Cloudflare
Tunnels
Cloudflare is set to "Flexible" level encryption on SSL/TLS for the domains, which means traffic between Cloudflare and my servers is HTTP (but tunneled via Zero Trust and the tunnel encrypts) and any requests to Cloudflare in HTTP are automatically bumped over to HTTPS, and Cloudflare manages the certificates.
Log into Cloudflare
Go to Zero Trust
Go to Networks -> Tunnels
Click on a network (currently bellman or hupi)
The sidebar pops up for that network. Click EDIT.
This brings up a page with a tab bar at the top, select Public Hostname that's where you will see this
In this example, wiki is running in a Docker in Bellman and vhpa is running directly.
So, I used the zero-trust subnet in Docker for Wiki and it has an internal IP address,
but for vhpa I used the host (bellman) ip address.