How to setup E2E Encryption for Immich Remote Access with Cloudflare Tunnel - eviltoast

I’m sure I’ll find the answer to my question here. It’s been asked a few times, but there hasn’t been a definitive answer. Everywhere, something else is said (#).

I want to set up remote access to Immich (a Docker image hosting service) using Cloudflare Tunnel. The problem is that by default, Cloudflare can see all the data that goes through the tunnel. To do this, I want to use TLS with self-signed certificates through Let’s Encrypt.

In this way, I can keep the data fully encrypted between the client and the server, in the following way:

client–>tls–>tunnel–>tls–>server. Then all traffic going through the tunnel would not be viewable.

Is this configuration really possible so that Cloudflare won’t be able to see my data? How can I make this entire configuration work at its best?

  • aviv926@alien.topOPB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Wow, thank you for the response, I’ll try to check it out, it seems like a complicated process for someone who just started with the whole self-hosting world. But thank you very much for the response!