NemoClaw Knowledge Wiki

Claude - Cloudflare setup

4 min read

Cloudflare Tunnel Setup for Cortex API

  1. Install cloudflared (WSL2)

Download and install

curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared chmod +x /usr/local/bin/cloudflared

  1. Quick tunnel (temporary, for testing)

cloudflared tunnel —url http://127.0.0.1:8000 This gives you a random https://xxx-xxx-xxx.trycloudflare.com URL. It changes every restart — fine for testing, not for production.

  1. Named tunnel (stable URL, recommended)

Login to Cloudflare (opens browser)

cloudflared tunnel login

Create a named tunnel

cloudflared tunnel create cortex-api

Route a subdomain to it (requires DNS on your Cloudflare domain)

cloudflared tunnel route dns cortex-api cortex.longboardfella.com.au

Run it

cloudflared tunnel run —url http://127.0.0.1:8000 cortex-api This gives you a stable https://cortex.longboardfella.com.au URL.

  1. Update worker config

Edit /home/longboardfella/cortex_suite/worker/config.env:

For quick tunnel (paste the URL cloudflared prints):

CORTEX_TUNNEL_URL=https://xxx-xxx-xxx.trycloudflare.com

For named tunnel:

CORTEX_TUNNEL_URL=https://cortex.longboardfella.com.au

  1. Set API token (security)

Pick a shared secret token:

Generate a random token

python3 -c “import secrets; print(secrets.token_urlsafe(32))” Then set it in three places: Cortex API — set environment variable before starting: export CORTEX_API_TOKEN=“your-token-here” export CORTEX_API_AUTH_REQUIRED=true uvicorn api.main:app —host 127.0.0.1 —port 8000 Worker — add to worker/config.env: CORTEX_API_TOKEN=your-token-here Website chatbot — add to site/chatbot/config.php on cPanel: define(‘LOCAL_CORTEX_API_TOKEN’, ‘your-token-here’);

  1. Run as a service (optional, keeps tunnel alive)

Install as systemd service

sudo cloudflared service install

Or just run in a tmux/screen session

tmux new -s tunnel cloudflared tunnel run —url http://127.0.0.1:8000 cortex-api

Ctrl+B, D to detach

  1. Verify end-to-end

Test tunnel reaches Cortex

curl https://cortex.longboardfella.com.au/health

Test authenticated search

curl -X POST https://cortex.longboardfella.com.au/search -H “Content-Type: application/json” -H “Authorization: Bearer your-token-here” -d ’{“query”: “test”, “max_results”: 3, “include_synthesis”: false}‘

Test worker meta sync is reaching the website

curl “https://longboardfella.com.au/admin/queue\_worker\_api.php?action=get\_cortex\_status” Startup order

  1. Start Cortex API (uvicorn)
  2. Start Cloudflare Tunnel (cloudflared)
  3. Start Worker (python worker/worker.py) — pushes meta within seconds
  4. Open Nova chatbot — Cortex pills should appear in quick-actions

❯ is the cloudfared setup under wsl run within the venv for cortex or at the root level outside venv? ● Outside the venv — at the root/system level. cloudflared is a standalone binary, not a Python package. It has nothing to do with the Cortex Python environment.

Install at system level (no venv)

sudo curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared sudo chmod +x /usr/local/bin/cloudflared The Cortex venv is only needed for running the FastAPI (uvicorn) and the worker. The tunnel just forwards HTTP traffic to 127.0.0.1:8000 — it doesn’t care what’s listening there. ❯ longboardfella@Fastfella:  curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared chmod +x /usr/local/bin/cloudflared curl: option -o: requires parameter curl: try 'curl --help' or 'curl --manual' for more information -bash: /usr/local/bin/cloudflared: No such file or directory chmod: cannot access '/usr/local/bin/cloudflared': No such file or directory ● The -o and the path got split onto two lines. Run it as one line with sudo: sudo curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared && sudo chmod +x /usr/local/bin/cloudflared ❯ longboardfella@Fastfella:~ sudo curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o curl: option -o: requires parameter curl: try ‘curl —help’ or ‘curl —manual’ for more information longboardfella@Fastfella: sudo curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 % Total    % Received % Xferd  Average Speed  Time    Time    Time  Current Dload  Upload  Total  Spent    Left  Speed 0    0    0    0    0    0      0      0 —:—:— —:—:— —:—:—    0 0    0    0    0    0    0      0      0 —:—:— —:—:— —:—:—    0 0    0    0    0    0    0      0      0 —:—:— —:—:— —:—:—    0Warning: Failed to open the file Warning: https://github.com/cloudflare/cloudflared/releases/latest/download/clo Warning: udflared-linux-amd64: No such file or directory 0 37.4M    0    0    0    0      0      0 —:—:— —:—:— —:—:—    0 curl: (23) Failure writing output to destination longboardfella@Fastfella:~$ ● It’s pasting the URL as the -o output path. Let me give you a two-step approach: cd ~ curl -L -o cloudflared https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 Then once downloaded: sudo mv cloudflared /usr/local/bin/cloudflared sudo chmod +x /usr/local/bin/cloudflared ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── ❯  ─────────────────────────────────────────────────────────────────────

Graph View