RSS

Cloudflare on Fire

xonery1 pts0 comments

Moley: A Free, Open-Source Ngrok Alternative Using Cloudflare. | by Kilian | May, 2026 | MediumSitemapOpen in appSign up<br>Sign in

Medium Logo

Get app<br>Write

Search

Sign up<br>Sign in

Moley: A Free, Open-Source Ngrok Alternative Using Cloudflare.

Kilian

5 min read·<br>May 4, 2026

Listen

Share

Your own domain, one command, free tunnels and Zero Trust included.

DO NOT rage-quit Cloudflare Tunnels for local dev !<br>Have you ever tried to make a local service accessible on the internet. For a demo, a hackathon, a webhook you’re testing, pick your reason. I’m pretty sure every developer has been there.<br>I have. And every time I tried something, I was a fool for thinking it would be free, until I realized it’s not. Demos break, webhooks die, and you end up thinking about paying some precious bucks every month just to keep a stable subdomain.<br>So I went hunting for an alternative.<br>Cloudflare Tunnels: free, powerful, and slightly painful<br>I already had a cheap domain sitting on Cloudflare. I knew Cloudflare Tunnels were free. Turns out it can do pretty much everything services such as Ngrok does. So I gave it a try. I downloaded cloudflared, spun up my first tunnel, and ran straight into a wall.<br>First Authenticate cloudflared .<br>Create a tunnel manually with the CLI.<br>Write a YAML config with ingress rules.<br>Go to the dashboard, create a CNAME DNS record for every subdomain I want to expose.<br>Run the tunnel.<br>Then when i’m done I had to stop the tunnel and back to the dashboard, delete the DNS records one by one.<br>It works. It’s free. It uses my domain. But the experience is nothing like the “one command and you’re online” magic of Ngrok. And i’m not gonna lie doing it two or three times is enough, it feels super cool but the setup is tough…<br>Then I thought my love for dev-tooling could help me out and so I went for a side-quest to build the missing piece.<br>Meet Moley<br>Press enter or click to view image in full size

Moley is one of my first open source projects. It’s a CLI that wraps Cloudflare Tunnels and gives you the Ngrok-like experience I wanted from the start. You just need your cloudflare domain and that’s the only cost but it’s peanuts compared to paying for Ngrok monthly (I pay for 10$ per year.. call me a rat).<br>You declare what you want to expose in a small YAML file:<br>tunnel:<br>name: "moley"<br>ingress:<br>zone: "moley.dev"<br>apps:<br>- target:<br>port: 8080<br>hostname: "localhost"<br>expose:<br>subdomain: "api"<br>- target:<br>port: 3000<br>hostname: "localhost"<br>expose:<br>subdomain: "web"Then you run:<br>moley tunnel runPress enter or click to view image in full size

moley tunnel runPress enter or click to view image in full size

dashboard showing text.xonery.devPress enter or click to view image in full size

tunnel showing in cloudflare accessAnd that’s it. Moley creates the tunnel, sets up the DNS records for api.moley.dev and web.moley.dev, wires up the ingress rules, and starts the tunnel. When you're done, you hit Ctrl+C and it cleans up everything. It will teardown everything such as the DNS records and the tunnel, no leftover garbage in your Cloudflare account.<br>Install it with Homebrew and try it yourself:<br>brew install --cask stupside/tap/moleyThe cool thing: Cloudflare Access, automated<br>Here’s where it gets really interesting, and where Moley does something Ngrok’s free tier flat-out won’t give you.<br>Cloudflare has a product called Access (part of their Zero Trust platform). It lets you slap authentication policies on any subdomain exposed through your tunnel. For example if you want admin.moley.dev to only be reachable by people in your team, that’s what you are looking for. It allows you to gate your subdomains behind any SSO you want or even one time code sent to your mail.<br>It’s genuinely powerful. It’s also genuinely awful to set up by hand because clicking through the Zero Trust dashboard, creating applications, defining policies, attaching identity providers… by the time you’ve configured it, you might even be back to spending some bucks on Ngrok.<br>So I automated that too.<br>tunnel:<br>name: "moley"

access:<br>policies:<br>- name: moley-allow-email<br>decision: allow<br>include:<br>- email:<br>email: "kilian.houpeurt@gmail.com"

ingress:<br>mode: subdomain<br>zone: "moley.dev"<br>apps:<br>- target:<br>hostname: localhost<br>port: 3000<br>protocol: http<br>expose:<br>subdomain: admin<br>access:<br>providers:<br>- github<br>- onetimepin<br>session_duration: "168h"<br>policies:<br>- moley-allow-emailWith Moley, you can declare access policies right in the same YAML config, and they get created and torn down with the tunnel. One file, one command, full Zero Trust protection on your local services. And honestly that’s the part that turned Moley from “nice CLI wrapper” into “I actually use this every day.”<br>Press enter or click to view image in full size

access showing policies for the test applicationWhy I’m sharing this<br>As I said Moley is completely free. It’s open source under MIT. It’s one of my first OSS projects and sharing it can’t make me happier. Building it taught me a lot, about myself, about Go,...

moley tunnel cloudflare free ngrok subdomain

Related Articles

Amazon, Facebook, FBI have access to a private intelligence-sharing network

root-parent18 ptsseattle prism shield network private intelligence

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries

SpaceX not the behemoth everyone thought

kaycebasques13 pts_blockquote instagram data vars text media

The Mirror Is Part of the Machine

london_safari10 ptstelemetry mirror decision logs enough time
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.