.tunnels.<name>.originRequest.proxyType`

cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP. This configures what type of proxy will be started. Valid options are: