#!/usr/bin/env bash # Update critical service dependencies after IP changes # Focuses on Cloudflare, Nginx, and key configuration files set -euo pipefail # Load IP configuration SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true # IP mappings (old -> new) declare -A IP_MAPPINGS=( ["${IP_DEVICE_14:-${IP_DEVICE_14:-${IP_DEVICE_14:-${IP_DEVICE_14:-${IP_DEVICE_14:-${IP_DEVICE_14:-192.168.11.14}}}}}}"]="${IP_CCIP_MONITOR:-192.168.11.28}" # ccip-monitor-1 ["${IP_SERVICE_15:-${IP_SERVICE_15:-192.168.11.15}}"]="${IP_SERVICE_29:-${IP_SERVICE_29:-192.168.11.29}}" # oracle-publisher-1 ["${IP_SERVICE_18:-${IP_SERVICE_18:-192.168.11.18}}"]="${IP_SERVICE_31:-${IP_SERVICE_31:-192.168.11.31}}" # gitea ["${IP_OMADA:-192.168.11.20}"]="${IP_SERVICE_30:-192.168.11.30}" # omada ["${IP_SERVICE_4:-${IP_SERVICE_4:-192.168.11.4}}"]="${IP_SERVICE_32:-${IP_SERVICE_32:-192.168.11.32}}" # proxmox-mail-gateway ["192.168.11.6"]="${IP_SERVICE_33:-${IP_SERVICE_33:-192.168.11.33}}" # proxmox-datacenter-manager ["192.168.11.7"]="${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-192.168.11.35}}}}}}" # firefly-1 ["192.168.11.9"]="${IP_SERVICE_34:-${IP_SERVICE_34:-192.168.11.34}}" # cloudflared ) LOG_FILE="/home/intlc/projects/proxmox/dependency_update_log_$(date +%Y%m%d_%H%M%S).log" BACKUP_DIR="/home/intlc/projects/proxmox/backups/dependency_updates_$(date +%Y%m%d_%H%M%S)" mkdir -p "$BACKUP_DIR" echo "=== Updating Critical Service Dependencies ===" | tee "$LOG_FILE" echo "Backup directory: $BACKUP_DIR" | tee -a "$LOG_FILE" echo "" # Function to update file update_file() { local file="$1" local old_ip="$2" local new_ip="$3" if [ ! -f "$file" ]; then return 0 fi # Backup file cp "$file" "$BACKUP_DIR/$(basename $file).bak" 2>/dev/null || true # Update file if sed -i "s|$old_ip|$new_ip|g" "$file" 2>/dev/null; then echo " ✓ Updated: $file ($old_ip → $new_ip)" | tee -a "$LOG_FILE" return 0 else echo " ✗ Failed: $file" | tee -a "$LOG_FILE" return 1 fi } # Critical files to update CRITICAL_FILES=( "docs/05-network/CENTRAL_NGINX_ROUTING_SETUP.md" "docs/04-configuration/cloudflare/CLOUDFLARE_TUNNEL_CONFIGURATION_GUIDE.md" "scripts/update-cloudflare-tunnel-config.sh" "scripts/setup-central-nginx-routing.sh" ) echo "Updating critical configuration files..." | tee -a "$LOG_FILE" echo "" for file in "${CRITICAL_FILES[@]}"; do full_path="/home/intlc/projects/proxmox/$file" if [ -f "$full_path" ]; then echo "Processing: $file" for old_ip in "${!IP_MAPPINGS[@]}"; do new_ip="${IP_MAPPINGS[$old_ip]}" if grep -q "$old_ip" "$full_path" 2>/dev/null; then update_file "$full_path" "$old_ip" "$new_ip" fi done fi done echo "" echo "=== Checking Nginx Proxy Manager Routes ===" | tee -a "$LOG_FILE" echo "" # Check if Nginx Proxy Manager needs updates # Note: Nginx Proxy Manager uses a web UI, so we'll document what needs to be updated NGINX_ROUTES_FILE="$BACKUP_DIR/nginx_routes_to_update.txt" cat > "$NGINX_ROUTES_FILE" << 'EOF' # Nginx Proxy Manager Routes That May Need Updates # Check these routes in the Nginx Proxy Manager web UI (VMID 105: http://${IP_NGINX_LEGACY:-192.168.11.26}:81) Routes that may reference changed IPs: - omada routes: Check if any route references ${IP_OMADA:-192.168.11.20} → Update to ${IP_SERVICE_30:-192.168.11.30} - gitea routes: Check if any route references ${IP_SERVICE_18:-${IP_SERVICE_18:-192.168.11.18}} → Update to ${IP_SERVICE_31:-${IP_SERVICE_31:-192.168.11.31}} - firefly routes: Check if any route references 192.168.11.7 → Update to ${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-${IP_SERVICE_35:-192.168.11.35}}}}}} To update: 1. Access Nginx Proxy Manager: http://${IP_NGINX_LEGACY:-192.168.11.26}:81 2. Check each Proxy Host configuration 3. Update Forward Hostname/IP if it references old IPs EOF echo "Created: $NGINX_ROUTES_FILE" | tee -a "$LOG_FILE" echo "" echo "=== Checking Cloudflare Tunnel Config ===" | tee -a "$LOG_FILE" echo "" # Check cloudflared container config CLOUDFLARE_CHECK_FILE="$BACKUP_DIR/cloudflare_tunnel_check.txt" cat > "$CLOUDFLARE_CHECK_FILE" << EOF # Cloudflare Tunnel Configuration Check # VMID 102 (cloudflared) - IP changed: 192.168.11.9 → ${IP_SERVICE_34:-${IP_SERVICE_34:-192.168.11.34}} The cloudflared container itself doesn't need config changes (it's the tunnel endpoint). However, check: 1. Cloudflare Dashboard Tunnel Configuration: - If any ingress rules reference 192.168.11.9 directly, update to ${IP_SERVICE_34:-${IP_SERVICE_34:-192.168.11.34}} - Most likely, routes go to Nginx Proxy Manager (${IP_NGINX_LEGACY:-192.168.11.26}), which is correct 2. Internal Service Routes: - If cloudflared routes directly to services that changed IPs, update those routes - Check tunnel config files in VMID 102 container To check: ssh root@${PROXMOX_HOST_R630_02:-192.168.11.12} "pct exec 102 -- cat /etc/cloudflared/config.yml" EOF echo "Created: $CLOUDFLARE_CHECK_FILE" | tee -a "$LOG_FILE" echo "" echo "=== Summary ===" | tee -a "$LOG_FILE" echo "Files updated: $(find $BACKUP_DIR -name '*.bak' | wc -l)" | tee -a "$LOG_FILE" echo "Backup directory: $BACKUP_DIR" | tee -a "$LOG_FILE" echo "Log file: $LOG_FILE" | tee -a "$LOG_FILE" echo "" echo "⚠️ Note: Nginx Proxy Manager and Cloudflare Dashboard require manual updates" echo " See files in $BACKUP_DIR for details"