d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
d38174dc25cb9da14652bbab6315b6d32e4354a9
proxmox/reports/DNS_UPDATE_AUTOMATION_COMPLETE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

4.8 KiB
Raw Blame History

DNS Update Automation - Complete

Date: 2026-01-09
Script: scripts/update-all-dns-to-public-ip.sh
Status: Ready to Use

Summary

Created an automated script to update all Cloudflare DNS records to point to a single public IP (76.53.10.35) with DNS only mode, enabling direct NAT routing through ER605 to Nginx.

Script Features

Multi-Zone Support

  • Handles 4 different Cloudflare zones
  • sankofa.nexus
  • d-bis.org
  • mim4u.org
  • defi-oracle.io

Smart Record Management

  • Creates new records if they don't exist
  • Updates existing records if they do exist
  • Handles duplicate records gracefully

DNS Only Mode

  • Sets all records to DNS only (gray cloud)
  • No Cloudflare proxy (direct IP routing)
  • Enables NAT-based routing

Error Handling

  • Comprehensive error checking
  • Detailed logging with colors
  • Summary of successes and failures

Flexible Authentication

  • Supports API Token (recommended)
  • Supports Email + API Key (alternative)

Complete Domain List (19 Records)

sankofa.nexus Zone (5 records)

  1. sankofa.nexus - Sankofa main website
  2. www.sankofa.nexus - Sankofa www
  3. phoenix.sankofa.nexus - Phoenix website
  4. www.phoenix.sankofa.nexus - Phoenix www
  5. the-order.sankofa.nexus - The Order portal

d-bis.org Zone (9 records)

  1. rpc-http-pub.d-bis.org - RPC Public HTTP
  2. rpc-ws-pub.d-bis.org - RPC Public WebSocket
  3. rpc-http-prv.d-bis.org - RPC Private HTTP
  4. rpc-ws-prv.d-bis.org - RPC Private WebSocket
  5. explorer.d-bis.org - Block Explorer
  6. dbis-admin.d-bis.org - DBIS Admin
  7. dbis-api.d-bis.org - DBIS API Primary
  8. dbis-api-2.d-bis.org - DBIS API Secondary
  9. secure.d-bis.org - DBIS Secure Portal

mim4u.org Zone (4 records)

  1. mim4u.org - MIM4U main site
  2. www.mim4u.org - MIM4U www
  3. secure.mim4u.org - MIM4U secure portal
  4. training.mim4u.org - MIM4U training portal

defi-oracle.io Zone (1 record)

  1. rpc.public-0138.defi-oracle.io - ThirdWeb RPC

Configuration Required

.env File Variables

# Public IP (single IP for all services)
PUBLIC_IP=76.53.10.35

# Cloudflare Authentication (choose one)
CLOUDFLARE_API_TOKEN=your-token-here
# OR
CLOUDFLARE_EMAIL=your-email@example.com
CLOUDFLARE_API_KEY=your-api-key-here

# Zone IDs (get from Cloudflare Dashboard)
CLOUDFLARE_ZONE_ID_SANKOFA_NEXUS=your-zone-id
CLOUDFLARE_ZONE_ID_D_BIS_ORG=your-zone-id
CLOUDFLARE_ZONE_ID_MIM4U_ORG=your-zone-id
CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO=your-zone-id

Usage

Step 1: Configure .env

Add the required variables to your .env file (see above).

Step 2: Run Script

cd /home/intlc/projects/proxmox
./scripts/update-all-dns-to-public-ip.sh

Step 3: Verify

# Test DNS resolution
dig sankofa.nexus +short
dig secure.d-bis.org +short
dig mim4u.org +short

# All should return: 76.53.10.35

Architecture

Internet → Cloudflare DNS (DNS Only) → 76.53.10.35 → ER605 NAT → Nginx (192.168.11.26:443) → Backend Services

Key Points:

  • Single public IP for all 19 domains
  • DNS only mode (no Cloudflare proxy)
  • ER605 NAT forwards to Nginx
  • Nginx routes by hostname (SNI)

Path-Based Routing

Some services use path-based routing (handled by Nginx):

  • sankofa.nexus/api → Routes to Sankofa API
  • phoenix.sankofa.nexus/api → Routes to Phoenix API
  • secure.d-bis.org/admin → Routes to DBIS Admin
  • secure.d-bis.org/api → Routes to DBIS API
  • secure.d-bis.org/graph → Routes to DBIS GraphQL
  • mim4u.org/admin → Routes to MIM4U Admin

These are handled by Nginx configuration, not DNS.

Files Created

  1. Script: scripts/update-all-dns-to-public-ip.sh

    • Main automation script
    • Executable and ready to use

  2. Example Config: scripts/update-all-dns-to-public-ip.env.example

    • Template for .env configuration
    • Shows all required variables

  3. Documentation: docs/04-configuration/DNS_UPDATE_SCRIPT_GUIDE.md

    • Complete usage guide
    • Troubleshooting section
    • Verification steps

  4. Quick Reference: scripts/update-all-dns-to-public-ip.README.md

    • Quick start guide
    • Domain list summary

Next Steps

  1. Script created and validated
  2. Add Cloudflare credentials to .env
  3. Add Zone IDs to .env
  4. Run script to update DNS
  5. Verify DNS resolution
  6. Configure ER605 NAT rules
  7. Configure Nginx on VMID 105
  8. Test all endpoints

Related Documentation

  • Script Guide: docs/04-configuration/DNS_UPDATE_SCRIPT_GUIDE.md
  • ER605 NAT Config: docs/04-configuration/ER605_ROUTER_CONFIGURATION.md
  • Nginx Config: docs/04-configuration/NGINX_CONFIGURATIONS_VMIDS_2400-2508.md
  • Network Architecture: docs/02-architecture/NETWORK_ARCHITECTURE.md

Status: Script Ready - Configure and Run

Reference in New Issue View Git Blame Copy Permalink