# ✅ Cloudflare Automation - Ready to Execute **Status:** Script created and ready to run with your tested credentials --- ## 🚀 Quick Start Since your Cloudflare credentials are in `.env` and fully tested, you can run the automated setup: ```bash # The script will automatically load credentials from .env files bash scripts/setup-cloudflare-auto.sh ``` Or if credentials are already exported: ```bash export CLOUDFLARE_API_TOKEN="your-token" export CLOUDFLARE_ZONE_ID="your-zone-id" bash scripts/setup-cloudflare-auto.sh ``` --- ## 📋 What the Script Does The automated script (`scripts/setup-cloudflare-auto.sh`) will: 1. ✅ **Load Credentials** - Automatically reads from `.env` or `.env.production` 2. ✅ **Verify API Access** - Tests Cloudflare API authentication 3. ✅ **Configure DNS Records**: - Creates/updates `www.mim4u.org` → `lemon-water-015cb3010.3.azurestaticapps.net` (Proxied) - Creates/updates `mim4u.org` → `lemon-water-015cb3010.3.azurestaticapps.net` (Proxied) 4. ✅ **Configure SSL/TLS**: - Sets SSL mode to "Full" - Enables "Always Use HTTPS" 5. ✅ **Configure Security**: - Sets security level to "Medium" - Enables Browser Integrity Check 6. ✅ **Configure Performance**: - Enables minification (JS, CSS, HTML) - Enables Brotli compression 7. ✅ **Add Custom Domain to Azure**: - Adds `mim4u.org` to Static Web App - Adds `www.mim4u.org` to Static Web App --- ## 🔧 Manual Execution (If Needed) If you prefer to run commands manually or the script needs adjustment: ### 1. Set Environment Variables ```bash export CLOUDFLARE_API_TOKEN="your-api-token" export CLOUDFLARE_ZONE_ID="your-zone-id" export DOMAIN="mim4u.org" export STATIC_WEB_APP_URL="lemon-water-015cb3010.3.azurestaticapps.net" ``` ### 2. Create DNS Records ```bash # www subdomain curl -X POST "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "type": "CNAME", "name": "www", "content": "'$STATIC_WEB_APP_URL'", "proxied": true, "ttl": 1 }' # Apex domain curl -X POST "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "type": "CNAME", "name": "@", "content": "'$STATIC_WEB_APP_URL'", "proxied": true, "ttl": 1 }' ``` ### 3. Configure SSL/TLS ```bash # Set SSL mode to Full curl -X PATCH "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/ssl" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value":"full"}' # Enable Always Use HTTPS curl -X PATCH "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/always_use_https" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value":"on"}' ``` ### 4. Configure Security ```bash # Set security level curl -X PATCH "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/security_level" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value":"medium"}' # Enable browser check curl -X PATCH "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/browser_check" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value":"on"}' ``` ### 5. Configure Performance ```bash # Enable minification curl -X PATCH "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/minify" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value":{"css":"on","html":"on","js":"on"}}' # Enable Brotli curl -X PATCH "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/brotli" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"value":"on"}' ``` ### 6. Add Custom Domain to Azure ```bash az staticwebapp hostname set \ --name mim-prod-igiay4-web \ --resource-group rg-miraclesinmotion-prod \ --hostname "mim4u.org" az staticwebapp hostname set \ --name mim-prod-igiay4-web \ --resource-group rg-miraclesinmotion-prod \ --hostname "www.mim4u.org" ``` --- ## ✅ Verification After running the script, verify the configuration: ```bash # Check DNS records curl -X GET "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" | jq '.result[] | select(.name | contains("mim4u"))' # Check SSL settings curl -X GET "https://api.cloudflare.com/client/v4/zones/$CLOUDFLARE_ZONE_ID/settings/ssl" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" | jq '.result.value' # Test DNS resolution dig mim4u.org dig www.mim4u.org ``` --- ## 📝 Expected Results After successful execution: - ✅ DNS records created/updated in Cloudflare - ✅ SSL/TLS configured (Full mode, Always HTTPS) - ✅ Security settings configured (Medium level, Browser check) - ✅ Performance optimizations enabled (Minification, Brotli) - ✅ Custom domains added to Azure Static Web App - ✅ Ready for DNS propagation (5-30 minutes) - ✅ SSL certificates will be provisioned automatically (1-24 hours) --- ## 🎯 Next Steps 1. **Run the script:** ```bash bash scripts/setup-cloudflare-auto.sh ``` 2. **Wait for DNS propagation** (usually 5-30 minutes) 3. **Verify SSL certificates** (Azure will provision automatically, 1-24 hours) 4. **Test the website:** ```bash curl -I https://mim4u.org curl -I https://www.mim4u.org ``` 5. **Monitor Cloudflare analytics** in the dashboard --- ## 📚 Related Documentation - `CLOUDFLARE_SETUP.md` - Comprehensive manual setup guide - `CUSTOM_DOMAIN_SETUP.md` - Custom domain configuration details - `scripts/setup-cloudflare-auto.sh` - Automated setup script --- **✅ Script is ready! Run it with your tested credentials to complete Cloudflare automation.**