DockFlare is a self-hosted ingress controller for Cloudflare that automates Cloudflare Tunnel configuration from Docker container labels. It centralizes DNS and Cloudflare Zero Trust Access management, and includes a web UI for manual definitions and policy overrides.

Key Features

Automatic Cloudflare Tunnel and DNS record management driven by Docker labels
Web UI for creating services, applying overrides, and managing reusable Access Groups/Policies
Built-in Identity Provider management for OAuth/OIDC (including generic OIDC)
Public vs authenticated access modes mapped to Cloudflare Access decisions
Multi-server “master/agent” architecture for managing workloads across multiple hosts
Redis-backed coordination for caching and cross-process signaling
Backup and restore of DockFlare instance data (including encrypted credentials)

Use Cases

Publish internal services securely without manually configuring Cloudflare dashboards
Standardize Cloudflare Access policies across many apps using reusable groups
Orchestrate tunnels and access controls across a homelab or multi-host environment

Limitations and Considerations

Requires a Cloudflare account and API token permissions to manage tunnels, DNS, and Access resources
Primarily designed around Docker event/label workflows; non-Docker services may require manual definitions

DockFlare is well-suited for operators who want Cloudflare Tunnel-based ingress with centralized, repeatable policy management. It reduces configuration drift by syncing desired state from labels and UI-managed rules while supporting multi-host environments through agents.