Skip Navigation

Exposing only the Vaultwarden "Send"-Feature via Cloudflare Tunnel

Hey,

I am hosting vaultwarden with traefik in my homelab. I can connect via tailscale from everywhere. Working fine.

The Send Feature sounds really cool to me, but it doesnt make sense to have this behind tailscale (for sharing with others).

I am wondering if its secure to only publish the /send URL via Cloudflare or if there is a way to get to my vault then. I think Cloudflare Page Rules would be the feature to use here.

1

How do you handle your local DNS on your mobile device?

I have a local Adguard home sever, which is used as DNS and DHCP Server. This is completely working fine on my Computers. I was wondering why my phone is still showing ads which were blocked on my PC.

Then I found out that my mobile device is not using my local DNS. I am using a public tld in my home to have valid let's encrypt certs also on my private services. But this is not working on my Android. I found out that my phone is using hard coded DoH Servers. I found people with the same problem online, they are blocking DoH and routing all Port 53 traffic to the local DNS. I did the same. But the only thing I get as result is a timeout in the mobile Webbrowser.

How is it possible to use my local DNS server with public tld on mobiles? Any help is appreciated 👍

10