Does anyone have an idiot’s guide to making #Cloudflare tunnels work with hosted-from-the-living-room #runtipi?

I own a domain. I have subdomains set up for the apps. I cannot for the life of me figure out how to make the tunnel I set up connect to the running app instance. I’ve got Cloudflared running on the local machine. I have no idea what to use as an A record though. #TechHelp

I’ve followed four guides including the official runtipi one and none worked. I’d get 404 or 503 errors.

Does anyone have an idiot’s guide to making #Cloudflare tunnels work with hosted-from-the-living-room #runtipi?

I own a domain. I have subdomains set up for the apps. I cannot for the life of me figure out how to make the tunnel I set up connect to the running app instance. I’ve got Cloudflared running on the local machine. I have no idea what to use as an A record though. #TechHelp

I’ve followed four guides including the official runtipi one and none worked. I’d get 404 or 503 errors.

Cloudflare zero-day: Accessing any host globally

https://fearsoff.org/research/cloudflare-acme

#HackerNews #Cloudflare #ZeroDay #CloudSecurity #CyberThreats #Vulnerability #Research #AccessControl

What came first: the CNAME or the A record?

https://blog.cloudflare.com/cname-a-record-order-dns-standards/

#HackerNews #CNAME #ARecord #DNS #DNSStandards #Cloudflare

@Tutanota Vivaldi is US and run on US infrastructure #cloudflare #github and probably an #us #hyperscaler

@ecosia

Out of curiosity, I analysed Ecosia's infrastructure (through IPs and ASNs) to find out whether it is #European or not.

I was surprised to find that it relies on #AWS S3 for financial data reports (stored .json data), #Amazon Cloudfront for the Ecosia.org search, Fastly for blog.ecosia.org, #Cloudflare for the Ecosia.org homepage, #Google Ads and probably others.

In July 2025, they posted on their blog that 'digital #sovereignty is just #oneclickaway', stating that Europe's digital backbone is dependent on the US and all the problems this entails, such as a lack of control.

They also said, 'We've always believed that where you search matters' and 'Digital #sovereignty is climate action too', despite the fact that they depend on Big Tech themselves and use almost no EU infrastructure in practice.

As Ecosia is a signatory to the #EuroStack initiative, why haven't you migrated your infrastructure to #European solutions?

It is worrying to know that, by switching to Ecosia, practically 100% of my traffic goes through non-EU companies. I would like to see more independence on your part.

'Building and using local infrastructure means reducing transatlantic data traffic, increasing energy efficiency, and cutting down on the carbon footprint of cloud computing. Plus, tech companies that are based here are more likely to be held accountable to EU environmental standards. It's a win-win.’ – Ecosia Blog https://blog.ecosia.org/digital-sovereignty-is-just-oneclickaway/

#eu #ecosia #eurostack #sovereignty #privacy #bigtech #sustainability

@ecosia

Out of curiosity, I analysed Ecosia's infrastructure (through IPs and ASNs) to find out whether it is #European or not.

I was surprised to find that it relies on #AWS S3 for financial data reports (stored .json data), #Amazon Cloudfront for the Ecosia.org search, Fastly for blog.ecosia.org, #Cloudflare for the Ecosia.org homepage, #Google Ads and probably others.

In July 2025, they posted on their blog that 'digital #sovereignty is just #oneclickaway', stating that Europe's digital backbone is dependent on the US and all the problems this entails, such as a lack of control.

They also said, 'We've always believed that where you search matters' and 'Digital #sovereignty is climate action too', despite the fact that they depend on Big Tech themselves and use almost no EU infrastructure in practice.

As Ecosia is a signatory to the #EuroStack initiative, why haven't you migrated your infrastructure to #European solutions?

It is worrying to know that, by switching to Ecosia, practically 100% of my traffic goes through non-EU companies. I would like to see more independence on your part.

'Building and using local infrastructure means reducing transatlantic data traffic, increasing energy efficiency, and cutting down on the carbon footprint of cloud computing. Plus, tech companies that are based here are more likely to be held accountable to EU environmental standards. It's a win-win.’ – Ecosia Blog https://blog.ecosia.org/digital-sovereignty-is-just-oneclickaway/

#eu #ecosia #eurostack #sovereignty #privacy #bigtech #sustainability

Astro Joining Cloudflare

https://astro.build/blog/joining-cloudflare/

#HackerNews #Astro #Cloudflare #Tech #News #WebDevelopment #OpenSource

Cloudflare threatens Italy exit over €14M fine

https://ioplus.nl/en/posts/cloudflare-threatens-italy-exit-over-14m-fine

#HackerNews #Cloudflare #Italy #Exit #Fine #TechNews #CloudflareThreats

Did #cloudflare's 1.1.1.1 domain just suddenly change their certificate issuer from DigiKey to SSL.com? I can't find much on their website about this.

Their Digikey Root CA should have been valid until 2038, but 1.1.1.1 now refuses to negotiate under this key, at least on #mikrotik

Strange...

Did #cloudflare's 1.1.1.1 domain just suddenly change their certificate issuer from DigiKey to SSL.com? I can't find much on their website about this.

Their Digikey Root CA should have been valid until 2038, but 1.1.1.1 now refuses to negotiate under this key, at least on #mikrotik

Strange...

Look, if you are interested in #DigitalSovereignty it is important to realise that the #Iran #InternetBlackout is not really that. It is not the sort of damaging loss of services we have seen recently with #Crowdstrike or #Cloudflare.

The National Information Network of Iran or #IranianIntranet is structured so that they can cut the cables to the outside world and (most) Iranian digital services continue to function. (1/3)

Look, if you are interested in #DigitalSovereignty it is important to realise that the #Iran #InternetBlackout is not really that. It is not the sort of damaging loss of services we have seen recently with #Crowdstrike or #Cloudflare.

The National Information Network of Iran or #IranianIntranet is structured so that they can cut the cables to the outside world and (most) Iranian digital services continue to function. (1/3)

Il post LinkedIn della professoressa Elisa Giomi, membro dissidente del collegio di AGCOM

Rispetto alla sanzione di #Agcom da oltre 14 milioni a #Cloudflare ho preso convintamente le distanze, come sull’intero procedimento che ha portato alla nascita di #PiracyShield.
Non condivido, però, neppure la concezione di tutele e #regole, per quanto perfettibili, come inutili fardelli.

In ogni caso, tra chi ci vede una svolta nella lotta alla #pirateria e chi un preoccupante “salto di qualità” verso #blocchi infrastrutturali sempre più automatici, il provvedimento ha riaperto un confronto importante.
Che merita meno tifoserie e più #metodo.

Tipo: discutere di proporzionalità, #garanzie e sostenibilità operativa. Metto dunque a fattor comune gli aspetti che ritengo possano fare la differenza tra costruire uno strumento stabile o un #contenzioso permanente.

1) Se l’enforcement si estende verso servizi infrastrutturali come #DNS pubblici, CDN o altri intermediari tecnici, il tema non è se i fornitori possano avere un ruolo nel contrasto ai contenuti #illeciti ma come evitare criteri troppo larghi che finiscano per trascinare nella rete anche usi pienamente leciti.
Un’infrastruttura molto diffusa può comparire spesso anche nei contesti illeciti, ma questo non dovrebbe tradursi automaticamente in #obblighi applicati in modo indistinto.

2) Alla velocità del blocco dovrebbe corrispondere una velocità comparabile di correzione, con procedure chiare, tracciabili e tempi di ripristino espliciti, perché gli errori o gli #overblocking per quanto non desiderati sono sempre possibili e quando accadono ne derivano danni immediati.

3) È fisiologico che le segnalazioni operative arrivino dai titolari dei #diritti o da soggetti incaricati ma un sistema di accertamento delle #violazioni credibile nel lungo periodo dovrebbe poggiare su standard pubblici minimi di qualità della prova, #audit indipendenti periodici e un #contraddittorio effettivo e tempestivo, almeno nei casi dubbi o ricorrenti.

4) Chi sostiene i #costi tecnici, legali e organizzativi di questa operatività quotidiana? Se una quota rilevante ricade su #ISP e intermediari, è ragionevole aprire una discussione su governance, cost-sharing (o criteri trasparenti di ripartizione), responsabilità in caso di segnalazioni errate e reportistica pubblica su volumi, #tempi ed esiti.

In sintesi: proviamo ad uscire dal manicheismo del “pro” o “contro” e chiediamoci invece quali garanzie e quali metriche nel sistema dei blocchi è necessario implementare...

linkedin.com/posts/elisa-giomi…

@pirati

Cloudflare crie à la censure et menace de quitter l’Italie après une amende salée - https://next.ink/brief_article/cloudflare-crie-a-la-censure-et-menace-de-quitter-litalie-apres-une-amende-salee/

> L'AGCOM reproche au géant états-unien de ne pas avoir mis en œuvre le blocage par son résolveur DNS 1.1.1.1 de sites pirates qu'elle lui avait demandé en février 2025 en s'appuyant sur la loi anti-piratage italienne votée en 2023.

#italie #cloudflare

I received a tag from @TomSeppert - whom I thank - pointing me to the latest post on X by the CEO of Cloudflare, Matthew Prince. Long story short, the Italian AGCOM has fined Cloudflare a very large amount because, according to them, the company did not implement adequate measures to reduce the impact of piracy in Italy. Prince responded with a very aggressive post, threatening to shut down Cloudflare servers and free services in Italy, and to stop providing “pro bono” services for the Milan-Cortina Olympics.

I understand Matthew Prince’s outrage. I cannot really quantify the impact of piracy in Italy, but I know for a fact that, because of a ridiculous law, whenever we buy any kind of storage device like SSDs, NVMe drives, hard disks, and so on, we pay a substantial tax because we might "potentially" use them to store copyrighted material. This has always made me furious. It is a law that dates back to the era of blank CDs and DVDs, and while it was already questionable back then, today it is simply absurd. At the time, we fought hard against its approval, but to no avail.

Unfortunately, in Italy there are some very powerful interests at play. Among them are the rights related to football matches. And all of this starts there. If there is one reason why football is among the sports I dislike the most, it is also because of this: the flow of money, power, and white-collar crime behind it has disgusted me since I was a child.

That said, if Matthew Prince had expressed all of this in a different way, I would have fully agreed with him. Far too often, "security" is used as an excuse for censorship on the Internet. But the wording, the tone, the threats, and the overall attitude really bothered me. Threats always sound bad, especially when they come from the head of one of the most critical companies on the Internet.

And once again, I feel the need to repeat it: the Internet must remain decentralized.

Our freedom cannot and must not depend on lobbies, but neither on a small group of enormous companies.

#Cloudflare #IT #SysAdmin #Internet

I received a tag from @TomSeppert - whom I thank - pointing me to the latest post on X by the CEO of Cloudflare, Matthew Prince. Long story short, the Italian AGCOM has fined Cloudflare a very large amount because, according to them, the company did not implement adequate measures to reduce the impact of piracy in Italy. Prince responded with a very aggressive post, threatening to shut down Cloudflare servers and free services in Italy, and to stop providing “pro bono” services for the Milan-Cortina Olympics.

I understand Matthew Prince’s outrage. I cannot really quantify the impact of piracy in Italy, but I know for a fact that, because of a ridiculous law, whenever we buy any kind of storage device like SSDs, NVMe drives, hard disks, and so on, we pay a substantial tax because we might "potentially" use them to store copyrighted material. This has always made me furious. It is a law that dates back to the era of blank CDs and DVDs, and while it was already questionable back then, today it is simply absurd. At the time, we fought hard against its approval, but to no avail.

Unfortunately, in Italy there are some very powerful interests at play. Among them are the rights related to football matches. And all of this starts there. If there is one reason why football is among the sports I dislike the most, it is also because of this: the flow of money, power, and white-collar crime behind it has disgusted me since I was a child.

That said, if Matthew Prince had expressed all of this in a different way, I would have fully agreed with him. Far too often, "security" is used as an excuse for censorship on the Internet. But the wording, the tone, the threats, and the overall attitude really bothered me. Threats always sound bad, especially when they come from the head of one of the most critical companies on the Internet.

And once again, I feel the need to repeat it: the Internet must remain decentralized.

Our freedom cannot and must not depend on lobbies, but neither on a small group of enormous companies.

#Cloudflare #IT #SysAdmin #Internet