Self-hosting cloudflared the easy way
Yulei ChenCloudflared is the client for Cloudflare Tunnel, a daemon that exposes private services through the Cloudflare edge network. Instead of opening ports or configuring firewalls, you run cloudflared next to your services and Cloudflare handles the rest: TLS, DDoS protection, caching, and global routing.
Sliplane is a managed container platform that makes running cloudflared painless. With one-click deployment, you can connect your Sliplane services to Cloudflare Tunnel in minutes - no manual Docker setup, no SSH sessions, no infrastructure to maintain.
Prerequisites
Before deploying, you need two things:
- A Sliplane account (free trial available)
- A Cloudflare Tunnel Token from the Cloudflare Zero Trust dashboard
How to get your Tunnel Token
- Go to the Cloudflare Zero Trust dashboard
- Navigate to Networks > Tunnels
- Click Create a tunnel and select Cloudflared
- Give your tunnel a name and click Save tunnel
- Copy the tunnel token from the install command (it's the long string after
--token)
Keep this token ready - you'll need it when deploying on Sliplane.
Quick start
Sliplane provides one-click deployment with presets.
Deploy cloudflared >- Click the deploy button above
- Replace the placeholder
TUNNEL_TOKENvalue with your actual Cloudflare Tunnel token - Select a server. If you just signed up you get a 48-hour free trial server
- Click Deploy!
After deployment, go back to the Cloudflare Zero Trust dashboard. Your tunnel should show as Connected within a few seconds.
About the preset
The one-click deploy above uses Sliplane's cloudflared preset. Here's what it includes:
- Official
cloudflare/cloudflaredimage with a pinned version tag (2026.3.0 at the time of writing - check Docker Hub for newer versions) - Runs the
tunnel --no-autoupdate runcommand, which connects to your configured tunnel TUNNEL_TOKENenvironment variable for authentication- Deployed as a private service (no public ports needed, since cloudflared connects outbound to Cloudflare)
Next steps
Once cloudflared is running, you need to configure your tunnel routes in the Cloudflare Zero Trust dashboard to point traffic to your Sliplane services.
Configuring public hostnames
In the Cloudflare Zero Trust dashboard:
- Go to Networks > Tunnels and click on your tunnel
- Switch to the Public Hostname tab
- Click Add a public hostname
- Set the Subdomain and Domain you want to route
- Under Service, set the Type to
HTTPand the URL to the internal hostname of your Sliplane service (e.g.my-service.internal:3000)
Sliplane's internal networking lets cloudflared reach other services on the same server using their .internal hostname. This means traffic flows from Cloudflare's edge directly to your service without ever being exposed to the public internet.
Environment variables
The preset uses one key environment variable:
| Variable | Description |
|---|---|
TUNNEL_TOKEN | Your Cloudflare Tunnel token (required) |
You can also pass additional configuration through environment variables. Check the cloudflared environment variables documentation for all available options.
Logging
By default, cloudflared logs go to STDOUT, which works with Sliplane's built-in log viewer. You can check the logs to verify that the tunnel is connected and see which requests are being proxied. For general Docker log tips, check out our post on how to use Docker logs.
Troubleshooting
If your tunnel shows as Disconnected in the Cloudflare dashboard:
- Double-check that your
TUNNEL_TOKENvalue is correct - Check the service logs in Sliplane for error messages
- Make sure the tunnel hasn't been deleted in the Cloudflare dashboard
If requests aren't reaching your services:
- Verify the internal hostname and port in your public hostname config
- Make sure the target service is running on the same Sliplane server
- Check that the target service is listening on the correct port
Cost comparison
Of course you can also run cloudflared with other cloud providers. Here is a pricing comparison for the most common ones:
| Provider | vCPU Cores | RAM | Disk | Estimated Monthly Cost | Notes |
|---|---|---|---|---|---|
| Sliplane | 2 | 2 GB | 40 GB | €9 | charge per server |
| Render | 1 | 2 GB | 40 GB | ~$35-$45 | VM Small |
| Fly.io | 2 | 2 GB | 40 GB | ~$20-$25 | VM + volume |
| Railway | 2 | 2 GB | 40 GB | ~$15-$66 | Usage-based |
Since cloudflared is lightweight, you'll likely run it alongside other services on the same Sliplane server, making the effective cost close to zero.
FAQ
What can I use Cloudflare Tunnel for?
Cloudflare Tunnel lets you securely expose any HTTP or TCP service to the internet without opening ports. Common use cases include exposing self-hosted web apps, APIs, and dashboards behind Cloudflare's CDN and DDoS protection. If you're running n8n on Sliplane, for example, you can route it through your own domain with Cloudflare Tunnel.
Can I route multiple services through one tunnel?
Yes. A single cloudflared instance can route traffic to multiple services. Just add multiple public hostnames in the Cloudflare Zero Trust dashboard, each pointing to a different internal service and port. This is one of the biggest advantages of Cloudflare Tunnel.
How do I update cloudflared?
Change the image tag in your service settings on Sliplane and redeploy. Check Docker Hub for the latest stable version. The preset disables auto-updates inside the container (--no-autoupdate), so you control when updates happen.
Is cloudflared free?
Yes. Cloudflare Tunnel is included in the free Cloudflare plan. You only pay for the server that runs the cloudflared container.
Can I use cloudflared with any domain?
Your domain needs to be added to your Cloudflare account (either as a full DNS setup or via CNAME). Once added, you can create tunnel routes for any subdomain. Cloudflare handles TLS certificates automatically.
