The Tunnel feature of Tines provides a method to access your systems running on private networks from the Tines cloud environment, securely. Tunnel is deployed as a container service. Tunnel is available to Teams and Enterprise cloud deployment pricing plans and is not available to self-hosted deployments of Tines.
To enable the Tunnel feature, contact Tines support. Once enabled, visit
https://<tenant-domain>/admin/tunnel to obtain the information needed for deploying the container.
The Tunnel container can be run with Docker using the example below or similarly with other container orchestration platforms.
docker run \ --env TINES_TUNNEL_SECRET="secret" \ tines/tines-tunnel:latest
The Tunnel service will utilize the routing and DNS services of the host it is deployed on.
HTTP Requests can be sent through the Tunnel by utilizing the "Use tunnel" parameter in the configuration of a HTTP Request Action.
Tunnel uses Cloudflare Tunnels and requires connectivity to Cloudflare to function properly.
No inbound connectivity to the container is required by Tines from the internet or elsewhere. The container will attempt to form a connection with the services below from its deployment location.
If utilizing strict TLS/SSL inspection, exclude the above HTTPS traffic from the interception policy. Additionally, outbound traffic to
cftunnel.com needs to be excluded.
For more information, see Cloudflare's documentation here.