Stremio server URL reported as offline when behind Cloudflare Zero Trust #133
Description
I use Cloudflare Zero Trust to protect all of my self-hosted services. Some services require Cloudflare service token headers in order to authenticate when making backend or internal requests.
Observed behavior
I am running Stremio behind Traefik and exposing it via a subdomain (e.g. stremio.example.com). When Cloudflare Zero Trust is not enabled for this subdomain, Stremio works as expected. When Zero Trust is enabled, the behavior is as follows:
- Accessing https://stremio.example.com redirects to Cloudflare Zero Trust authentication as expected.
- After authenticating, the Stremio Web UI loads and functions normally.
- However, can't stream anything, and in Settings > Streaming > URL, the server URL is shown as offline.
Expected behavior
The server URL should remain reachable and reported as online even when the service is protected by Cloudflare Zero Trust, assuming the user has already authenticated.
Deployment details
- Stremio is running in Docker using tsaridas/stremio-docker:latest
- Reverse proxy: Traefik
- TLS termination handled by Traefik
- Cloudflare Zero Trust applied at the subdomain level
This is the compose file I'm using, in case it helps:
services:
stremio:
image: tsaridas/stremio-docker:latest
restart: unless-stopped
environment:
NO_CORS: 1
AUTO_SERVER_URL: 1
DOMAIN: stremio.example.com
CERT_FILE: "/root/.stremio-server/cert.pem"
volumes:
- "./stremio-data:/root/.stremio-server"
labels:
- "traefik.enable=true"
- "traefik.http.routers.stremio.rule=Host(`stremio.example.com`)"
- "traefik.http.routers.stremio.entrypoints=websecure"
- "traefik.http.routers.stremio.tls=true"
networks:
- web
networks:
web:
external: trueIf there is a recommended way to run Stremio behind an authenticated reverse proxy or Zero Trust-style access control, guidance would be appreciated. Or, at least, any way to add custom headers to the requests.