Today I successfully published my nginx site through Cloudflare Tunnel without opening any inbound ports.
This was part of my ongoing homelab work as I learn containerization, reverse proxies, and secure exposure of internal services.
What I Did
I exposed a locally running nginx container to the internet using Cloudflare Tunnel, avoiding the need to forward ports on my router or firewall.
Why This Matters
Opening inbound ports increases attack surface and complexity.
Cloudflare Tunnel allows me to securely publish services while keeping my home network closed by default.
What’s Next
Next, I plan to:
- Add Traefik as a reverse proxy
- Enable HTTPS end-to-end
- Document the full setup in a future post