(or how I finally got around to figuring out how to use fly.io with Cloudflare)
As I've mentioned previously, this site is running on fly.io after Heroku got rid of their free tier. For most (all?) of the time since I cut over to fly, I've been using Cloudflare as my DNS. When I first set up Cloudflare, I couldn't figure out how to get its proxy working with my site (I went grey cloud only). Finally, finally, finally, I've figured it out.
Here's what I did:
- Removed existing certificates for my site
- Created a new certificate and used the acme challenge validation (make sure its record is a CNAME and unproxied on Cloudflare)
- Created A/AAAA records
- Confirm that the Flyio certification is verified
- Set Cloudflare SSL/TLS to Full (use the SSL/TLS menu in the left hand column)
- In the Cloudflare SSL/TLS menu, make sure "Always use HTTPS" is enabled
- Make sure Universal SSL is enabled (at the bottom of the Edge Certificates page), note this is different from what's recommended in the Fly docs
Hopefully this helps if it's an issue you're running into.