# Configuration Decision Tree

**Last Updated:** 2025-01-20  
**Document Version:** 1.0  
**Status:** Active Documentation

---

## Overview

This document provides a decision tree to help determine the correct configuration approach based on your requirements.

---

## Configuration Decision Tree Diagram

```mermaid
flowchart TD
    Start[Configuration Needed] --> WhatService{What Service?}
    
    WhatService -->|Network| NetworkConfig[Network Configuration]
    WhatService -->|Blockchain| BlockchainConfig[Blockchain Configuration]
    WhatService -->|Cloudflare| CloudflareConfig[Cloudflare Configuration]
    WhatService -->|Proxmox| ProxmoxConfig[Proxmox Configuration]
    
    NetworkConfig --> WhichVLAN{Which VLAN?}
    WhichVLAN -->|Management| VLAN11[VLAN 11: MGMT-LAN<br/>192.168.11.0/24]
    WhichVLAN -->|Besu Validator| VLAN110[VLAN 110: BESU-VAL<br/>10.110.0.0/24]
    WhichVLAN -->|Besu RPC| VLAN112[VLAN 112: BESU-RPC<br/>10.112.0.0/24]
    WhichVLAN -->|CCIP| CCIPVLAN{CCIP Type?}
    CCIPVLAN -->|Commit| VLAN132[VLAN 132: CCIP-COMMIT<br/>10.132.0.0/24]
    CCIPVLAN -->|Execute| VLAN133[VLAN 133: CCIP-EXEC<br/>10.133.0.0/24]
    CCIPVLAN -->|RMN| VLAN134[VLAN 134: CCIP-RMN<br/>10.134.0.0/24]
    
    BlockchainConfig --> NodeType{Node Type?}
    NodeType -->|Validator| ValidatorConfig[Validator Config<br/>Discovery: false<br/>Permissioning: true<br/>APIs: ETH,NET,WEB3,QBFT]
    NodeType -->|Sentry| SentryConfig[Sentry Config<br/>Discovery: true<br/>Permissioning: true<br/>APIs: ETH,NET,WEB3]
    NodeType -->|RPC| RPCType{Public or Private?}
    RPCType -->|Public| PublicRPC[Public RPC Config<br/>Discovery: true<br/>Permissioning: false<br/>APIs: ETH,NET,WEB3]
    RPCType -->|Private| PrivateRPC[Private RPC Config<br/>Discovery: false<br/>Permissioning: true<br/>APIs: ETH,NET,WEB3,ADMIN,DEBUG]
    
    CloudflareConfig --> TunnelType{Tunnel Type?}
    TunnelType -->|HTTP| HTTPTunnel[HTTP Tunnel<br/>Route to Nginx<br/>192.168.11.21:80]
    TunnelType -->|WebSocket| WSTunnel[WebSocket Tunnel<br/>Direct to RPC Node<br/>192.168.11.252:443]
    
    ProxmoxConfig --> ResourceType{Resource Type?}
    ResourceType -->|Container| ContainerConfig[LXC Container<br/>Use pct commands]
    ResourceType -->|VM| VMConfig[Virtual Machine<br/>Use qm commands]
    
    VLAN11 --> UseTemplate1[Use Network Template]
    VLAN110 --> UseTemplate2[Use Network Template]
    VLAN112 --> UseTemplate3[Use Network Template]
    VLAN132 --> UseTemplate4[Use Network Template]
    VLAN133 --> UseTemplate5[Use Network Template]
    VLAN134 --> UseTemplate6[Use Network Template]
    
    ValidatorConfig --> UseBesuTemplate[Use Besu Template]
    SentryConfig --> UseBesuTemplate
    PublicRPC --> UseBesuTemplate
    PrivateRPC --> UseBesuTemplate
    
    HTTPTunnel --> UseCloudflareTemplate[Use Cloudflare Template]
    WSTunnel --> UseCloudflareTemplate
    
    ContainerConfig --> UseProxmoxTemplate[Use Proxmox Template]
    VMConfig --> UseProxmoxTemplate
    
    UseTemplate1 --> ConfigComplete[Configuration Complete]
    UseTemplate2 --> ConfigComplete
    UseTemplate3 --> ConfigComplete
    UseTemplate4 --> ConfigComplete
    UseTemplate5 --> ConfigComplete
    UseTemplate6 --> ConfigComplete
    UseBesuTemplate --> ConfigComplete
    UseCloudflareTemplate --> ConfigComplete
    UseProxmoxTemplate --> ConfigComplete
```

---

## Quick Decision Paths

### Path 1: Network Configuration

**Question:** Which VLAN do you need?

**Decision Tree:**
```
Need Management Network? → VLAN 11 (192.168.11.0/24)
Need Besu Validator Network? → VLAN 110 (10.110.0.0/24)
Need Besu RPC Network? → VLAN 112 (10.112.0.0/24)
Need CCIP Network? → Which type?
  ├─ Commit → VLAN 132 (10.132.0.0/24)
  ├─ Execute → VLAN 133 (10.133.0.0/24)
  └─ RMN → VLAN 134 (10.134.0.0/24)
```

**Template:** Use [PROXMOX_NETWORK_TEMPLATE.conf](../04-configuration/templates/PROXMOX_NETWORK_TEMPLATE.conf)

---

### Path 2: Blockchain Node Configuration

**Question:** What type of Besu node?

**Decision Tree:**
```
Validator Node? → Discovery: false, Permissioning: true, APIs: ETH,NET,WEB3,QBFT
Sentry Node? → Discovery: true, Permissioning: true, APIs: ETH,NET,WEB3
RPC Node? → Public or Private?
  ├─ Public → Discovery: true, Permissioning: false, APIs: ETH,NET,WEB3
  └─ Private → Discovery: false, Permissioning: true, APIs: ETH,NET,WEB3,ADMIN,DEBUG
```

**Template:** Use [BESU_NODE_TEMPLATE.toml](../04-configuration/templates/BESU_NODE_TEMPLATE.toml)

---

### Path 3: Cloudflare Tunnel Configuration

**Question:** What type of service?

**Decision Tree:**
```
HTTP Service? → Route to Central Nginx (192.168.11.21:80)
WebSocket Service? → Route directly to service (bypass Nginx)
```

**Template:** Use [CLOUDFLARE_TUNNEL_TEMPLATE.yaml](../04-configuration/templates/CLOUDFLARE_TUNNEL_TEMPLATE.yaml)

---

### Path 4: Router Configuration

**Question:** What router configuration needed?

**Decision Tree:**
```
WAN Configuration? → Configure WAN1/WAN2 interfaces
VLAN Configuration? → Create VLAN interfaces
NAT Configuration? → Configure egress NAT pools
Firewall Configuration? → Set up firewall rules
```

**Template:** Use [ER605_ROUTER_TEMPLATE.yaml](../04-configuration/templates/ER605_ROUTER_TEMPLATE.yaml)

---

## Configuration Templates Reference

| Configuration Type | Template File | Use Case |
|-------------------|---------------|----------|
| **ER605 Router** | `ER605_ROUTER_TEMPLATE.yaml` | Router WAN, VLAN, NAT configuration |
| **Proxmox Network** | `PROXMOX_NETWORK_TEMPLATE.conf` | Proxmox host network bridge configuration |
| **Cloudflare Tunnel** | `CLOUDFLARE_TUNNEL_TEMPLATE.yaml` | Cloudflare tunnel ingress rules |
| **Besu Node** | `BESU_NODE_TEMPLATE.toml` | Besu blockchain node configuration |

**Template Location:** [../04-configuration/templates/](../04-configuration/templates/)

---

## Step-by-Step Configuration Guide

### Step 1: Identify Requirements

**Questions to answer:**
- What service are you configuring?
- What network segment is needed?
- What security level is required?
- What access level is needed?

### Step 2: Select Appropriate Template

**Based on requirements:**
- Choose template from templates directory
- Review template comments
- Understand placeholder values

### Step 3: Customize Template

**Actions:**
- Replace all `<PLACEHOLDER>` values
- Adjust configuration for specific needs
- Verify syntax and format

### Step 4: Apply Configuration

**Actions:**
- Backup existing configuration
- Apply new configuration
- Test and verify
- Document changes

---

## Related Documentation

- **[../04-configuration/templates/README.md](../04-configuration/templates/README.md)** ⭐⭐⭐ - Template usage guide
- **[ER605_ROUTER_CONFIGURATION.md](ER605_ROUTER_CONFIGURATION.md)** ⭐⭐ - Router configuration guide
- **[CHAIN138_BESU_CONFIGURATION.md](../06-besu/CHAIN138_BESU_CONFIGURATION.md)** ⭐⭐⭐ - Besu configuration guide
- **[CLOUDFLARE_ROUTING_MASTER.md](../05-network/CLOUDFLARE_ROUTING_MASTER.md)** ⭐⭐⭐ - Cloudflare routing reference

---

**Last Updated:** 2025-01-20  
**Review Cycle:** Quarterly