jeff/portioner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Clarify order of Cloudflare Access setup to prevent container exposure

Browse Source
This commit is contained in:
Jeff Cheng
2026-02-22 21:17:42 -05:00
parent da3ef5d20e
commit 505cd353c8
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
webtop/SETUP.md
View File

@@ -46,7 +46,8 @@ Webtop provides a full Linux desktop environment (Ubuntu XFCE) directly in your
> [!CAUTION] > [!CAUTION]
> The Webtop container gives anyone who accesses it a passwordless root terminal (`sudo`) *within* the container. You **must not** expose this to the public internet (e.g., via Cloudflare Tunnel) without an authentication layer in front of it. > The Webtop container gives anyone who accesses it a passwordless root terminal (`sudo`) *within* the container. You **must not** expose this to the public internet (e.g., via Cloudflare Tunnel) without an authentication layer in front of it.
If you are routing `webtop.chengs.uk` through a Cloudflare Tunnel, follow these steps to secure it with Cloudflare Access: If you are routing `webtop.chengs.uk` through a Cloudflare Tunnel, follow these steps to secure it with Cloudflare Access. **CRITICAL: Do this BEFORE adding the public hostname to your Cloudflare Tunnel to ensure zero exposure time.**
1. Go to your **Cloudflare Zero Trust** Dashboard (`one.dash.cloudflare.com`). 1. Go to your **Cloudflare Zero Trust** Dashboard (`one.dash.cloudflare.com`).
2. Navigate to **Access** -> **Applications** and click **Add an Application**. 2. Navigate to **Access** -> **Applications** and click **Add an Application**.
3. Choose **Self-hosted**. 3. Choose **Self-hosted**.