Update reverse-proxy.md (#1986)

Add blurb about how cloudflare proxy/tunnels is not supported/will not work
juanfont · Jun 22, 2024 · 99e91a9 · 99e91a9
1 parent dfc089e
commit 99e91a9
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/docs/reverse-proxy.md b/docs/reverse-proxy.md
@@ -15,6 +15,10 @@ The reverse proxy MUST be configured to support WebSockets, as it is needed for
 
 WebSockets support is required when using the headscale embedded DERP server. In this case, you will also need to expose the UDP port used for STUN (by default, udp/3478). Please check our [config-example.yaml](https://github.com/juanfont/headscale/blob/main/config-example.yaml).
 
+### Cloudflare
+
+Running headscale behind a cloudflare proxy or cloudflare tunnel is not supported and will not work as Cloudflare does not support WebSocket POSTs as required by the Tailscale protocol. See [this issue](https://github.com/juanfont/headscale/issues/1468)
+
 ### TLS
 
 Headscale can be configured not to use TLS, leaving it to the reverse proxy to handle. Add the following configuration values to your headscale config file.