How to use Cloudflare Zero Trust tunnel with YunoHost

This guide will help you with finding the port, setting up correct firewall rules and adding it to cloudflare. I’m going to skip important Cloudflare steps as this is purely aimed add users who already now how to use Cloudflare tunnels but are stuck at the YunoHost part.


  • If Cloudflared (your tunnel), is running on the same machine as YunoHost, skip part 2 and 3. If Cloudflared is running in the same network on a different machine/host, then step 2 is mandatory.

Step 1 (find the port of the application):

  • Go to the YunoHost admin page
  • Click on Tools < services: look for the application that you want to host through the tunnel, click on the application.
  • Now on this new page, you should see “Journalctl (logs)”, in the logs it will tell you which port it is.

Step 2 (Open the port with the firewall)

  • Go back to the YunoHost admin page
  • Click on Tools < Firewall
  • Scroll down towards “Operations”
  • Fill in the port and click save, after a couple of seconds you will see that the port is added and open.

Step 3 (test it)

Step 4 (Cloudflare)

  • I’m skipping many steps here as explained in the beginning.
  • On the Public Hostname Page of the Cloudflare tunnel, add the following under service:
    Type: HTTP
    URL: IpOfYunoHost:PortOfApplication

Note: If you have any questions, feel free to ask and I will try my best to help you.