Skip to content

feat(cloudflare): edge demo CF Tunnel public exposure (TRA-957)#152

Merged
mikestankavich merged 7 commits into
mainfrom
miks2u/tra-957-expose-edge-demo-app-publicly-via-cloudflare-tunnel
Jun 8, 2026
Merged

feat(cloudflare): edge demo CF Tunnel public exposure (TRA-957)#152
mikestankavich merged 7 commits into
mainfrom
miks2u/tra-957-expose-edge-demo-app-publicly-via-cloudflare-tunnel

Conversation

@mikestankavich

Copy link
Copy Markdown
Contributor

Infra side of TRA-957 — expose the edge demo app at https://app.demo.trakrf.id via a Terraform-managed Cloudflare Tunnel.

What

  • terraform/cloudflare/demo-tunnel.tfrandom_id secret + cloudflare_zero_trust_tunnel_cloudflared (remotely-managed config) + ingress config (app.demo.trakrf.idhttps://traefik:443, box-local leg no_tls_verify, catch-all 404) + proxied CNAME replacing the stale private A record.
  • outputs.tfdemo_tunnel_token (sensitive); justfiletunnel-token recipe.
  • terraform/bootstrap/main.tf — grant the terraform-infrastructure API token Cloudflare Tunnel Read/Write (required to manage the tunnel; in-place token update, value unchanged).

Applied

just bootstrap (token perms, 1 changed) then just cloudflare (3 added: tunnel, ingress config, CNAME). Stale A app.demo.trakrf.id → 192.168.8.10 deleted out-of-band first (CNAME can't coexist with A). Tunnel id 0d54500e-fbc2-4486-abbb-8490f55b634f.

Box side (separate platform PR)

cloudflared quadlet + opportunistic LE cert renewal in trakrf/platform deploy/edge. Until the box connects, the edge returns CF 1016 — expected.

Spec + plan: docs/superpowers/specs|plans/2026-06-08-tra-957-*.

🤖 Generated with Claude Code

@mikestankavich mikestankavich merged commit bb11d8f into main Jun 8, 2026
35 of 38 checks passed
@mikestankavich mikestankavich deleted the miks2u/tra-957-expose-edge-demo-app-publicly-via-cloudflare-tunnel branch June 8, 2026 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant