- Synpse - provides app deployment, SSH and HTTPS access.
- Cloudflare/Argo Tunnels - CloudFlare tunneling solution
- Docker - deploying containers on the edge devices prevents a lot of issues.
When deployed to a device, Synpse applications can be accessible via Synpse-SSH, Synpse-Forward or Synpse http tunnels. Any of these methods can be used in production or debugging. But sometimes it’s not enough. If you want to expose your device via a public URL, already managed and trusted by CloudFlare, you might want to setup Cloudflare (previously Argo) Tunnels. IT Ideal way to serve any application to the world from under your desk.
Depending on your RaspberryPi OS Docker installation might vary but in most cases this script from https://docs.docker.com/engine/install/ubuntu should do the job:
curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh
Log into your Synpse account, navigate to the “Devices” section and then click on “Provision”. Use the command in your RaspberryPi terminal. This will download, install and initialize the Synpse agent.
Once the device has appeared in your Synpse dashboard:
Once device is visible, click on the “edit labels” from the menu. Add a label ‘type: rpi’:
In Synpse, applications are installed into the devices based on device labels so it’s a good practice to label your devices accordingly.
In our example we already have VueTorrent and Plex deployed. And we want to stream and watch movies from your RaspberryPi to anywhere in the world.
Go into Zero Trust Dashboard of Cloudflare.
Create a tunnel and create a new tunnel.
Copy token from any of the provided tabs. It should look like this:
We are going to deploy single instance for CloudFlare application to all our devices, so all of them appears in our dashboard.
Create a Synpse secret with the token from step 3:
Once tunnel is deployed you should see it in the dashboard:
In the individual tunnel, create hostname path for your applications. In our case we have 2 domains:
When creating a hostname, make sure to expose port of your choosing either with
stanza or use
networkMode: host in the application. Mode about this in our documentation,
Important: Make sure you configure authentication to all applications you exposing via tunnels!
You can deploy tunnels for individual applications, as part of application, or for all devices as we did it here. Deploying to all devices and deploying same application across multiple devices will give you HA capabilities.
Either way it works and you can access all your remote application from anywhere in the world under your trusted domains!