From 9a06c52f2763df909fcf20ab1e9be75e6038943a Mon Sep 17 00:00:00 2001
From: Alex Szumko <szumkoal@protonmail.com>
Date: Fri, 12 Dec 2025 10:01:26 -0500
Subject: [PATCH] Created tunnel network to keep cf tunnel isolated from
 homelab network

---
 cloudflared/docker-compose.yml | 7 +++++++
 nginx/docker-compose.yml       | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/cloudflared/docker-compose.yml b/cloudflared/docker-compose.yml
index 01f5545..ba9429a 100644
--- a/cloudflared/docker-compose.yml
+++ b/cloudflared/docker-compose.yml
@@ -2,9 +2,16 @@ services:
   cloudflared:
     image: cloudflare/cloudflared:latest
     restart: unless-stopped
+    networks:
+      - 'default'
+      - 'tunnel'
     volumes:
       - ./config.yml:/etc/cloudflared/config.yml
       - ./${TUNNEL_ID}.json:/etc/cloudflared/${TUNNEL_ID}.json   # Use environment variable for tunnel ID
     command: tunnel --no-autoupdate --config /etc/cloudflared/config.yml run
     env_file:
       - .env  # Reference the .env file to inject environment variables
+
+networks:
+  tunnel:
+    external: true
diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml
index 4f8bbf3..43d670f 100644
--- a/nginx/docker-compose.yml
+++ b/nginx/docker-compose.yml
@@ -8,6 +8,7 @@ services:
       # - '443:443'
     networks:
       - 'homelab'
+      - 'tunnel'
     volumes:
       - ./data:/data
       - ./letsencrypt:/etc/letsencrypt
@@ -15,3 +16,5 @@ services:
 networks:
   homelab:
     external: true
+  tunnel:
+    external: true