This is a quick follow-up release to polish the major v2.0 update. It addresses a few minor UI bugs, restores a key feature for SSH access, and introduces a brand new Backup & Restore feature.
A big thank you to the users provided the excellent feedback that led directly to these fixes!
New Feature: Backup & Restore
As DockFlare becomes more central to managing your services, having a simple way to backup and restore your configuration is essential. I'm happy to announce a new Backup & Restore feature, now available on the Settings page.
- Create Backup: You can now download a timestamped copy of your entire
state.jsonfile with a single click. This file contains all your manual rules, Access Groups, and the last known state of your Docker-managed services. It's the perfect way to create a snapshot before making big changes or for migration. - Restore from Backup: You can upload a previously saved
state.jsonfile to completely overwrite and restore your DockFlare instance to a known-good state. After the restore is complete, DockFlare automatically reloads the state and triggers a full reconciliation to bring your live Cloudflare configuration into sync with the backup.
Added: Bastion Mode for Browser-Based SSH/VNC
Support for Cloudflare's browser-rendered terminal has been fixed and properly re-implemented.
In the "Add/Edit Manual Rule" modal, you will now see two options for SSH:
SSH (Native Client): Use this for the traditional workflow where you connect using a terminal app (e.g.,ssh user@host). This requires a service address likessh://192.168.1.50:22.Bastion (Browser SSH/VNC): This is the option to use when you want to access your SSH or VNC sessions directly in a web browser through the Cloudflare Zero Trust dashboard.
How Bastion Mode Works:
Unlike other service types, Bastion mode does not require an internal IP or port in the DockFlare UI. When you select this option, DockFlare tells Cloudflare to enable a secure gateway at your public hostname. The connection is handled by the cloudflared client on your local machine, which routes your request to the correct internal server after you have authenticated with Cloudflare. This is a more secure setup as the internal IP is never part of the public-facing configuration.
For more details on how to configure your local client for this, please see the official Cloudflare documentation on rendering a terminal in the browser.
Fixes and Improvements
- State Management: I've fixed a bug where the
access_group_idfor a rule was not being saved tostate.json. This was causing the "Group:" name to disappear from the UI after a restart, even though the policy was still active. This now saves and loads correctly. - UI - DNS Toggles: The
+button to view DNS records for tunnels on the Settings page was not working. This has been fixed. - UI - "Revert" Button: The "Revert" button and "UI Override" badge were incorrectly appearing for manual rules. Since manual rules have no labels to revert to, these elements are now correctly hidden for any rule with "Manual" as its source, reducing confusion.
- Validation: Fixed an oversight where
"bastion"was not considered a valid service type by the backend validation logic, which was preventing these rules from being created.