Djeex/docudjeex
1
1
Fork 0
Code Issues Pull Requests Projects Wiki Activity

Fully translated + good linking

Browse Source
This commit is contained in:
Djeex
2025-07-04 13:37:55 +00:00
parent e9ccda2e14
commit 5c207add10
32 changed files with 435 additions and 469 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
content/3.serveex/3.securite/3.cloudflare.md
View File

@ -21,7 +21,7 @@ main:
---
The _Zero Trust_ architecture is the practice of designing systems based on the principle of __"never trust, always verify"__, as opposed to the traditional principle of __"trust, but verify"__. This concept has become increasingly popular recently due to the growing number of attacks targeting user data. Its a broad concept, but well focus on how to apply _Zero Trust_ to the web services we host.
_Cloudflare tunnels_ offer a simple way to implement _Zero Trust_, using [SWAG](/serveex/coeur/swag) and [Authentik](/serveex/securite/authentik).
_Cloudflare tunnels_ offer a simple way to implement _Zero Trust_, using [SWAG](/serveex/core/swag) and [Authentik](/serveex/securite/authentik).
Simply put, Cloudflare Tunnels allow you to:
@ -46,7 +46,7 @@ Here well explain how to integrate SWAG with Cloudflare tunnels.
---
### DNS Zone
First, you need to set Cloudflare as your [DNS zone](/generalites/dns) manager. If you bought your domain from Cloudflare, thats already done. Otherwise, check with your registrar how to add external DNS servers. Cloudflare provides [step-by-step documentation](https://developers.cloudflare.com/dns/zone-setups/full-setup/setup/) on how to configure a DNS Zone, whether your domain is external or registered with Cloudflare.
First, you need to set Cloudflare as your [DNS zone](/general/dns) manager. If you bought your domain from Cloudflare, thats already done. Otherwise, check with your registrar how to add external DNS servers. Cloudflare provides [step-by-step documentation](https://developers.cloudflare.com/dns/zone-setups/full-setup/setup/) on how to configure a DNS Zone, whether your domain is external or registered with Cloudflare.
If you only have one server to protect behind Cloudflare, you can delete all existing DNS records. By default, your domain and all its subdomains will be redirected to the tunnel.
@ -214,10 +214,10 @@ TUNNEL_PW=
Once done, deploy the stack. Check the logs—you should reach `server ready`.
Then confirm your tunnel appears under _Networks > Tunnels_ in [Cloudflare Zero Trust](https://one.dash.cloudflare.com/). By default, all subdomains will be routed through the tunnel—no need to define them [in your DNS zone](/generalites/dns).
Then confirm your tunnel appears under _Networks > Tunnels_ in [Cloudflare Zero Trust](https://one.dash.cloudflare.com/). By default, all subdomains will be routed through the tunnel—no need to define them [in your DNS zone](/general/dns).
::alert{type="success"}
__Tip:__ If you want to expose a service without a tunnel, just define an A record [in your DNS zone](/generalites/dns). If resolution fails, disable the proxy function for that record—e.g., for `sub.mondomaine.fr`.
__Tip:__ If you want to expose a service without a tunnel, just define an A record [in your DNS zone](/general/dns). If resolution fails, disable the proxy function for that record—e.g., for `sub.mondomaine.fr`.
![dns](/img/serveex/cf-dns.png)
::