Use your own machine to validate your MVP
When you’re bootstrapping a project or simply want to validate an MVP without burning cash on infrastructure, most MVPs don’t need a VPS. I just needed a URL I could share, fast. That’s exactly what I did to get DevScout online and test the MVP.
In this article, I’ll explain how I used my own computer as a server, combined with Cloudflare Tunnel, to make the app publicly accessible, allowing me to test everything end-to-end, gather feedback, and only later invest in a proper VPS.
Why Not Just Pay for a VPS?
Simple: I didn’t want to spend money before proving the idea had potential.
Even cheap VPS options can be overkill when you’re still building and validating your minimum viable product. And for side projects or personal experiments, using your own machine with a tunnel can be enough to simulate a real deployment environment.
Tools I Used
- My local machine (MacBook Pro M1 16 GB RAM)
- Cloudflare Tunnel (cloudflared)
- Python Flask API / Next.js app (DevScout)
- Local database (SQLite initially, after i changed to PostgreSQL)
Step-by-Step: Exposing My Local App
1. Install Cloudflare CLI
brew install cloudflared
Or follow the official installation guide.
2. Authenticate with Cloudflare
cloudflared login
This opens your browser and asks you to select a domain from your Cloudflare account.
Note: You need to have your own domain added to Cloudflare.
3. Create a Tunnel
cloudflared tunnel create devscout
This creates a new named tunnel and registers its credentials.
4. Configure the Tunnel
Create a configuration file:
# ~/.cloudflared/config.yml
tunnel: devscout
credentials-file: /Users/yourname/.cloudflared/devscout.json
ingress:
- hostname: devscout.example.com
service: http://localhost:3000
- service: http_status:404
Make sure your local app (e.g. Next.js) is running on port 3000.
5. Route the Tunnel
cloudflared tunnel route dns devscout devscout.example.com
This connects the subdomain to the tunnel.
6. Start the Tunnel
cloudflared tunnel run devscout
Done, your local app is now live at https://devscout.example.com.
Why It Worked for Me
Running the MVP this way gave me:
- A public URL I could share
- HTTPS without extra setup
- A real-world way to test and iterate
- Zero cost hosting (since the app runs on my machine)
This allowed me to test assumptions, collect feedback, and confirm that the core idea behind DevScout made sense, all before spending anything on cloud infrastructure.
How Cloudflare Tunnel Works (Technical Overview)
Cloudflare Tunnel (formerly Argo Tunnel) provides a secure way to expose services running locally on your machine or network, without having to open ports or configure NAT on your router.
🔒 No Open Ports
One of the biggest advantages is that you don’t need to expose your ports to the public internet. Instead, cloudflared creates an outbound-only connection from your machine to Cloudflare’s edge.
- Traditional setup:
Public Internet ➝ Open port ➝ Your server - Tunnel setup:
Your server ➝ Encrypted tunnel ➝ Cloudflare edge
Since the connection is outbound, it works even behind NAT, CGNAT, or firewalls that block incoming traffic.
🔁 Persistent Connection to the Cloudflare Edge
When you run cloudflared tunnel run, your machine initiates one or more persistent WebSocket connections to Cloudflare’s global edge network.
These connections:
- Are encrypted (TLS)
- Use HTTP/2 multiplexing
- Are load-balanced automatically across multiple connections for reliability
- Support automatic reconnection and failover
By default, cloudflared opens four parallel connections to different Cloudflare data centers. This gives global reach and resilience.
🛡️ Authentication and Identity
Every tunnel is uniquely associated with a Cloudflare account and zone (domain).
- When you run
cloudflared login, a signed token is stored locally (e.g.~/.cloudflared/cert.pem) - When you create a tunnel (
cloudflared tunnel create), credentials are stored in a.jsonfile - Only machines with that credential file can start that specific tunnel
This prevents unauthorized access, and you can revoke credentials or delete tunnels at any time via the Cloudflare dashboard.
🌍 DNS Integration
Cloudflare updates your DNS records to proxy traffic through the tunnel, rather than pointing directly to an IP address.
That means:
- Now I had https://devscout.app live, and recruiters could actually test the platform.
- It automatically uses HTTPS (thanks to Cloudflare’s SSL termination)
- I didn’t need it for DevScout yet, but Cloudflare Access lets you lock it down with login or IP rules.
🧩 Behind the Scenes Flow
Let’s break down the actual request flow:
- User hits
https://devscout.example.com - Cloudflare resolves the domain and routes it to the tunnel
- Cloudflare edge sends the request over one of the persistent connections to
cloudflaredrunning on your machine - Your local app responds
- The response is sent back over the tunnel to Cloudflare, and then to the user
🧠 Bonus: Multiplexing and Load Balancing
Each cloudflared process can:
- Handle multiple services (via
config.yml) - Load-balance across multiple origins if needed
- Run as a system service (daemon mode)
- Be monitored/logged using standard tools
If you want to scale it beyond your machine later, you can also connect multiple origins to the same tunnel for zero-downtime rollouts or blue-green deployments.
Why This Matters
Understanding how Cloudflare Tunnel works helps you:
- Trust it as a production-grade tool, not a dev-only hack
- Use its advanced features (like Zero Trust access)
- Know exactly how your traffic flows, which helps with debugging and performance
Running everything locally wasn’t perfect, but it unblocked me. DevScout got real users and feedback, and that’s all I needed to justify the next step.
DevScout – Automated Job Search Platform Connecting you between Tech Recruiters