# flag92.com — Cloudflare Tunnel 配置模板（生产化）
# 用于 Chatwoot + Dify 暴露
# 使用：把 <TUNNEL_UUID> 与域名替换为你自己的

tunnel: <TUNNEL_UUID>
credentials-file: /etc/cloudflared/<TUNNEL_UUID>.json

# 全局连接策略
originRequest:
  connectTimeout: 30s
  tlsTimeout: 10s
  keepAliveTimeout: 90s
  keepAliveConnections: 100
  disableChunkedEncoding: false
  noTLSVerify: false

ingress:
  # Dify streaming endpoint —— 给它更长的超时
  - hostname: dify.example.com
    path: /api/.*/streaming.*
    service: http://localhost:5001
    originRequest:
      connectTimeout: 30s
      tlsTimeout: 10s
      tcpKeepAlive: 30s

  # Dify 其他 API
  - hostname: dify.example.com
    service: http://localhost:5001

  # Chatwoot
  - hostname: support.example.com
    service: http://localhost:3000

  # 默认 404
  - service: http_status:404

# 暴露 Prometheus metrics
metrics: 0.0.0.0:8081

# 日志
loglevel: info