I’m having the exact same issue. umbrel.local seems like the right URL, since everything else fails to connect at all.
update: Ok I found a (first-layer) solution. It’s Cloudflare SSL-TLS config - it needs to be changed to “Flexible”.
https://dash.cloudflare.com/{cloudflare_id}/{domain}/ssl-tls/configuration
update: it seems now it only works in “Off” mode. “Flexible” worked because I had the site cached, until it didn’t work anymore. Having encryption “Off” for my entire domain is really bad because I use it for a lot of things. Still looking for better solution. I might have to give up on cf tunnels and use wireguard + custom firewall.
I really hope https support is on the roadmap.