Cloudflare Infrastructure
Cloudflare Infrastructure
Public ingress for external services only.
Architecture Decision
Cloudflare = Public Ingress ONLY
Use Cloudflare tunnel for:
- GitLab webhooks
- Public APIs that external services call
- GPU endpoints (when Mac is running cloudflared)
Do NOT use Cloudflare for:
- Personal access (use Tailscale instead)
- NAS admin (use Tailscale instead)
- Internal services
Cloudflare Tunnel
- Tunnel Name:
agent-webhook - Tunnel ID:
f6da7bdf-d0f8-4796-a804-afb7984bbe11 - Runs On: Mac M4 (when online)
- Dashboard: https://one.dash.cloudflare.com/
Active Public Endpoints
| Domain | Service | Notes |
|---|---|---|
| gpu.blueflyagents.com | Ollama API | Via Tailscale to Vast.ai |
| llm.blueflyagents.com | vLLM API | Via Tailscale to Vast.ai |
| api.blueflyagents.com | Webhook handler | localhost:3005 |
| docs.blueflyagents.com | GitLab Pages | Static docs |
DNS Records (Current)
| Record | Type | Target |
|---|---|---|
| blueflyagents.com | A | 13.248.243.5, 76.223.105.230 |
| gpu.blueflyagents.com | CNAME | cfargotunnel.com |
| api.blueflyagents.com | CNAME | cfargotunnel.com |
| llm.blueflyagents.com | CNAME | cfargotunnel.com |
| docs.blueflyagents.com | CNAME | blueflyio.gitlab.io |
Tunnel Config (Mac)
Location: ~/.cloudflared/config.yml
tunnel: f6da7bdf-d0f8-4796-a804-afb7984bbe11 credentials-file: ~/.cloudflared/f6da7bdf-d0f8-4796-a804-afb7984bbe11.json ingress: # GPU via Tailscale - hostname: gpu.blueflyagents.com service: http://vastai-gpu.tailcf98b3.ts.net:11434 - hostname: llm.blueflyagents.com service: http://vastai-gpu.tailcf98b3.ts.net:8000 # Local webhook handler - hostname: api.blueflyagents.com service: http://localhost:3005 - hostname: mesh.bluefly.internal service: http://localhost:3005 # Catch-all - service: http_status:404
Running the Tunnel
# Start tunnel cloudflared tunnel run # Or via homebrew service brew services start cloudflared
Key Files
| File | Location |
|---|---|
| Tunnel config | ~/.cloudflared/config.yml |
| Tunnel creds | ~/.cloudflared/f6da7bdf-*.json |