I use this, Cloudflare zero trust. I run a connector (tunnel) named cloudflared on a raspberry pi which connects to cloudflare. The zerotrust tunnel configuration (in CF dashboard) lets me route http traffic into my local network by domain. The Application access policy in zero trust lets me secure it.

Thank you it’s a bit more complex but this helped me solve it. I’ll update the post a working script later.

quick summary in case i get busy:

• I had to install crun so i can use the ‘podman --runtime crun’ parameter instead of runc the podman default
• I did NOT need to pass the --privileged parameter
• our device mappings are equivalent, so i was good there.
• I added a check for the dialout group, but think it’s working now with the users default groups. will make sure to check this with restarts before update.

summary: working now!