MacStudio
Expose MacStudio SECURELY via Cloudflare Tunnel
- To access MacStudio securely outside your network without opening risky router ports, we will use a Cloudflare Tunnel (Cloudflared).
- Cloudflare Dashboard > Zero Trust > Networks > Connectors > Create a Tunnel.
- Choose Cloudflared as the connector type, give it a name (e.g.,
tunnel-for-macstudio), and click Save. - Cloudflare will show you a page with installation commands.
- Choose Mac and copy the specific command it provides. It will look something like this (using Homebrew):
~% brew install cloudflare/cloudflare/cloudflared
~% cloudflared service install <YOUR_SECRET_TOKEN>
Allow remote user to access OpenWebUI
- Cloudflare Dashboard > Zero Trust > Networks > Connectors >
tunnel-to-macstudio> Published application routes > Add - subdomain: ai
- domain: yourdomain.com
- service Type: HTTP
- service url: localhost:8080
Allow remote user to access LangFlow
- Cloudflare Dashboard > Zero Trust > Networks > Connectors >
tunnel-to-macstudio> Published application routes > Add - subdomain: langflow
- domain: yourdomain.com
- service Type: HTTP
- service url: localhost:7860
Allow remote user to SSH into MacStudio
- Enable SSH on your Mac Studio
- MacStudio > Settings > General > Sharing > ENABLE Remote Login
- Configure the Cloudflare Tunnel
- Cloudflare Dashboard > Zero Trust > Networks > Connectors >
tunnel-to-macstudio> Published application routes > Add - subdomain: ssh
- domain: yourdomain.com
- service Type: SSH
- service url: localhost:22
- Connecting from another Mac
brew install cloudflare/cloudflare/cloudflared
- create a config file
nano ~/.ssh/configHost macstudioHostName ssh.yourdomain.comUser your-mac-usernameProxyCommand /usr/local/bin/cloudflared access ssh --hostname %h- save and exit
- now we can ssh into the macstudio by
ssh macstudio - Connecting from Windows
winget install Cloudflare.cloudflared
- create a file in
.sshdirectory using notepad and save asconfig(without .txt extension)
New-Item -ItemType Directory -Force -Path "$HOME\.ssh"notepad "$HOME\.ssh\config"- inside the notepad, type the following:
Host macstudioHost macstudioHostName ssh.yourdomain.comUser your-mac-usernameProxyCommand "C:\Program Files\cloudflared\cloudflared.exe" access ssh --hostname %h- the exact location of cloudflared can be found by the command: where.exe cloudflared
- now we can ssh into the macstudio by
ssh macstudio - create a file in
Allow remote user to Remote Access MacStudio
1. Enable Screen Sharing on the Mac Studio
- On your Mac Studio, go to System Settings > General > Sharing > Turn on Screen Sharing
2. Configure the Cloudflare Tunne
- Cloudflare Dashboard > Zero Trust > Networks > Connectors >
tunnel-to-macstudio> Published application routes > Add - subdomain:
ard - domain:
yourdomain.com - service Type:
TCP - service url:
localhost:5900
3. Connect from your Client Machine
- Install cloudflared on the Client Machine
brew install cloudflared
- Open the Local Port Forwarding Tunnel
cloudflared access tcp --hostname ard.yourdomain.com --url tcp://localhost:5901
- 💡 Keep this terminal window running while you are connected.
- Open the built-in Screen Sharing app (or press
Cmd + Kin Finder) - for the address, type:
vnc://localhost:5901 - hit connect and login with your MacStudio user account
To Limit Access to allowed users
- Cloudflare Dashboard > Zero Trust > Access Controls > Applications > Add > Continue with Self-hosted and private
- subdomain: ai
- domain: yourdomain.com
- access policy > create new policy > Emails > then add the emails that can access this application > Save Policy