Home data center series uses domestic cloud hosting to get free cloudflare to achieve fast access to domestic sites from abroad
This article was last updated 193 days ago. The information in it may have developed or changed. If it is invalid, please leave a message in the comment section.

Preface

Actually, from the title of the demand, it seems not very meaningful now, because if you only use cloudflare, there are too many ways to quickly access domestic sites from abroad (tunnel, custom host). I considered this issue at the time because in order to solve the filing problem, I had already spent more than 20 yuan per month to buy Tencent Cloud's high-end lightweight servers. Although many applications (uptime-kuma, bind9, redis, cryptgeon, komga, shlink server, bark, tailscale relay server) were already running on it, the resources were still not fully utilized:

image.png

I always feel that the 20 yuan is a waste, so I always want to find something to do with the cloud host. However, the cloud host I registered has a legitimate HTTPS port 443, which cannot be wasted, so I decided to do this (if you don’t have a ready-made registered domain name, this method is not recommended, refer to my other article:A series of tricks to use cloudflare to build a website quickly using home broadband without public IP (general purpose)).

Preparation

Prepare a new or idle domain name and complete the record, assuming it is example1212.com. This is because the free version of cloudflare does not support adding subdomains:

image.png

所以必须把整个example1212.com对应的权威DNS指向cloudflare(其实还有”自定义主机名”的方式,不过那个比较折腾,以后有机会单独用一篇文章来讲)。


In fact, you don’t necessarily need a brand new (or idle) domain name here. You can use an existing one. The configured records can actually be imported into cloudflare. However, many hosts under the domain name I use use Tencent Cloud’s CDN, so I don’t want to bother with CNAME. Secondly, I am also worried that if I put them all on cloudflare, in case China performs negative optimization on cloudflare, it will affect normal access. So I just use a new domain name for the experiment. (Additional note: After a period of tossing, I think the best solution is to have two domain names, one registered for domestic access, and one unregistered, which is used for foreign access and as a backup when there is a problem with the domestic domain name. It is best to transfer the unregistered domain name directly to cloudflare and not put it under the management of a domestic domain name agency).

In fact, there is a compromise method, which is to point the authoritative DNS of the domain name in use to cloudflare in the DNS service provided by your domestic domain name provider (for example: Tencent Cloud's dnspod or Alibaba Cloud DNS resolution), and cloudflare uses NS records to delegate specific subdomains to your domestic domain name provider for resolution. In this way, through advance planning, cloudflare and domestic domain name providers can each be responsible for their own resolution. This method is supported by the free version of the DNS solutions of the two domestic domain name providers mentioned above. This method requires adding txt records on CF according to the information provided by the domestic domain name provider and then passing the verification of the domestic domain name provider, as well as adding NS records on CF according to the dns server provided by the domestic domain name provider after verification. I will use an article to talk about this separately later.


Have a cloudflare account, if not, register one.

Have a cloud host with a public network address and a registered domain name.

Add domain name on CF

登录cloudflare,在点击最上方的红框中的”添加站点”或者”网站”-“添加站点”,如下图:

image.png

Enter your domain name example1212.com in the red box below and click Continue below:
image.png

Select the Free plan in the red box below (rich people can choose as they like) and click Continue:
image.png

The following page appears:
image.png

To add records uniformly later, just click Continue below and the following interface will appear:
image.png

Click OK and the following interface will appear:
image.png

The part in the red box is the authoritative DNS of CF that we need to point to at the domestic domain name provider in the next section
Address, and finally click Done in the interface below. At this time, you can already see the domain name we just added on the website.
image.png

Modify the authoritative DNS address pointed to by the registered domain name

登录国内域名上提供的DNS操作面板(以腾讯dnspod免费版为例),在”控制台”-“产品管理”搜索”域名注册”并回车:

image.png

点击红框中的”我的域名”,在要操作的域名的最右边选择”更多”下拉菜单,然后选择”修改DNS服务器”,如下图:
image.png

Enter the following interface:
image.png

在上图中选择”自定义DNS”,然后在下面的框里填写在上节CF配置最后页面给出的CF权威DNS服务器地址,最后点击下方红框中的提交。

Note: After submission, it will take effect within 24-48 hours. After it takes effect, the red box below example1212.com in the cloudflare website section will show the prompt
image.png

会变成”有效”字样,如下:
image.png

Configure CF to proxy domestic cloud hosts

从”网站”-“example1212.com”-“DNS”-“记录”点击”添加记录”,如下图:

image.png

Fill in the name (e.g. blog), the IPv4 public network address of the domestic cloud host (e.g. 43.44.45.46), and the proxy enable status as shown in the red box below, and finally click Save below:
image.png

This enables access to the host domain blog.example1212.com, and points the source host to port 443 of the cloud host corresponding to the public IP 43.44.45.46. Note: CDN is not enabled by default in the free version of Cloudlfare, and needs to be configured through page rules. I will have the opportunity to write a separate article about this later.

Cloud host configuration

In this example, the cloud host needs to add the blog.example1212.com site through the WEB server software (nginx, apache installed by Baota Linux Panel, or separate nginx and apache, depending on what you are used to). There are several subdivisions here:
1. If the site is originally built on the cloud host and the domain name is originally this, then you don’t need to do anything, it’s already done
2. If the site is originally built on the cloud server, but the domain name is not this (as mentioned at the beginning of this article, use a brand new domain name), you need to create a site for this brand new domain name, which is blog.example1212.com in this article, and then configure the reverse proxy to point to the correct source site address (either the local address or the domain name).
3. If the site is not on the cloud host (for example, my source site is in the home data center and published through Tencent Cloud CDN), and the domain name is not this, then you need to configure the reverse proxy in the same way as in 2 (in this case, the reverse proxy can point to the CDN domain name, or to the domain name and port of the source site in the home data center).

Finally, a friendly reminder to configure the SSL/TLS type properly and choose the method that suits you:

image.png

我因为在云主机上针对国外访问的域名(本文中是blog.example1212.com)对应的站点使用了let’s encrypt来自动申请及更新证书,也就是说有合法的SSL证书,所以才选择的这个”完全”,大家需要根据自己的实际情况来选择合适的方式,否则访问是会报错的。

The content of the blog is original. Please indicate the source when reprinting! For more blog articles, you can go toSitemapUnderstand. The RSS address of the blog is:https://blog.tangwudi.com/feed, welcome to subscribe; if necessary, you can joinTelegram GroupDiscuss the problem together.
No Comments

Send Comment Edit Comment


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠(ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ°Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
Emoticons
Emoji
Little Dinosaur
flower!
Previous
Next
       

This site has disabled the right mouse button and various shortcut keys. The code block content can be copied directly by clicking the copy button in the upper right corner

en_US