Take it easy, sit back and relax
Preface
Although I had already linked a card to Cloudflare early on, I mainly used R2 more. As for Zero Trust, I knew it existed but never used it.
It wasn't until later that I discovered this thing can do quite a lot of stuff, so I'm going to start playing with it.
EP0: Prerequisites
The entire process is based on you having already created a Cloudflare account and bound your domain's DNS to the Cloudflare account.
First, you need to prepare a bank card. Choose from Visa, MasterCard, AMEX, or Discover. Some people said you could link PayPal before, but at least, when I linked a card to use R2 earlier, there was no PayPal button anymore. It's a mystery anyway; I didn't see the PayPal button, so I linked a card.
(I linked a Bank of China MasterCard.)
Tested and confirmed that UnionPay doesn't work, at least UnionPay cards issued in mainland China don't work. Even though UnionPay can go through Discover, it still can't be verified. So just honestly get a MasterCard or AMEX. RMB-denominated cards can be linked; they are not strict in this regard.
If you go the bank card route, remember to keep about 1 to verify the account when verifying it.
EP1: Initialize Zero Trust
Click the Zero Trust button in the left navigation bar. The page will jump to the separate Zero Trust console (this console does not have a dark mode).
Then you can see its related prompts. Enter a suitable name here, in English only.
After entering, click "Next," then select the Free plan.
Then click "Continue to payment."
Assuming you had already linked a card to Cloudflare long ago because of using certain services, then at this step you just need to relax and wait for it to adjust the status.
But if you haven't linked a card on Cloudflare, then it will pop up the following screen asking you to link a card.
When the following page is displayed, we have completed the initialization of Zero Trust.
EP2: Install Software
Click "Settings" → "Resources," scroll down to "Download cloudflared," and choose the download according to your system. Here I choose Windows (64-bit).
After downloading, open it and install it.
Of course, you can also use the Docker method to deploy; we'll talk about that later.
If you need to install using Docker, please install Docker on your device in advance. It is not recommended to use Docker for installation on Windows here.
EP3: Create an Application
Click "Network" → "Tunnels," click "Add a tunnel."
Select Cloudflared on the left.
Name the tunnel, something easy to remember. Here I use my device name as the name. After filling it in, click "Save tunnel."
Then comes the crucial step.
Open CMD or PowerShell in administrator mode. If you have already installed gsudo, you can also directly enter sudo to switch to administrator mode. Since my Windows has gsudo, I switched directly.
Go back to the previous page and scroll down to "Install and run the connector."
Here we have already completed steps 1 to 3 in advance. Just copy the command to the just-opened console and press Enter.
Please store your token carefully. This command contains a sensitive token that allows the connector to run. Anyone with access to this token will be able to run the tunnel.
After running, return to the previous page and scroll to the bottom to "Connectors." At this point, you should be able to see our device.
After confirming you can see it, click "Next."
Fill in the above information according to its prompts. After filling it in, click "Save tunnel." Now visit the link you created to check if access is normal.
Afterword
Cloudflare also recommends that you create an application in Access to protect your connection. That's up to the individual (I didn't do it; I don't know how to do this).
The above operations can be similarly applied to servers (obviously).
Related Links
- cloudflared GitHub repository: cloudflare/cloudflared
