# CLOUDFLARE TUNNEL - SIN PORT FORWARDING

## ☁️ Cloudflare Tunnel para LiveKit (Avanzado)

### Ventajas:
- ✅ **Sin port forwarding** en router
- ✅ **SSL automático** 
- ✅ **Protección DDoS**
- ✅ **IP oculta**

### ⚠️ Limitaciones para WebRTC:
- ❌ **UDP no soportado** directamente
- ⚠️ **Requiere TURN server** para WebRTC
- 🔧 **Solo TCP/HTTP** a través del tunnel

### Configuración (solo si tienes TURN server):

#### Paso 1: Instalar cloudflared
```bash
# Descargar cloudflared
curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb
sudo dpkg -i cloudflared.deb
```

#### Paso 2: Crear tunnel
```bash
# Login a Cloudflare
cloudflared tunnel login

# Crear tunnel
cloudflared tunnel create livekit-tunnel

# Configurar tunnel
cat > ~/.cloudflared/config.yml << 'EOF'
tunnel: livekit-tunnel
credentials-file: /home/usuario/.cloudflared/livekit-tunnel.json

ingress:
  - hostname: livekit.midominio.com
    service: http://localhost:7880
  - service: http_status:404
EOF

# Crear DNS record
cloudflared tunnel route dns livekit-tunnel livekit.midominio.com

# Ejecutar tunnel
cloudflared tunnel run livekit-tunnel
```

#### Configuración LiveKit (necesita TURN):
```yaml
# livekit-production.yaml
rtc:
  # SIN puertos UDP directos - usar TURN
  use_external_ip: false
  
  ice_servers:
    - urls: ["stun:stun.l.google.com:19302"]
    - urls: ["turn:turn.midominio.com:3478"]
      username: "usuario"
      credential: "password"
```

### ⚠️ **NO RECOMENDADO** para LiveKit porque WebRTC necesita UDP