search

mikejac / node-red-contrib-google-smarthome

A collection of Node-RED nodes to control your smart home devices via Google Assistant.
GNU General Public License v3.0
116 stars 36 forks source link

How to work with Cloudflare Tunnels #446

Closed RichardUUU closed 10 months ago

RichardUUU commented 10 months ago

I have had this working wonderfully with Nginx Proxy Manager, but I'm phasing that out in favor of Cloudflare Tunnels.

Does anyone have any experience with that, or suggestions on how I can make it work. Currently, I'm getting a 502 error.

Cheers, Richard

boraxhacker commented 10 months ago

I do not consider myself a guru. YMMV - I too switched from a reverse proxy. I now have a cloudflare tunnel exposing an internal node-red with a public hostname that google action fulfillment is configured to use.

From memory I don't think I was able to get a cloudflare tunnel created via the cli to work. I had to create the tunnel via the web based dashboard. https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/

Then I created a public hostname that points to the internal node-red service. The public hostname configuration will generate the proxy'd DNS entry. It's automatic. myhome.example.com -> node-red.internal.local:3001

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/routing-to-tunnel/

The the project needed re-configuring. For example the public hostname changed (for me) and the port is no longer needed https://github.com/mikejac/node-red-contrib-google-smarthome/blob/master//docs/setup_instructions.md#create-project-in-actions-console

RichardUUU commented 10 months ago

@boraxhacker Thanks. Knowing that it can be done is helpful. It seems I'm having problems with more than tunnels. I have reverted to NGINX and I still can't connect even after refactoring the google apps. I think I'll delete everything and start from scratch.

I wish I understood better how to debug problems. I'm not sure where to find logs for the google stuff, and the Node Red logs seem sketchy.

Quick question: what happens if you go directly to your Node Red IP? e.g. 192.168.1.100:3101 What kind of error do you get?

boraxhacker commented 10 months ago

Quick question: what happens if you go directly to your Node Red IP? e.g. 192.168.1.100:3101 What kind of error do you get?

For me - only cloudflared has access to node-red:3001. Also my node-red:3001 has checked external ssl offload.

Redrawing

google -> https://myhome.example.com (cname cloudflared proxied) ~~ cloudflared -> node-red.internal.local:3001

^the https cert is coming from cloudflare. It's a universal plan edge certificate. The cloudflare domain is set full (strict) encryption.

If I attempt to access (from outside my network) https://myhome.example.com/check then I get the check page per the setup instructions.

RichardUUU commented 10 months ago

Thanks. Problem turned out to be an issue with the path for my json file. I filed a separate issue to point that out.