From 4ef852cbe023bec4e94afbfea56c4c9a2e8919b7 Mon Sep 17 00:00:00 2001
From: Manuel Sosi <manuel.sosi@soleyma.com>
Date: Sun, 19 Oct 2025 18:00:39 +0100
Subject: [PATCH] adding cloudflared

---
 CLOUDFLARED/Docker compose.md | 48 +++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 CLOUDFLARED/Docker compose.md

diff --git a/CLOUDFLARED/Docker compose.md b/CLOUDFLARED/Docker compose.md
new file mode 100644
index 0000000..a09655a
--- /dev/null
+++ b/CLOUDFLARED/Docker compose.md	
@@ -0,0 +1,48 @@
+https://developers.cloudflare.com/cloudflare-one/
+
+
+==ATTENZIONE== è fondamentale che nella configurazione si scelga la rete ==host== per poter accedere alla rete del dispositivo (quindi anche DSM)
+
+```yaml
+version: '3.8'
+services:
+  cloudflared:
+    privileged: true
+    container_name: cloudflared
+    image: cloudflare/cloudflared
+    restart: unless-stopped
+    network_mode: host
+    command: tunnel --no-autoupdate run
+    environment:
+      - TUNNEL_TOKEN=eyJhIjoiMTllMDY2ZDMxOWM1MTg3ZTBmODE2ZWE5N2M5MWZiMmQiLCJ0IjoiZjM0NWFkNTUtZTQ4Zi00ZTM5LTgyYTUtZTlhOWZhZjU2NjhhIiwicyI6Ik5EZGpOMkkwTWpBdE5qaGhPUzAwTm1VM0xXSXlOVGN0WlRNME5tVmlORE13T0RsaiJ9
+
+```
+
+## SYNOLOGY DOCKER
+- scaricare l'immagine docker `cloudflare\cloudflared`
+- accendere un nuovo container ed impostare
+	- auto-restart
+	- rete: mettere bridge
+	- comando
+		- andare su cloudflare \ tunnel \ create tunnel
+		- mettere il nome e selezionare docker
+		- il comando va estratto dalla stringa docker ed è una cosa tipo quello che si vede sotto EVIDENZIATO
+		  
+		  docker run cloudflare/cloudflared:latest ==tunnel== --no-autoupdate ==run --token eyJhIjoiMTllMDY2ZDMxOWM1MTg3ZTBmODE2ZWE5N2M5MWZiMmQiLCJ0IjoiMGFkYzI3MGQtNzFmZS00ZjM1LWJhZGUtMDQ3ZTZkODYwMmZhIiwicyI6Ik1qUXlZV0UxTmpZdE56QTVaQzAwWm1VeExUbGpOalV0T0Rkak1USmlOVEl5TXpFMSJ9==
+
+		- il resto va scartato
+	- `crea il container` e dopo su cloudflare `crea il tunnel`
+	- una volta fatto bisogna modificare il tunnel su cloudflare ed aggiungere l'hostname desiderato
+
+### TUNNEL 1
+```
+tunnel run --token eyJhIjoiMTllMDY2ZDMxOWM1MTg3ZTBmODE2ZWE5N2M5MWZiMmQiLCJ0IjoiMTI5Y2Y1MTgtNTNkNC00MWQ2LTk5YzAtNmZhYmQ3Yzg1OTM5IiwicyI6Ill6QmtaVE5rTURZdE9EZzNNaTAwWVRKaUxXSTJaRGd0TURjM05HUTNPVEUwT0dZMCJ9
+```
+### TUNNEL 2
+
+```
+tunnel run --token eyJhIjoiMTllMDY2ZDMxOWM1MTg3ZTBmODE2ZWE5N2M5MWZiMmQiLCJ0IjoiMTI5Y2Y1MTgtNTNkNC00MWQ2LTk5YzAtNmZhYmQ3Yzg1OTM5IiwicyI6Ill6QmtaVE5rTURZdE9EZzNNaTAwWVRKaUxXSTJaRGd0TURjM05HUTNPVEUwT0dZMCJ9
+```
+## CLIENT WARP
+https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/use-cases/ssh/ssh-infrastructure-access/
+Per usare la strategia ZEROTRUST di Cloudflare
\ No newline at end of file