I looked into doing this, but never actually set it up because it would make local access to the server so much slower (I had slow internet then). So I have some answers, but only somewhat generic answers.
There should be no problem using a new subdomain of your existing domain.
A working Seafile server uses at least 2 ports (more for some optional parts, like webdav), so you will need a reverse proxy anyway to forward the different stuff to the right port. I use nginx with a config I copied from the seafile admin manual and modified for my setup, but you can use whatever works for you.
First, set it up to work with only HTTP in your reverse proxy. You want to get this working with your domain name (seafile.domain.com) so you can test it. Once it is working so you can log into the web interface, upload and download large files (test with at least 1 GB), and you can connect the agent, then you know this part work ok, and can move on.
Log into Cloudflare and I think you need to remove the subdomain entry from your DNS so the tunnel can add one for itself. Then go to “zero trust” > Networks > Tunnels, and add a tunnel. Set the public name to the same you tested above (seafile.domain.com), and the service address to http://localhost:80
Follow their instructions there to download and install the cloudflare connector, and give it the connection token. I would install this on the same machine as the reverse proxy. If you install it somewhere else, you will need to change that “localhost” above to the reverse proxy’s IP. This connector will connect out to cloudflare to make the tunnel, so now when you go to seafile.domain.com you are connecting to cloudflare instead of your local server.
They will also apply SSL (TLS) to the connection, so now it is https instead of http. You need to modify your seafile config to use https, and restart. I think that just means changing SEAFILE_SERVER_PROTOCOL= to https, and restarting, but if you see http in any other config change it to https, just to be sure.
Now test it all again, but with the https address. Again you should be able to upload and download files, connect with the agent, etc. When doing that testing you will probably notice one big change, even though you are (I am assuming) on the same network as your server, it will now be slower. The uploads and downloads are now going out through your ISP to cloudflare, and then back in to your local network again. And that should be it, it should work from anywhere on the internet now.