TOR with CloudFlared Argo Tunnel

installation
1

I have a small question/issue with TOR and discourse;

I have setup TOR with discourse and it’s working fine with NPM (Nginx Proxy Manager); but for more private i decide using CloudFlared argo tunnel than NPM, since CloudFlared have issue with NPM as it must be first connected with origin IP, ex error ( Error 1000: DNS points to prohibited IP ) ; and NPM proxy that; so i disable NPM and move with CloudFlared.

The error explain the following which could let us closer to fix the issue;

Common causes

  • An A record within your Cloudflare DNS app points to a Cloudflare IP address, or a Load Balancer Origin points to a proxied record.
  • Your Cloudflare DNS A or CNAME record references another reverse proxy (such as an nginx web server that uses the proxy_pass function) that then proxies the request to Cloudflare a second time.
  • The request X-Forwarded-For header is longer than 100 characters.
  • The request includes two X-Forwarded-For headers.
  • A Server Name Indication (SNI) issue or mismatch at the origin.

Resolution

  • If an A record within your Cloudflare DNS app points to a Cloudflare IP address, update the IP address to your origin web server IP address.
    *** There is a reverse-proxy at your origin that sends the request back through the Cloudflare proxy. Instead of using a reverse-proxy, contact your hosting provider or site administrator to configure an HTTP redirect at your origin.** ← give attention here.

After disable NPM and setup cloudflared in the front TOP address only show me the title of the Discourse and not the context.

It’s doesn’t show me blank page without title… the title is working ( which is mean the connection works between container and cloudflare ) but content is blank and i believe it’s value in nginx.conf would fix it;

I try to disable the Nginx proxy which is “useless” with CloudFlare and replace it with these values for supporting CloudFlared argo tunnel;

proxy_pass http://unix:/home/f1r4s/discourse/shared/standalone/nginx.http.sock:;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;

#proxy_set_header Host $http_host;
#proxy_http_version 1.1;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Real-IP $remote_addr;

Can someone share some knowledge to fix this issue ? since TOR and CloudFlared, is highly recommended these days for our users privacy.

Please note when i disable CloudFlared argo tunnel and use NPM “PORT” not web socket, TOR working perfectly, but for more advanced security and privacy concern i’m shareing this issue.

Ed.