From 4820bc2b213435722653d20d7fda5e07b5a4c5bd Mon Sep 17 00:00:00 2001
From: applesnort <joelrobertmangin@gmail.com>
Date: Thu, 25 Jun 2026 11:56:46 -0400
Subject: [PATCH] fix: force HTTP/2 protocol on all Cloudflare tunnels

QUIC (UDP) is blocked on some networks, causing all four cloudflared
tunnels to silently fail with timeout errors. Adding --protocol http2
forces TCP fallback so the stack works regardless of UDP availability.
---
 docker-compose.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index b1914af..9fc09f0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -39,6 +39,7 @@ services:
   mediator-tunnel:
     image: cloudflare/cloudflared:latest
     command: ["tunnel", "--loglevel", "warn", "--metrics", "0.0.0.0:2000",
+      "--protocol", "http2",
       "--url", "https://host.docker.internal:33443", "--no-tls-verify"]
     extra_hosts:
       - host.docker.internal:host-gateway
@@ -73,6 +74,7 @@ services:
   wallet-tunnel:
     image: cloudflare/cloudflared:latest
     command: ["tunnel", "--loglevel", "warn", "--metrics", "0.0.0.0:2000",
+      "--protocol", "http2",
       "--url", "http://wallet:8081"]
     depends_on:
       - wallet
@@ -81,6 +83,7 @@ services:
   issuer-tunnel:
     image: cloudflare/cloudflared:latest
     command: ["tunnel", "--loglevel", "warn", "--metrics", "0.0.0.0:2000",
+      "--protocol", "http2",
       "--url", "http://issuer:8082"]
     depends_on:
       - issuer
@@ -89,6 +92,7 @@ services:
   verifier-tunnel:
     image: cloudflare/cloudflared:latest
     command: ["tunnel", "--loglevel", "warn", "--metrics", "0.0.0.0:2000",
+      "--protocol", "http2",
       "--url", "http://verifier:8083"]
     depends_on:
       - verifier