BlueBubbles Server
  • Server Overview
  • Installation Guides
    • Standard Installation
    • Manual Setup
  • FAQ
  • Private API Setup
  • Supporting the Project
  • Licenses / Legal
  • Basic Guides
    • Basic Guides - Overview
    • Port Forwarding & Dynamic DNS
    • Prevent macOS from Sleeping
    • Migrating Servers
    • Multiple Users on the Same Mac
    • Autostart Server After Crash
  • Troubleshooting Guides
    • Troubleshooting Guides - Overview
    • BlueBubbles Server Cannot Access MacOS Contacts
    • Not Receiving Notifications or URL Changes on Android
    • Unable to Send Messages to International Contacts
    • BlueBubbles App is Taking Up Too Much Storage
    • Can't Send Messages from BlueBubbles
    • BlueBubbles Server Opens to a Blank White Screen
    • Slow Upload Speed When Connecting Over LAN
    • Restarting Your Server Without a Direct Connection
    • Fix FaceTime Features for Virtual Machines
  • Advanced Guides
    • Advanced Guides - Overview
    • Generating an SSL Certificate using CertBot
    • Disabling SIP on Unofficial Macs for the Private API
    • Registering a Phone Number with your iMessage Account
    • macOS Virtualization
      • Running a macOS VM
        • Deploying macOS in VMWare on Windows (Full Guide)
        • Enabling iMessage in a VM
        • External Guides
          • Big Sur VM on a Mac Device
          • Big Sur VM on Proxmox
          • Big Sur VM on AMD Windows
          • Big Sur VM on Intel Windows
          • Catalina VM on a Mac Device
          • Catalina VM on Proxmox
          • Catalina VM on Intel / AMD Windows
          • Catalina VM on Intel Windows
          • Monterey VM on AMD Windows
      • Running BlueBubbles in Docker-OSX
        • Configuring BlueBubbles as a Service
    • BYO Proxy Service Guides
      • Cloudflare with a Custom Domain
      • Caddy & DuckDNS
      • Nginx Proxy Manager
      • Nginx Manual Setup
      • Tailscale VPN Setup
  • Developer Guides
    • Developer Guides - Overview
    • Build Yourself / Contribution Guide
    • REST API & Webhooks
    • Simple Web Server for Webhooks
      • Python Web Server Example
Powered by GitBook
On this page
  • Installation
  • Linking a domain to Cloudflare
  • Setting up Cloudflare tunnels with your domain
  • Setting the bluebubbles server to the dynamic dns
  • OPTIONAL : Secure the server using Service Auth on Cloudflare

Was this helpful?

Edit on GitHub
Export as PDF
  1. Advanced Guides
  2. BYO Proxy Service Guides

Cloudflare with a Custom Domain

PreviousBYO Proxy Service GuidesNextCaddy & DuckDNS

Last updated 5 months ago

Was this helpful?

Pros:

  • Static URL, so no need to update Dynamic DNS in BlueBubbles server

  • Auto start at boot

  • You can configure a custom landing page to block unwanted connections to your server (in addition to the default one in BlueBubbles)

Cons:

  • You need a domain to link to Cloudflare (subdomain services like DuckDNS and No-IP won't work)

  • Setup is a tad bit more complicated

Installation

Linking a domain to Cloudflare

  1. Sign up for a Cloudflare account at

  2. Add a site on the portal

  3. Enter your domain name (do not use a subdomain)

  4. Click the free plan and click continue

  5. If you are using the domain for any other websites copy the records below (if you are just using the domain for BlueBubbles you can skip this part)

  6. Configure your domain name servers to Cloudflare

  7. Wait for Cloudflare to validate your domain

Setting up Cloudflare tunnels with your domain

  2. Select Create a tunnel

  3. Enter a name for your tunnel. For example, you could name it Bluebubbles.

  4. Select Save tunnel

  6. After installing cloudflared, you can see that when choosing your OS as Mac, cloudflare provides a command to enter into terminal. Run this command.

  7. Once the command has been run successfully, your connector will show up underneath the command in the Zero Trust Dashboard.

  8. Select Next

  9. Now in the Public Hostnames tab, type in your subdomain, for example, bluebubbles.(This does not have to be the name of your tunnel)

  10. Choose the main domain you want to use for it.

  11. Below, you should see a section called Service. For this, you want to put the localhost address for the bluebubbles server. The default one would be: HTTP://localhost:1234 .

  12. Save the tunnel

  13. After doing this, you may need to run sudo launchctl start com.cloudflare.cloudflared when initially setting up the tunnel to start it.

As we installed cloudflared as a service, it should automatically launch at startup.

Setting the bluebubbles server to the dynamic dns

  1. Navigate to the settings page of the server app

  2. Change the proxy to dynamic dns

  3. For the URL, type in the url displayed in the tunnels section of the Zero Trust dashboard. Make sure you use HTTPS as cloudflare uses that by default.

Now try opening the bluebubbles app and see if it connects.

OPTIONAL : Secure the server using Service Auth on Cloudflare

  1. It is recommended that you ensure the server is fully working and the app is connecting before proceeding.

  3. Select Create Service Token.

  4. Give it a name (This does not have to be the name of your server) like "bb".

  5. Set the duration to as long as you want before a new token is required (Non-expiring means you'll not have to reset this in the future).

  6. Click Generate Token.

  7. Record somewhere the Header and client ID and the Header and client secret. Hit Save.

  8. From the left hand menu go to Access > Applications.

  9. Select Add an application, and select Self-hosted.

  10. Leave everything as default unless specified below.

  11. Under Application Name put "Blue Bubbles".

  12. Under Subdomain set to the subdomain you used during "Setting up Cloudflare tunnels with your domain" above for example, "bluebubbles"

  13. Under Domain select the main domain you used for it.

  14. Click Next.

  15. Under Policy name, insert "servicetoken".

  16. Set Action to Service Auth.

  17. Under Configure Rules, change Selector drop-down to Service Token and select the service token name you set in step 4 above.

  18. Click Next & click Add application.

  19. In the Blue Bubbles app on Android (or Windows etc), under "Settings/Connection & Server" scroll down to "Configure Custom Headers".

  20. Add Header Key "cf-access-client-id" and set Value to your client id (remove "CF-Access-Client-Id:" from the start - ie only insert alphanumericstring.access)

  21. Add Header Key "cf-access-client-secret" and set Value to your client secret (remove "CF-Access-Client-Secret:" from the start - ie only insert longalphanumericstring)

  22. Hit OK.

  23. Test syncing your messages by selecting "Manually Sync Messages" for the last hour.

  24. In Cloudflare, from the left hand menu, go to Access > Service Auth and refresh the browser.

  25. "Last Seen" should be updated to shown the Service Token has been used.

  26. Congrats - your Blue Bubbles server is now secured so only your app can access it.

Login to the Zero Trust dashboard at and go to Networks > Tunnels.

Next, you will need to install cloudflared and run it. You can install it here,

Login to the Zero Trust dashboard at and go to Access > Service Auth.

https://dash.cloudflare.com/sign-up
https://dash.teams.cloudflare.com/
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation/
https://dash.teams.cloudflare.com/