Update Cloudflare Tunnel instructions and README for clarity

- Changed installation command to use 'sudo bash' for better permissions handling.
- Clarified that the Cloudflare Tunnel service must be enabled in the Service Selection Wizard.
- Updated README to provide a direct link to the Cloudflare instructions.

README.md

@@ -179,7 +179,9 @@ Cloudflare Tunnel provides zero-trust access to your services without exposing a
 - **Zero-trust security** - Optional Cloudflare Access integration
 - **No public IP required** - Works on private networks
 
-### Setup Instructions see Cloudflare-instructions.md
+### Setup Instructions
+
+See the Cloudflare Tunnel guide: [cloudflare-instructions.md](cloudflare-instructions.md)
 
 
 ### Using Pre-installed Libraries in n8n's Custom JavaScript

cloudflare-instructions.md

@@ -70,12 +70,14 @@ When you create public hostnames in the tunnel configuration, Cloudflare automat
 
 1. Run the n8n-installer as normal:
    ```bash
-   ./install.sh
+   sudo bash ./scripts/install.sh
    ```
 2. When prompted for **Cloudflare Tunnel Token**, paste your token
-3. The tunnel service will be automatically enabled
+3. In the Service Selection Wizard, select **Cloudflare Tunnel** to enable the service
 4. Complete the rest of the installation
 
+Note: Providing the token alone does not auto-enable the tunnel; you must enable the "cloudflare-tunnel" profile in the wizard (or add it to `COMPOSE_PROFILES`).
+
 #### 5. Secure Your VPS (Recommended)
 
 After confirming services work through the tunnel:
@@ -375,10 +377,10 @@ To disable Cloudflare Tunnel and return to Caddy-only access:
    nano .env
    ```
 
-2. Stop the tunnel:
+2. Stop the tunnel and restart services:
    ```bash
-   docker compose --profile cloudflare-tunnel down
-   docker compose up -d
+   docker compose -p localai --profile cloudflare-tunnel down
+   docker compose -p localai up -d
    ```
 
 3. Re-open firewall ports if closed: