danielrosehill/cloudflared-with-defined-dns.md

Last active May 17, 2025 16:59

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/danielrosehill/672987c7577fd6649931a673788282a9.js"></script>
Save danielrosehill/672987c7577fd6649931a673788282a9 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

cloudflared-with-defined-dns.md

Cloudflare Docker Compose With Specified DNS

When This Might Be Necessary

In setups where your containerized environment is behind:

OPNsense as the network firewall/router
cloudflared as a DNS forwarder (e.g., for DoH/DoT)

You may encounter repeated tunnel crashes with errors like:


lookup region1.v2.argotunnel.com on 127.0.0.11:53: server misbehaving

This is due to Docker’s internal DNS hitting a local resolver that cannot correctly resolve SRV records for Cloudflare services.

Solution

Use this Compose setup to:

Attach the tunnel container to an existing Docker network (CloudFlare)
Override its DNS resolution with public resolvers (1.1.1.1 / 8.8.8.8)

Optional Enhancements

Mount a config.yml to /etc/cloudflared/config.yml for more control
Set TZ and logging options if needed

Docker Compose

Replace with your CF token as provided in the tunnel config.

This snippet is for deploying into a docker network with an existing network for Cloudflare

services:
  cloudflared:
    image: cloudflare/cloudflared:latest
    command: >
      tunnel --no-autoupdate run --token <REDACTED_CLOUDFLARE_TOKEN>
    restart: unless-stopped
    networks:
      - CloudFlare
    dns:
      - 1.1.1.1  # Cloudflare DNS
      - 8.8.8.8  # Google DNS

networks:
  CloudFlare:
    external: true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment