scripts/install-certbot-dns-cloudflare-in-npm.sh.bak

#!/usr/bin/env bash
# Install certbot and certbot-dns-cloudflare inside the NPM container so the NPM UI
# can use DNS (Cloudflare) challenge without needing to reach PyPI on first use.
# Run from repo root. Requires SSH to Proxmox and .env with PROXMOX_HOST, NPMPLUS_VMID.
# See: docs/04-configuration/NPM_SSL_DNS_CLOUDFLARE_TROUBLESHOOTING.md

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
cd "$PROJECT_ROOT"

if [ -f .env ]; then
  set +u
  set -a
  # shellcheck source=/dev/null
  source .env 2>/dev/null || true
  set +a
  set -u
fi

NPMPLUS_VMID="${NPMPLUS_VMID:-${NPM_VMID:-10233}}"
PROXMOX_HOST="${PROXMOX_HOST:-192.168.11.11}"

echo "Installing certbot + certbot-dns-cloudflare in NPM container (VMID $NPMPLUS_VMID on $PROXMOX_HOST)..."
echo "Container must have outbound internet (DNS + route to PyPI)."
echo ""

ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new root@"$PROXMOX_HOST" \
  "pct exec $NPMPLUS_VMID -- /opt/certbot/bin/pip install --upgrade pip setuptools wheel && \
   pct exec $NPMPLUS_VMID -- /opt/certbot/bin/pip install certbot certbot-dns-cloudflare"

echo ""
echo "Done. You can request DNS (Cloudflare) certificates in the NPM UI again."
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates - ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands - CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround - CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check - NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere - MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates - LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference Co-authored-by: Cursor <cursoragent@cursor.com> 2026-02-12 15:46:57 -08:00			`#!/usr/bin/env bash`
			`# Install certbot and certbot-dns-cloudflare inside the NPM container so the NPM UI`
			`# can use DNS (Cloudflare) challenge without needing to reach PyPI on first use.`
			`# Run from repo root. Requires SSH to Proxmox and .env with PROXMOX_HOST, NPMPLUS_VMID.`
			`# See: docs/04-configuration/NPM_SSL_DNS_CLOUDFLARE_TROUBLESHOOTING.md`

			`set -euo pipefail`

			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
			`PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"`
			`cd "$PROJECT_ROOT"`

			`if [ -f .env ]; then`
			`set +u`
			`set -a`
			`# shellcheck source=/dev/null`
			`source .env 2>/dev/null \|\| true`
			`set +a`
			`set -u`
			`fi`

			`NPMPLUS_VMID="${NPMPLUS_VMID:-${NPM_VMID:-10233}}"`
			`PROXMOX_HOST="${PROXMOX_HOST:-192.168.11.11}"`

			`echo "Installing certbot + certbot-dns-cloudflare in NPM container (VMID $NPMPLUS_VMID on $PROXMOX_HOST)..."`
			`echo "Container must have outbound internet (DNS + route to PyPI)."`
			`echo ""`

			`ssh -o ConnectTimeout=10 -o StrictHostKeyChecking=accept-new root@"$PROXMOX_HOST" \`
			`"pct exec $NPMPLUS_VMID -- /opt/certbot/bin/pip install --upgrade pip setuptools wheel && \`
			`pct exec $NPMPLUS_VMID -- /opt/certbot/bin/pip install certbot certbot-dns-cloudflare"`

			`echo ""`
			`echo "Done. You can request DNS (Cloudflare) certificates in the NPM UI again."`