Just wanted to post the magic sauce needed to get BTCPayServer working well on Umbrel when using Cloudflare Tunnels to expose it to clearnet w/ TLS.
The solution was here all along: https://github.com/getumbrel/umbrel/issues/1428#issuecomment-1184584190
I’m reposting here for visibility, as I searched high and low and couldn’t find this on my own.
Please follow:
ssh umbrel@umbrel.local (or the IP of your Umbrel server) Password is the same as Umbrel Web UI
nano ~/umbrel/app-data/btcpay-server/.env.app_proxy
Type:
PROXY_TRUST_UPSTREAM=true
Then save using: Control + X, then: Y, then:
Finally, run this command to restart BTCPay Server:
~/umbrel/scripts/app restart btcpay-server
This probably works for other reverse proxying services like Tailscale, or running your own nginx (perhaps from a NAS), etc.