# ThirdWeb RPC (VMID 2400) - Cloudflare Tunnel Quick Start **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation --- **Status:** Ready to Execute **VMID:** 2400 **IP:** 192.168.11.240 **Domain:** `defi-oracle.io` **FQDN:** `rpc.public-0138.defi-oracle.io` --- ## Overview This guide will set up a Cloudflare tunnel for VMID 2400 (ThirdWeb RPC node) since we can't access pve2 where the existing tunnel is located. --- ## Step 1: Create Cloudflare Tunnel (Manual - Cloudflare Dashboard) ### 1.1 Go to Cloudflare Dashboard 1. Open: https://one.dash.cloudflare.com/ 2. Login to your Cloudflare account ### 1.2 Navigate to Tunnels 1. Click on **Zero Trust** (in the left sidebar) 2. Click on **Networks** → **Tunnels** ### 1.3 Create New Tunnel 1. Click **Create a tunnel** button (top right) 2. Select **Cloudflared** as the connector type 3. Name: `thirdweb-rpc-2400` 4. Click **Save tunnel** ### 1.4 Copy the Tunnel Token After creating the tunnel, you'll see a screen with a token. It looks like: ``` eyJhIjoiNTJhZDU3YTcxNjcxYzVmYzAwOWVkZjA3NDQ2NTgxOTYiLCJ0Ijoi... ``` **IMPORTANT:** Copy this entire token - you'll need it in the next step. --- ## Step 2: Run the Installation Script (Automated) ### 2.1 Run the Script ```bash cd /home/intlc/projects/proxmox # Replace with the token you copied from Step 1.4 ./scripts/setup-cloudflared-vmid2400.sh ``` **Example:** ```bash ./scripts/setup-cloudflared-vmid2400.sh eyJhIjoiNTJhZDU3YTcxNjcxYzVmYzAwOWVkZjA3NDQ2NTgxOTYiLCJ0Ijoi... ``` The script will: - ✅ Check SSH access to Proxmox host (192.168.11.10) - ✅ Verify VMID 2400 is running - ✅ Install cloudflared in the container - ✅ Install and start the tunnel service - ✅ Verify the setup --- ## Step 3: Configure Tunnel Route (Manual - Cloudflare Dashboard) ### 3.1 Go Back to Tunnel Configuration 1. In Cloudflare Dashboard: **Zero Trust** → **Networks** → **Tunnels** 2. Click on your tunnel name: `thirdweb-rpc-2400` 3. Click **Configure** button ### 3.2 Add Public Hostname 1. Go to **Public Hostname** tab 2. Click **Add a public hostname** ### 3.3 Configure the Route Fill in the following: ``` Subdomain: rpc.public-0138 Domain: defi-oracle.io Service Type: HTTP URL: http://127.0.0.1:8545 ``` **Important Notes:** - The subdomain is `rpc.public-0138` (not just `rpc`) - The full domain will be: `rpc.public-0138.defi-oracle.io` - Use `http://127.0.0.1:8545` to connect directly to Besu RPC - If you have Nginx on port 443, use `https://127.0.0.1:443` instead ### 3.4 Save Configuration 1. Click **Save hostname** 2. Wait a few seconds for the configuration to apply --- ## Step 4: Configure DNS Record (Manual - Cloudflare Dashboard) ### 4.1 Navigate to DNS 1. In Cloudflare Dashboard, go to your account overview 2. Select domain: **defi-oracle.io** 3. Click **DNS** in the left sidebar 4. Click **Records** ### 4.2 Add CNAME Record 1. Click **Add record** 2. Fill in: ``` Type: CNAME Name: rpc.public-0138 Target: .cfargotunnel.com Proxy: 🟠 Proxied (orange cloud) TTL: Auto ``` 3. **To find your tunnel ID:** - Go back to **Zero Trust** → **Networks** → **Tunnels** - Click on your tunnel: `thirdweb-rpc-2400` - The tunnel ID is shown in the URL or in the tunnel details - Format: `xxxx-xxxx-xxxx-xxxx` (UUID format) ### 4.3 Save DNS Record 1. Click **Save** 2. Wait 1-2 minutes for DNS propagation --- ## Step 5: Verify Setup ### 5.1 Check Tunnel Status ```bash # From your local machine, check if the tunnel is running ssh root@192.168.11.10 "pct exec 2400 -- systemctl status cloudflared" ``` ### 5.2 Test DNS Resolution ```bash # Test DNS resolution dig rpc.public-0138.defi-oracle.io nslookup rpc.public-0138.defi-oracle.io # Should resolve to Cloudflare IPs (if proxied) or tunnel endpoint ``` ### 5.3 Test RPC Endpoint ```bash # Test HTTP RPC endpoint curl -k https://rpc.public-0138.defi-oracle.io \ -X POST \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' # Expected: JSON response with block number ``` ### 5.4 Verify in Cloudflare Dashboard 1. Go to **Zero Trust** → **Networks** → **Tunnels** 2. Click on `thirdweb-rpc-2400` 3. Status should show **Healthy** (green) 4. You should see the hostname `rpc.public-0138.defi-oracle.io` listed --- ## Troubleshooting ### Tunnel Not Connecting ```bash # Check cloudflared logs inside the container ssh root@192.168.11.10 "pct exec 2400 -- journalctl -u cloudflared -f" # Check if service is running ssh root@192.168.11.10 "pct exec 2400 -- systemctl status cloudflared" ``` ### DNS Not Resolving - Wait a few more minutes for DNS propagation - Verify the CNAME target matches your tunnel ID - Check that the tunnel is healthy in Cloudflare Dashboard ### Connection Refused ```bash # Verify Besu RPC is running ssh root@192.168.11.10 "pct exec 2400 -- systemctl status besu-rpc" # Test Besu RPC locally ssh root@192.168.11.10 "pct exec 2400 -- curl -X POST http://127.0.0.1:8545 \ -H 'Content-Type: application/json' \ -d '{\"jsonrpc\":\"2.0\",\"method\":\"eth_blockNumber\",\"params\":[],\"id\":1}'" ``` --- ## Summary After completing all steps: ✅ Cloudflare tunnel created ✅ Cloudflared installed on VMID 2400 ✅ Tunnel service running and connected ✅ Tunnel route configured for `rpc.public-0138.defi-oracle.io` ✅ DNS CNAME record created ✅ RPC endpoint accessible at `https://rpc.public-0138.defi-oracle.io` **Next Steps:** - Update Thirdweb listing with the new RPC URL - Test with Thirdweb SDK - Monitor tunnel status --- ## Quick Reference **Script Location:** `scripts/setup-cloudflared-vmid2400.sh` **Documentation:** `docs/04-configuration/THIRDWEB_RPC_CLOUDFLARE_SETUP.md` **VMID:** 2400 **IP:** 192.168.11.240 **FQDN:** `rpc.public-0138.defi-oracle.io`