proxmox/docs/04-configuration/README.md

# Configuration & Setup

**Last Updated:** 2026-01-31  
**Document Version:** 1.0  
**Status:** Active Documentation

---

This directory contains setup and configuration guides.

**Master documentation (source of truth for URLs/VMIDs):** [MASTER_DOCUMENTATION_INDEX.md](../00-meta/MASTER_DOCUMENTATION_INDEX.md) — Use [ALL_VMIDS_ENDPOINTS.md](ALL_VMIDS_ENDPOINTS.md) and [RPC_ENDPOINTS_MASTER.md](RPC_ENDPOINTS_MASTER.md) as the Bible when fixing placeholders or domain → VMID:port; only explorer.d-bis.org → 192.168.11.140.

## Documents

- **[MCP_SETUP.md](MCP_SETUP.md)** ⭐⭐ - MCP Server configuration for Claude Desktop
- **[ENV_STANDARDIZATION.md](ENV_STANDARDIZATION.md)** ⭐⭐ - Environment variable standardization
- **[CREDENTIALS_CONFIGURED.md](CREDENTIALS_CONFIGURED.md)** ⭐ - Credentials configuration guide
- **[SECRETS_KEYS_CONFIGURATION.md](SECRETS_KEYS_CONFIGURATION.md)** ⭐⭐ - Secrets and keys management
- **[SSH_SETUP.md](SSH_SETUP.md)** ⭐ - SSH key setup and configuration
- **[FINALIZE_TOKEN.md](FINALIZE_TOKEN.md)** ⭐ - Token finalization guide
- **[cloudflare/](cloudflare)** ⭐⭐⭐ - Cloudflare configuration documentation
- **[CLOUDFLARE_CREDENTIALS_BOTH_METHODS.md](CLOUDFLARE_CREDENTIALS_BOTH_METHODS.md)** ⭐⭐ - API token vs email+key; Certbot one method per file
- **[NPMPLUS_CERTBOT_CLOUDNS_CREDENTIALS.md](NPMPLUS_CERTBOT_CLOUDNS_CREDENTIALS.md)** ⭐ - ClouDNS credentials from .env for NPMplus Certbot DNS challenge
- **[ER605_ROUTER_CONFIGURATION.md](ER605_ROUTER_CONFIGURATION.md)** ⭐⭐ - ER605 router configuration
- **[OMADA_API_SETUP.md](OMADA_API_SETUP.md)** ⭐⭐ - Omada API integration setup
- **[OMADA_HARDWARE_CONFIGURATION_REVIEW.md](OMADA_HARDWARE_CONFIGURATION_REVIEW.md)** ⭐⭐⭐ - Comprehensive Omada hardware and configuration review
- **[UNIFI_API_SETUP.md](UNIFI_API_SETUP.md)** ⭐⭐ - UniFi Local API integration setup
- **[SITE_MANAGER_API_SETUP.md](SITE_MANAGER_API_SETUP.md)** ⭐⭐ - UniFi Site Manager Cloud API integration setup
- **[UNIFI_API_COMPARISON.md](UNIFI_API_COMPARISON.md)** ⭐⭐ - Comparison guide for all UniFi API types
- **[UNIFI_ENDPOINTS_REFERENCE.md](UNIFI_ENDPOINTS_REFERENCE.md)** ⭐⭐ - UniFi Local API endpoints reference
- **[UNIFI_CONFIGURATION_STATUS.md](UNIFI_CONFIGURATION_STATUS.md)** ⭐ - UniFi UDM Pro configuration status and API availability
- **[UDM_PRO_STATUS.md](UDM_PRO_STATUS.md)** ⭐⭐⭐ - **Single source of truth** for UDM Pro configuration status (completed/remaining tasks, progress tracking, key identifiers)
- **[UDM_PRO_CONFIGURATION_CHECKLIST.md](UDM_PRO_CONFIGURATION_CHECKLIST.md)** ⭐⭐⭐ - Complete UDM Pro configuration checklist (35 tasks)
- **[UDM_PRO_API_ENDPOINT_EXPLORATION.md](UDM_PRO_API_ENDPOINT_EXPLORATION.md)** ⭐⭐ - API endpoint exploration and availability testing
- **[UDM_PRO_API_FIREWALL_ENDPOINTS.md](UDM_PRO_API_FIREWALL_ENDPOINTS.md)** ⭐⭐⭐ - Firewall/ACL API endpoints documentation and configuration examples
- **[UDM_PRO_FIREWALL_API_LIMITATIONS.md](UDM_PRO_FIREWALL_API_LIMITATIONS.md)** ⭐⭐ - Firewall API limitations and workarounds
- **[UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md)** ⭐⭐⭐ - Manual firewall configuration guide for complex rules
- **[UDM_PRO_COMPLETE_MANUAL_GUIDE.md](UDM_PRO_COMPLETE_MANUAL_GUIDE.md)** ⭐⭐⭐ - Complete manual configuration guide (all remaining tasks)
- **[UDM_PRO_DHCP_RESERVATIONS_GUIDE.md](UDM_PRO_DHCP_RESERVATIONS_GUIDE.md)** ⭐⭐⭐ - DHCP static IP reservations configuration guide
- **[UDM_PRO_PORT_PROFILES_GUIDE.md](UDM_PRO_PORT_PROFILES_GUIDE.md)** ⭐⭐⭐ - Port profiles and VLAN trunking configuration guide
- **[UDM_PRO_SYSTEM_SETTINGS_GUIDE.md](UDM_PRO_SYSTEM_SETTINGS_GUIDE.md)** ⭐⭐ - System settings configuration guide (hostname, timezone, NTP, backups)
- **[UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md](UDM_PRO_FIREWALL_MANUAL_CONFIGURATION.md)** ⭐⭐⭐ - Manual firewall configuration guide (sovereign tenant isolation)
- **[cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md](cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md)** ⭐⭐ - Cloudflare Zero Trust integration
- **[cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md](cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md)** ⭐⭐⭐ - Mapping Cloudflare DNS to Proxmox LXC containers
- **[cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md](cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md)** ⭐⭐⭐ - DNS configuration for Mail (100), RPC (2502), and Solace (300X)

- **Fireblocks Web3:** Submodule **[fireblocks-integration/](../fireblocks-integration/)** (Gitea: [d-bis/fireblocks-integration](https://gitea.d-bis.org/d-bis/fireblocks-integration)) — Dedicated RPC (VMID 2301), Console/SDK docs, `.env.example`. In-repo copy: [FIREBLOCKS_WEB3_INTEGRATION.md](FIREBLOCKS_WEB3_INTEGRATION.md) (operator/hosting ref).

**Chain 138 / Wallets (overview first; all repos in ~/projects/):**
- **[CHAIN138_WALLET_REPOSITORIES.md](CHAIN138_WALLET_REPOSITORIES.md)** ⭐⭐⭐ - **Canonical layout:** metamask-integration, LedgerLive, app-ethereum, TrustWallet-Integration each in `~/projects/`. All items **Yes / Completed.**
- **[CHAIN138_WALLET_ECOSYSTEM_AND_RATIONALE.md](CHAIN138_WALLET_ECOSYSTEM_AND_RATIONALE.md)** ⭐⭐⭐ - **Why** we have the MetaMask Snap, **why** we need Ledger Live when we already use App-Ethereum, Trust Wallet support; links to all wallet docs.
- **[ADD_CHAIN138_TO_LEDGER_LIVE.md](ADD_CHAIN138_TO_LEDGER_LIVE.md)** ⭐⭐ - Add Defi Oracle Meta Mainnet (Chain 138) to Ledger Live (request + materials).
- **[ADD_CHAIN138_TO_TRUST_WALLET.md](ADD_CHAIN138_TO_TRUST_WALLET.md)** ⭐⭐ - Add Chain 138 to Trust Wallet (user manual add via Chainlist; official Wallet Core PR steps; materials in ~/projects/TrustWallet-Integration).
- **[CHAIN138_WALLET_PROJECTS_COMPLETION_REVIEW.md](CHAIN138_WALLET_PROJECTS_COMPLETION_REVIEW.md)** ⭐⭐ - **Completion and test review:** all four projects verified; MetaMask E2E 7/7 + Snap unit tests pass; Ledger/app-ethereum/Trust status.

**Decision tree (which VLAN, service, deployment path):** [CONFIGURATION_DECISION_TREE.md](CONFIGURATION_DECISION_TREE.md) (local); canonical version with deployment paths: [../10-best-practices/CONFIGURATION_DECISION_TREE.md](../10-best-practices/CONFIGURATION_DECISION_TREE.md).

- **[FIXES_PREPARED.md](FIXES_PREPARED.md)** ⭐⭐⭐ - Single checklist of all fixes (required + optional) with copy-paste commands: UDM Pro Alltra/HYBX port forward, Alltra/HYBX 502 diagnosis, NPMplus certs, Explorer SSL, shellcheck, verification re-run.
- **[FULL_FIXES_PREPARED.md](FULL_FIXES_PREPARED.md)** ⭐⭐⭐ - Consolidated full fixes: validators & block production, stuck tx, Sentries (1503/1504), RPCs (2301, 2402, 2503–2508), UDM Pro, Alltra/HYBX 502, optional (certs, Explorer SSL, shellcheck, verification). Master table + execution order.

## Quick Reference

**Initial Setup:**
1. MCP_SETUP.md - Configure MCP Server
2. ENV_STANDARDIZATION.md - Standardize environment variables
3. CREDENTIALS_CONFIGURED.md - Configure credentials

**Network Configuration:**
1. **Edge:** UDM Pro (76.53.10.34, replaced ER605). Port forward 76.53.10.36:80/443 → 192.168.11.167 (NPMplus). Proxmox hosts: 192.168.11.10–12. NPMplus: .166 and .167; only .167 in UDM Pro. See [../11-references/NETWORK_CONFIGURATION_MASTER.md](../11-references/NETWORK_CONFIGURATION_MASTER.md).
2. ER605_ROUTER_CONFIGURATION.md - ER605 reference (replaced by UDM Pro)
3. CLOUDFLARE_ZERO_TRUST_GUIDE.md - Set up Cloudflare Zero Trust

## Related Documentation

- **[../01-getting-started/](../01-getting-started/)** - Getting started
- **[../02-architecture/](../02-architecture/)** - Architecture reference
- **[../05-network/](../05-network/)** - Network infrastructure