Skip to content

Home

Jump to bottom
Chris edited this page Jun 23, 2025 · 23 revisions

Banner Maintenance OS CPU Architectures Generic badge Docker Pulls made-with-python GitHub issues GitHub last commit GitHub commit activity swiss_made

DockFlare is a dynamic ingress controller that automates Cloudflare Tunnel management based on Docker container labels. It acts as a self-hosted, "set-it-and-forget-it" tool to securely and effortlessly expose your services to the internet, eliminating manual Cloudflare dashboard configuration for your day-to-day operations.

Web ui example *Note: The Web UI has since been updated with a modern, themeable interface powered by DaisyUI.

Key Features

Dynamic Configuration via Docker Labels

  • Automatic Ingress Rules: Monitors Docker events and automatically creates Cloudflare Tunnel ingress rules for containers with dockflare.enable="true" labels.
  • New dockflare. Prefix: Uses the intuitive dockflare. prefix by default, while remaining fully backward-compatible with the legacy cloudflare.tunnel. prefix.
  • Path-Based Routing: Define specific URL paths (dockflare.path=/api) in addition to hostnames to route traffic with more granularity.
  • Multi-Rule Support: Configure multiple hostnames and paths for a single container using indexed labels (e.g., dockflare.0.hostname, dockflare.1.hostname).
  • Extended Service Types: Natively supports http, httpss, tcp, ssh, rdp, and http_status service types.
  • Advanced TLS Control: Specify an Origin Server Name for SNI (dockflare.originsrvname) for services requiring specific TLS handshake configurations.

Powerful Web UI

  • Centralized Dashboard: A single pane of glass to view the status of your tunnel, managed agent, and all ingress rules.
  • Manual Ingress Rule Management: Add, edit, and delete ingress rules for non-Dockerized services (e.g., a NAS, router, or VM) directly from the UI.
  • Interactive Access Policy Management: Override label-defined Cloudflare Access policies directly from the UI. Changes are persistent and can be easily reverted back to label-defined state.
  • Account-Wide Tunnel Visibility: View all Cloudflare Tunnels on your account and inspect their associated DNS records, perfect for multi-host setups.
  • Real-time Log Streaming: An integrated log viewer streams application logs directly to your browser using Server-Sent Events (SSE).
  • Modern, Themeable Interface: Built with DaisyUI, allowing you to choose from dozens of themes to personalize your dashboard.

Robust & Resilient Operation

  • Automated Tunnel & Agent Lifecycle: Automatically creates and manages the Cloudflare Tunnel and the cloudflared agent container.
  • Agent Configuration Reconciliation: On startup, DockFlare intelligently detects if the running cloudflared agent's configuration (e.g., network, image version) has drifted from your .env settings and automatically recreates it to match.
  • State Persistence: Saves the managed state to state.json to survive restarts and ensure consistency.
  • Graceful Deletion: Uses a configurable grace period before removing ingress rules for stopped containers, preventing issues during temporary restarts.
  • Secure by Default: Implements a strong Content Security Policy (CSP) for the web interface.

This Wiki provides detailed information on getting started, configuration options, usage patterns, and troubleshooting.

Clone this wiki locally