Cloudflare Tunnel Setup

Cloudflare Tunnel lets you expose your self-hosted TriScreen instance to the internet without opening ports or configuring a firewall. This is required for public careers pages.

Why Cloudflare Tunnel?

• No need to open ports on your firewall
• Free HTTPS certificate included
• DDoS protection from Cloudflare
• Works behind NAT, corporate firewalls, etc.
• Free tier is sufficient for most TriScreen deployments

Prerequisites

• A Cloudflare account (free)
• A domain name added to Cloudflare DNS
• TriScreen running on localhost:5000

Step 1: Install cloudflared

Download the cloudflared binary for your platform:

# macOS
brew install cloudflared

# Windows (download from Cloudflare)
# https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/

# Linux
curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o cloudflared
chmod +x cloudflared

Step 2: Authenticate

cloudflared tunnel login

This opens a browser window where you select the domain to use.

Step 3: Create a Tunnel

cloudflared tunnel create triscreen
cloudflared tunnel route dns triscreen careers.yourdomain.com

Step 4: Configure and Run

Create ~/.cloudflared/config.yml:

tunnel: triscreen
credentials-file: ~/.cloudflared/<tunnel-id>.json

ingress:
  - hostname: careers.yourdomain.com
    service: http://localhost:5000
  - service: http_status:404

Start the tunnel:

cloudflared tunnel run triscreen

Step 5: Verify

Visit careers.yourdomain.com in your browser. You should see your TriScreen careers page. Candidates can now apply directly through this URL.

Running as a Service

For production use, install cloudflared as a system service so it starts automatically:

cloudflared service install