d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
master
proxmox/docs/09-troubleshooting/FIX_TUNNEL_ALTERNATIVES.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

4.8 KiB
Raw Permalink Blame History

Fix Tunnel - Alternative Methods

Last Updated: 2026-01-31
Document Version: 1.0
Status: Active Documentation

Problem

The fix-shared-tunnel.sh script cannot connect because your machine is on 192.168.1.0/24 and cannot directly reach 192.168.11.0/24.

Solution Methods

Method 1: Use SSH Tunnel Recommended

# Terminal 1: Start SSH tunnel
./setup_ssh_tunnel.sh

# Terminal 2: Run fix with localhost
PROXMOX_HOST=localhost ./fix-shared-tunnel.sh

Method 2: Manual File Deployment

The script automatically generates configuration files when connection fails:

Location: /tmp/tunnel-fix-10ab22da-8ea3-4e2e-a896-27ece2211a05/

Files:

  • tunnel-services.yml - Tunnel configuration
  • cloudflared-services.service - Systemd service
  • DEPLOY_INSTRUCTIONS.md - Deployment guide

Deploy from Proxmox host:

# Copy files to Proxmox host
scp -r /tmp/tunnel-fix-* root@192.168.11.12:/tmp/

# SSH to Proxmox host
ssh root@192.168.11.12

# Deploy to container
pct push 102 /tmp/tunnel-fix-*/tunnel-services.yml /etc/cloudflared/tunnel-services.yml
pct push 102 /tmp/tunnel-fix-*/cloudflared-services.service /etc/systemd/system/cloudflared-services.service
pct exec 102 -- chmod 600 /etc/cloudflared/tunnel-services.yml
pct exec 102 -- systemctl daemon-reload
pct exec 102 -- systemctl enable cloudflared-services.service
pct exec 102 -- systemctl start cloudflared-services.service

Method 3: Cloudflare Dashboard Easiest

  1. Go to: https://one.dash.cloudflare.com/
  2. Navigate to: Zero TrustNetworksTunnels
  3. Find tunnel: 10ab22da-8ea3-4e2e-a896-27ece2211a05
  4. Click Configure
  5. Add all hostnames:
Hostname Service URL
dbis-admin.d-bis.org HTTP 192.168.11.21:80
dbis-api.d-bis.org HTTP 192.168.11.21:80
dbis-api-2.d-bis.org HTTP 192.168.11.21:80
mim4u.org.d-bis.org HTTP 192.168.11.21:80
www.mim4u.org.d-bis.org HTTP 192.168.11.21:80
rpc-http-prv.d-bis.org HTTP 192.168.11.21:80
rpc-http-pub.d-bis.org HTTP 192.168.11.21:80
rpc-ws-prv.d-bis.org HTTP 192.168.11.21:80
rpc-ws-pub.d-bis.org HTTP 192.168.11.21:80
  1. Add catch-all rule: HTTP 404: Not Found (must be last)
  2. Save configuration
  3. Wait 1-2 minutes for tunnel to reload

Method 4: Run from Proxmox Network

If you have access to a machine on 192.168.11.0/24:

# Copy script to that machine
scp fix-shared-tunnel.sh user@192.168.11.x:/tmp/

# SSH to that machine and run
ssh user@192.168.11.x
cd /tmp
chmod +x fix-shared-tunnel.sh
./fix-shared-tunnel.sh

Method 5: Direct Container Access

If you can access the container directly:

# Create config file inside container
pct exec 102 -- bash << 'EOF'
cat > /etc/cloudflared/tunnel-services.yml << 'CONFIG'
tunnel: 10ab22da-8ea3-4e2e-a896-27ece2211a05
credentials-file: /etc/cloudflared/credentials-services.json

ingress:
  - hostname: dbis-admin.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: dbis-admin.d-bis.org
  - hostname: dbis-api.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: dbis-api.d-bis.org
  - hostname: dbis-api-2.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: dbis-api-2.d-bis.org
  - hostname: mim4u.org.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: mim4u.org.d-bis.org
  - hostname: www.mim4u.org.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: www.mim4u.org.d-bis.org
  - hostname: rpc-http-prv.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: rpc-http-prv.d-bis.org
  - hostname: rpc-http-pub.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: rpc-http-pub.d-bis.org
  - hostname: rpc-ws-prv.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: rpc-ws-prv.d-bis.org
  - hostname: rpc-ws-pub.d-bis.org
    service: http://192.168.11.21:80
    originRequest:
      httpHostHeader: rpc-ws-pub.d-bis.org
  - service: http_status:404

metrics: 127.0.0.1:9090
loglevel: info
gracePeriod: 30s
CONFIG

chmod 600 /etc/cloudflared/tunnel-services.yml
EOF

Verification

After applying any method:

# Check tunnel status in Cloudflare Dashboard
# Should change from DOWN to HEALTHY

# Test endpoints
curl -I https://dbis-admin.d-bis.org
curl -I https://rpc-http-pub.d-bis.org
curl -I https://dbis-api.d-bis.org

Recommended Approach

For Quick Fix: Use Method 3 (Cloudflare Dashboard) - No SSH needed, immediate effect

For Automation: Use Method 1 (SSH Tunnel) - Scriptable, repeatable

For Production: Use Method 2 (Manual Deployment) - Most control, can review files first

Reference in New Issue View Git Blame Copy Permalink