Skip to main content

Web App Features

The default configuration of Install Doctor includes launching multiple services that are available as either web applications or as services that are available on specific ports. These web applications are either run as services or launched as web applications via Docker (i.e. docker-compose.yml).

SSO-Protected Publicly Accessible Web Services

Whenever possible, we make the services available via an FQDN of your choice. By providing the PUBLIC_SERVICES_DOMAIN environment variable (or storing it in your encrypted secrets) before running the kickstart script, Install Doctor will automatically use cloudflared to create publicly accessible web apps by using the PUBLIC_SERVICES_DOMAIN as a base domain. All of the publicly accessible services can have their:

  1. IP address protected by CloudFlare
  2. Can be protected by Single Sign-On by leveraging CloudFlare Teams (also known as CloudFlare Zero Trust)
  3. Be accessible over the web via domains created using the format of


bash <(curl -sSL

Will create the following publicly accessible web services assuming the hostname is webdev1 and the PUBLIC_SERVICES_DOMAIN is

Remote Desktop

cloudflared Configuration

The services detailed in the chart above are installed in the default configuration. After they are installed, the cloudflared daemon is launched with a configuration that defines the data shown in the chart above. With cloudflared proxying the requests, all of these services are available on port 443 (HTTPS) using their defined domain names.


Customizing the ports that need to be proxied to from the cloudflared daemon are all dependent on the configurations of each specific app. The sftpgo configuration is here, for instance.

Besides modifying individual app configurations, if you need to debug anything, you can find the cloudflared initialization logic in the software.yml file (by searching for cloudflared). During the provisioning started by the kickstart script, the installx program will install all the various applications and run their _post installation scripts afterwards which includes the initialization logic for both cloudflared and all of the individual programs (which may need their configurations copied to specific system locations).