76fda2119a
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Made-with: Cursor
200 lines
8.8 KiB
Plaintext
200 lines
8.8 KiB
Plaintext
# IP Address Configuration — SINGLE SOURCE OF TRUTH
|
||
# All scripts and docs should use these values or source this file.
|
||
# Gateway for 192.168.11.0/24 (VLAN 11 / MGMT-LAN): 192.168.11.1 (UDM Pro).
|
||
# See: docs/11-references/NETWORK_CONFIGURATION_MASTER.md
|
||
# Optional: source PROJECT_ROOT/.env first to override (scripts should: source .env 2>/dev/null; source this file)
|
||
|
||
# Proxmox SSH user for shell access (use root). .env may set PROXMOX_USER=root@pam for API; that is not valid for SSH.
|
||
PROXMOX_SSH_USER="${PROXMOX_SSH_USER:-root}"
|
||
|
||
# Proxmox Hosts (overridable via .env PROXMOX_ML110, PROXMOX_R630_01, PROXMOX_R630_02)
|
||
# NOTE: ML110 (192.168.11.10) is being repurposed to OPNsense/pfSense WAN aggregator; after repurpose .10 is the firewall, not Proxmox. Cluster = r630-01 + r630-02 until more R630s join.
|
||
PROXMOX_HOST_ML110="${PROXMOX_ML110:-${PROXMOX_HOST_ML110:-192.168.11.10}}"
|
||
PROXMOX_HOST_R630_01="${PROXMOX_R630_01:-${PROXMOX_HOST_R630_01:-192.168.11.11}}"
|
||
PROXMOX_HOST_R630_02="${PROXMOX_R630_02:-${PROXMOX_HOST_R630_02:-192.168.11.12}}"
|
||
PROXMOX_ML110="${PROXMOX_HOST_ML110}"
|
||
PROXMOX_R630_01="${PROXMOX_HOST_R630_01}"
|
||
PROXMOX_R630_02="${PROXMOX_HOST_R630_02}"
|
||
# WAN aggregator (OPNsense/pfSense on ML110); same IP .10 after repurpose
|
||
WAN_AGGREGATOR_ML110="${WAN_AGGREGATOR_ML110:-192.168.11.10}"
|
||
|
||
# R630-03..13: 192.168.11.13–.23 (r630-03 … r630-13). Add when nodes are brought online.
|
||
# Extended inventory: R750 (3), Dell 7920 (2), UDM Pro #2 (1). See docs/11-references/HARDWARE_INVENTORY_MASTER.md
|
||
PROXMOX_HOST_R750_01="${PROXMOX_HOST_R750_01:-192.168.11.24}"
|
||
PROXMOX_HOST_R750_02="${PROXMOX_HOST_R750_02:-192.168.11.25}"
|
||
PROXMOX_HOST_R750_03="${PROXMOX_HOST_R750_03:-192.168.11.26}"
|
||
UDM_PRO_2_IP="${UDM_PRO_2_IP:-192.168.11.2}"
|
||
WORKSTATION_01_IP="${WORKSTATION_01_IP:-192.168.11.30}"
|
||
WORKSTATION_02_IP="${WORKSTATION_02_IP:-192.168.11.31}"
|
||
|
||
# RPC Endpoints — Chain ID 138 two standards
|
||
# Core (admin/deploy): RPC_URL_138 — VMID 2101
|
||
RPC_CORE_1="192.168.11.211"
|
||
RPC_URL_138="http://${RPC_CORE_1}:8545"
|
||
# Public (bridge/frontend/monitoring): RPC_URL_138_PUBLIC — VMID 2201, FIXED PERMANENT
|
||
RPC_PUBLIC_1="192.168.11.221"
|
||
RPC_2201="192.168.11.221"
|
||
RPC_URL_138_PUBLIC="http://${RPC_PUBLIC_1}:8545"
|
||
WS_URL_138_PUBLIC="ws://${RPC_PUBLIC_1}:8546"
|
||
|
||
# Other RPC nodes
|
||
RPC_CORE_2="192.168.11.212"
|
||
RPC_PRIVATE_1="192.168.11.232"
|
||
# Fireblocks-dedicated RPC (VMID 2301, same node as RPC_PRIVATE_1 — dedicated for Fireblocks Web3)
|
||
RPC_FIREBLOCKS_1="${RPC_PRIVATE_1}"
|
||
RPC_URL_138_FIREBLOCKS="http://${RPC_FIREBLOCKS_1}:8545"
|
||
WS_URL_138_FIREBLOCKS="ws://${RPC_FIREBLOCKS_1}:8546"
|
||
RPC_THIRDWEB_PRIMARY="192.168.11.240"
|
||
|
||
# Gateway (192.168.11.0/24 — do not change unless network changes)
|
||
NETWORK_GATEWAY="${NETWORK_GATEWAY:-192.168.11.1}"
|
||
|
||
# Proxmox container defaults (recreate-ct-2301, etc.)
|
||
TEMPLATE="${TEMPLATE:-local:vztmpl/debian-12-standard_12.12-1_amd64.tar.zst}"
|
||
STORAGE="${STORAGE:-local-lvm}"
|
||
NETWORK="${NETWORK:-vmbr0}"
|
||
|
||
# Network prefix for computed IPs (e.g. "${NETWORK_PREFIX}.$((100 + vmid - 1000))")
|
||
NETWORK_PREFIX="${NETWORK_PREFIX:-192.168.11}"
|
||
|
||
# Project paths (override if smom-dbis-138 is elsewhere)
|
||
SMOM_DBIS_138_DIR="${SMOM_DBIS_138_DIR:-}"
|
||
|
||
# DNS Servers (Cloudflare - consistent resolution, avoids carrier/ISP DNS issues)
|
||
DNS_PRIMARY="1.1.1.1"
|
||
DNS_SECONDARY="1.0.0.1"
|
||
|
||
# Public IP Block #1 (Spectrum)
|
||
PUBLIC_IP_BLOCK_1="76.53.10.32/28"
|
||
PUBLIC_IP_GATEWAY="76.53.10.33"
|
||
PUBLIC_IP_ER605_WAN1="76.53.10.34"
|
||
|
||
# Service IPs (commonly referenced)
|
||
IP_BLOCKSCOUT="192.168.11.140"
|
||
# Blockscout: web 80, API 4000. Forge Verification Proxy: 3080
|
||
BLOCKSCOUT_API_PORT="${BLOCKSCOUT_API_PORT:-4000}"
|
||
BLOCKSCOUT_API_URL="http://${IP_BLOCKSCOUT}:${BLOCKSCOUT_API_PORT}"
|
||
FORGE_VERIFIER_PROXY_PORT="${FORGE_VERIFIER_PROXY_PORT:-3080}"
|
||
IP_NPMPLUS="192.168.11.167"
|
||
IP_NPMPLUS_SECONDARY="192.168.11.168"
|
||
IP_NGINX_LEGACY="192.168.11.26"
|
||
IP_ORDER_OPENSEARCH="192.168.11.48"
|
||
IP_ORDER_HAPROXY="192.168.11.39"
|
||
IP_VAULT_PHOENIX_2="192.168.11.201"
|
||
|
||
# Order Service IPs
|
||
ORDER_POSTGRES_PRIMARY="192.168.11.44"
|
||
ORDER_POSTGRES_REPLICA="192.168.11.45"
|
||
# Dedicated order-redis LXC (e.g. VMID 10020) not present on cluster as of 2026-03; reserve for scripts / future CT
|
||
ORDER_REDIS_IP="192.168.11.38"
|
||
|
||
# DBIS Service IPs
|
||
DBIS_POSTGRES_PRIMARY="192.168.11.105"
|
||
DBIS_POSTGRES_REPLICA="192.168.11.106"
|
||
DBIS_REDIS_IP="192.168.11.125"
|
||
|
||
# Load this file in scripts:
|
||
# source "$(dirname "$0")/../config/ip-addresses.conf"
|
||
IP_OMADA="192.168.11.20"
|
||
IP_MIM_WEB="192.168.11.37"
|
||
# MIM4U API backend (VMID 7811) — used by nginx on 7810 for /api/ proxy
|
||
MIM_API_IP="192.168.11.36"
|
||
# MIM4U web root (VMID 7810 nginx); optional override, default /var/www/html
|
||
MIM_WEB_ROOT="${MIM_WEB_ROOT:-/var/www/html}"
|
||
DB_HOST="192.168.11.53"
|
||
IP_NPMPLUS_ETH0="192.168.11.166"
|
||
# NPMplus Alltra/HYBX (VMID 10235) - see docs/04-configuration/NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md
|
||
IP_NPMPLUS_ALLTRA_HYBX="192.168.11.169"
|
||
PUBLIC_IP_NPMPLUS_ALLTRA_HYBX="76.53.10.42"
|
||
RPC_ALLTRA_1="192.168.11.250"
|
||
IP_DBIS_FRONTEND="192.168.11.130"
|
||
IP_FIREFLY="192.168.11.66"
|
||
IP_FIREFLY_2="192.168.11.67"
|
||
IP_BESU_SENTRY="192.168.11.154"
|
||
IP_DBIS_API="192.168.11.155"
|
||
IP_DBIS_API_2="192.168.11.156"
|
||
|
||
# Additional service/container IPs (for remaining script migration)
|
||
IP_VALIDATOR_0="192.168.11.100"
|
||
IP_VALIDATOR_1="192.168.11.101"
|
||
IP_VALIDATOR_2="192.168.11.102"
|
||
IP_VALIDATOR_3="192.168.11.103"
|
||
IP_VALIDATOR_4="192.168.11.104"
|
||
IP_BESU_RPC_0="192.168.11.150"
|
||
IP_BESU_RPC_1="192.168.11.151"
|
||
IP_BESU_RPC_2="192.168.11.152"
|
||
IP_BESU_RPC_3="192.168.11.153"
|
||
RPC_ALI_1="192.168.11.251"
|
||
RPC_ALI_2="192.168.11.252"
|
||
RPC_THIRDWEB_1="192.168.11.241"
|
||
RPC_THIRDWEB_2="192.168.11.242"
|
||
|
||
# Network and additional container IPs (for remaining migration)
|
||
NETWORK_192_168_11_0="192.168.11.0"
|
||
IP_INDY="192.168.11.68"
|
||
IP_FABRIC="192.168.11.65"
|
||
IP_CACTI="192.168.11.64"
|
||
# VMID 10200 order-prometheus (NOT Redis). Legacy scripts use ORDER_REDIS_REPLICA for this IP — prefer IP_ORDER_PROMETHEUS.
|
||
IP_ORDER_PROMETHEUS="192.168.11.46"
|
||
ORDER_REDIS_REPLICA="${IP_ORDER_PROMETHEUS}"
|
||
# VMIDs 2506, 2507, 2508 destroyed 2026-02-08; IPs freed for reuse
|
||
RPC_PUTU_1="192.168.11.203"
|
||
RPC_PUTU_2="192.168.11.204"
|
||
RPC_LUIS_1="192.168.11.255"
|
||
RPC_LUIS_2="192.168.11.202"
|
||
|
||
# Additional ALLTRA container IPs
|
||
IP_FIREFLY_ALLTRA_1="192.168.11.175"
|
||
IP_FIREFLY_ALLTRA_2="192.168.11.176"
|
||
IP_CACTI_ALLTRA="192.168.11.177"
|
||
IP_FABRIC_ALLTRA="192.168.11.178"
|
||
IP_INDY_ALLTRA="192.168.11.179"
|
||
IP_OMADA_ALT="192.168.11.8"
|
||
IP_MIM4U="192.168.11.19"
|
||
IP_SERVICE_23="192.168.11.23"
|
||
IP_CCIP_MONITOR="192.168.11.28"
|
||
IP_SERVICE_30="192.168.11.30"
|
||
IP_KEYCLOAK="192.168.11.52"
|
||
IP_RPC_90="192.168.11.90"
|
||
|
||
# Development VM (VMID 5700) — shared Cursor dev + private GitOps (Gitea). See docs/04-configuration/DEV_VM_GITOPS_PLAN.md
|
||
# Changed from .60 to .59 to resolve conflict with VMID 3000 (ML) at .60. Reconfigure CT 5700 on Proxmox to use this IP.
|
||
IP_DEV_VM="192.168.11.59"
|
||
|
||
# Mifos X + Fineract (VMID 5800) on r630-02 — Cloudflare Tunnel + UK egress. See docs/04-configuration/MIFOS_R630_02_DEPLOYMENT.md
|
||
MIFOS_IP="192.168.11.85"
|
||
# Public IP for Mifos when using direct access (A record + UDM Pro port forward). See docs/04-configuration/UDM_PRO_MIFOS_76_53_10_41_PORT_FORWARD.md
|
||
PUBLIC_IP_MIFOS="76.53.10.41"
|
||
|
||
# DApp LXC (VMID 5801) — frontend-dapp for Chain 138 bridge. See docs/03-deployment/DAPP_LXC_DEPLOYMENT.md; E2E: tunnel + NPMplus dapp.d-bis.org
|
||
IP_DAPP_LXC="192.168.11.58"
|
||
|
||
# Phoenix / Sankofa public edge (NPMplus → CT 7800 API, 7801 portal). Legacy scripts use IP_SERVICE_50 / IP_SERVICE_51.
|
||
# SolaceScanScout / Blockscout is IP_BLOCKSCOUT:80 — do NOT point sankofa.nexus or phoenix.sankofa.nexus there.
|
||
IP_SERVICE_50="${IP_SERVICE_50:-192.168.11.50}"
|
||
IP_SERVICE_51="${IP_SERVICE_51:-192.168.11.51}"
|
||
SANKOFA_PHOENIX_API_PORT="${SANKOFA_PHOENIX_API_PORT:-4000}"
|
||
SANKOFA_PORTAL_PORT="${SANKOFA_PORTAL_PORT:-3000}"
|
||
IP_SANKOFA_PHOENIX_API="${IP_SANKOFA_PHOENIX_API:-$IP_SERVICE_50}"
|
||
IP_SANKOFA_PORTAL="${IP_SANKOFA_PORTAL:-$IP_SERVICE_51}"
|
||
|
||
# Gov Portals dev (VMID 7804) — DBIS, ICCC, OMNL, XOM at *.xom-dev.phoenix.sankofa.nexus
|
||
IP_GOV_PORTALS_DEV="192.168.11.54"
|
||
|
||
# Order legal (VMID 10070) — **not** .54 (that is exclusive to VMID 7804 gov-portals). Fixed duplicate ARP 2026-03-25.
|
||
IP_ORDER_LEGAL="192.168.11.87"
|
||
|
||
# Sankofa Studio (VMID 7805) — FusionAI Creator / Phoenix Marketplace SaaS at studio.sankofa.nexus
|
||
# Note: 192.168.11.55 is used by VMID 10230 (order-vault); .72 chosen to avoid conflict.
|
||
IP_SANKOFA_STUDIO="192.168.11.72"
|
||
SANKOFA_STUDIO_VMID="${SANKOFA_STUDIO_VMID:-7805}"
|
||
|
||
# Fourth NPMplus (dev/Codespaces) — tunnel + Proxmox admin. Public 76.53.10.40. See docs/04-configuration/DEV_CODESPACES_76_53_10_40.md
|
||
IP_NPMPLUS_FOURTH="192.168.11.170"
|
||
PUBLIC_IP_NPMPLUS_FOURTH="76.53.10.40"
|
||
NPMPLUS_FOURTH_VMID="${NPMPLUS_FOURTH_VMID:-10236}"
|
||
|
||
# NPMplus Mifos (VMID 10237) on r630-02 — tunnel origin; proxies mifos.d-bis.org to VMID 5800. See docs/04-configuration/MIFOS_NPMPLUS_TUNNEL.md
|
||
IP_NPMPLUS_MIFOS="192.168.11.171"
|
||
NPMPLUS_MIFOS_VMID="${NPMPLUS_MIFOS_VMID:-10237}"
|