d-bis/Sankofa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0a7b4f320bcceb7ed77e4021f185cb04cdce4de6
Sankofa/docs/proxmox/ENVIRONMENT_VARIABLES.md
defiQUG 9daf1fd378 Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements 
- Add comprehensive database migrations (001-024) for schema evolution
- Enhance API schema with expanded type definitions and resolvers
- Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth
- Implement new services: AI optimization, billing, blockchain, compliance, marketplace
- Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage)
- Update Crossplane provider with enhanced VM management capabilities
- Add comprehensive test suite for API endpoints and services
- Update frontend components with improved GraphQL subscriptions and real-time updates
- Enhance security configurations and headers (CSP, CORS, etc.)
- Update documentation and configuration files
- Add new CI/CD workflows and validation scripts
- Implement design system improvements and UI enhancements
2025-12-12 18:01:35 -08:00

5.4 KiB
Raw Blame History

Environment Variables Reference

Last Updated: 2024-12-19

Overview

This document describes all environment variables used in the Proxmox deployment scripts and configuration.

Quick Start

Using .env File

  1. Copy the example file:

    cp .env.example .env

  2. Edit .env with your actual credentials:

    nano .env

  3. Scripts will automatically load variables from .env if present.

Manual Export

Alternatively, export variables manually:

export CLOUDFLARE_API_KEY="your-key"
export CLOUDFLARE_EMAIL="your-email@example.com"

Cloudflare Variables

CLOUDFLARE_API_KEY

Type: String
Required: Yes (if not using API Token)
Description: Cloudflare Global API Key
Location: Cloudflare Dashboard
Example: e5153f7f2dcf64fec7f25ede78c15482bc950

CLOUDFLARE_EMAIL

Type: String
Required: Yes (if using Global API Key)
Description: Cloudflare account email address
Example: pandoramannli@gmail.com

CLOUDFLARE_API_TOKEN

Type: String
Required: No (alternative to Global API Key)
Description: Cloudflare API Token (recommended for scripts)
Location: Create API Token
Note: More secure than Global API Key, recommended for production

CLOUDFLARE_ORIGIN_CA_KEY

Type: String
Required: No
Description: Cloudflare Origin CA Key for certificate management
Location: Cloudflare Dashboard
Example: v1.0-40220c19a24f6e2980fb37b0-...

CLOUDFLARE_ZONE_ID

Type: String
Required: No (can be auto-detected)
Description: Cloudflare Zone ID for your domain
How to get:

curl -X GET "https://api.cloudflare.com/client/v4/zones?name=sankofa.nexus" \
  -H "X-Auth-Email: your-email@example.com" \
  -H "X-Auth-Key: your-api-key" | jq -r '.result[0].id'

CLOUDFLARE_ACCOUNT_ID

Type: String
Required: No (for tunnel creation)
Description: Cloudflare Account ID
Location: Cloudflare Dashboard (right sidebar)

Domain Variables

DOMAIN

Type: String
Required: No
Default: sankofa.nexus
Description: Primary domain name for DNS records

Proxmox Variables

PROXMOX_USERNAME

Type: String
Required: No
Description: Proxmox username (e.g., root@pam)

PROXMOX_PASSWORD

Type: String
Required: No
Description: Proxmox password

PROXMOX_TOKEN

Type: String
Required: No
Description: Proxmox API token (format: user@realm!token-id=token-secret)

PROXMOX_ENDPOINT

Type: String
Required: No
Description: Proxmox API endpoint URL

Kubernetes Variables

NAMESPACE

Type: String
Required: No
Default: crossplane-system
Description: Kubernetes namespace for provider deployment

KUBECONFIG

Type: String
Required: No
Description: Path to kubeconfig file

Script-Specific Variables

SITE

Type: String
Required: Yes (for setup-proxmox-agents.sh)
Description: Proxmox site name (e.g., us-sfvalley)

NODE

Type: String
Required: Yes (for setup-proxmox-agents.sh)
Description: Proxmox node name (e.g., ML110-01)

CLOUDFLARE_TUNNEL_TOKEN

Type: String
Required: No
Description: Cloudflare tunnel token for specific site

BUILD_PROVIDER

Type: Boolean
Required: No
Default: true
Description: Whether to build provider before deployment

WAIT_TIMEOUT

Type: Integer
Required: No
Default: 300
Description: Timeout in seconds for VM deployment

PROMETHEUS_ENABLED

Type: Boolean
Required: No
Default: true
Description: Whether to install Prometheus exporter

Authentication Methods

Method 1: Global API Key + Email (Current)

export CLOUDFLARE_API_KEY="your-key"
export CLOUDFLARE_EMAIL="your-email@example.com"

Method 2: API Token (Recommended)

export CLOUDFLARE_API_TOKEN="your-token"

Security Best Practices

  1. Never commit .env file - It's already in .gitignore
  2. Use API Tokens - More secure than Global API Key
  3. Rotate credentials regularly - Especially API keys
  4. Use least privilege - Grant only necessary permissions
  5. Store secrets securely - Use secret management tools in production

Loading Environment Variables

Automatic (Recommended)

Scripts automatically load from .env if present in project root.

Manual

# Source .env file
source .env

# Or use helper script
source scripts/load-env.sh

In Scripts

# At the top of your script
if [ -f .env ]; then
    source .env
fi

Troubleshooting

Variables Not Loading

# Check if .env exists
ls -la .env

# Check if variables are set
echo $CLOUDFLARE_API_KEY

# Manually source
source .env

Authentication Errors

# Verify credentials
curl -X GET "https://api.cloudflare.com/client/v4/user/tokens/verify" \
  -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN"

# Or with Global API Key
curl -X GET "https://api.cloudflare.com/client/v4/user" \
  -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
  -H "X-Auth-Key: $CLOUDFLARE_API_KEY"

Related Documentation

Reference in New Issue View Git Blame Copy Permalink