d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
ed85135249e00c0e5cb807743c93f1a28faaa790
proxmox/scripts/set-rpc-dns-to-tunnel.sh
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

165 lines
6.3 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/usr/bin/env bash
# Set the 6 RPC hostnames to CNAME to Cloudflare Tunnel (Option B for full RPC E2E pass).
# Deletes existing A records and creates/updates CNAME to <tunnel-id>.cfargotunnel.com (Proxied).
# Usage: ./scripts/set-rpc-dns-to-tunnel.sh
# Requires: .env with Cloudflare credentials and zone IDs; CLOUDFLARE_TUNNEL_ID (optional).
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
cd "$PROJECT_ROOT"
# Load .env
if [ -f "$PROJECT_ROOT/.env" ]; then
set +u
source "$PROJECT_ROOT/.env" 2>/dev/null || true
set -u
fi
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
log_warn() { echo -e "${YELLOW}[⚠]${NC} $1"; }
log_error() { echo -e "${RED}[✗]${NC} $1"; }
# Cloudflare auth
if [ -n "${CLOUDFLARE_API_TOKEN:-}" ]; then
AUTH_HEADER="Authorization: Bearer $CLOUDFLARE_API_TOKEN"
log_info "Using API Token"
elif [ -n "${CLOUDFLARE_EMAIL:-}" ] && [ -n "${CLOUDFLARE_API_KEY:-}" ]; then
AUTH_HEADER_EMAIL="$CLOUDFLARE_EMAIL"
AUTH_HEADER_KEY="$CLOUDFLARE_API_KEY"
log_info "Using Email/API Key"
else
log_error "Missing Cloudflare credentials (CLOUDFLARE_API_TOKEN or CLOUDFLARE_EMAIL + CLOUDFLARE_API_KEY)"
exit 1
fi
ZONE_D_BIS_ORG="${CLOUDFLARE_ZONE_ID_D_BIS_ORG:-${CLOUDFLARE_ZONE_ID:-}}"
ZONE_DEFI_ORACLE_IO="${CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO:-}"
TUNNEL_ID="${CLOUDFLARE_TUNNEL_ID:-10ab22da-8ea3-4e2e-a896-27ece2211a05}"
TUNNEL_TARGET="${TUNNEL_ID}.cfargotunnel.com"
if [ -z "$ZONE_D_BIS_ORG" ]; then
log_error "CLOUDFLARE_ZONE_ID or CLOUDFLARE_ZONE_ID_D_BIS_ORG required"
exit 1
fi
if [ -z "$ZONE_DEFI_ORACLE_IO" ]; then
log_warn "CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO not set; skipping defi-oracle.io RPC hostnames"
fi
cf_api_request() {
local method="$1" zone_id="$2" endpoint="$3" data="${4:-}"
local url="https://api.cloudflare.com/client/v4/zones/${zone_id}${endpoint}"
if [ -n "${CLOUDFLARE_API_TOKEN:-}" ]; then
if [ -n "$data" ]; then
curl -s -X "$method" "$url" -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json" --data "$data"
else
curl -s -X "$method" "$url" -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" -H "Content-Type: application/json"
fi
else
if [ -n "$data" ]; then
curl -s -X "$method" "$url" -H "X-Auth-Email: $AUTH_HEADER_EMAIL" -H "X-Auth-Key: $AUTH_HEADER_KEY" -H "Content-Type: application/json" --data "$data"
else
curl -s -X "$method" "$url" -H "X-Auth-Email: $AUTH_HEADER_EMAIL" -H "X-Auth-Key: $AUTH_HEADER_KEY" -H "Content-Type: application/json"
fi
fi
}
get_dns_record() {
local zone_id="$1" name="$2" type="${3:-A}"
local response; response=$(cf_api_request "GET" "$zone_id" "/dns_records?name=${name}&type=${type}")
echo "$response" | jq -r '.result[0] // empty' 2>/dev/null || true
}
get_all_dns_records() {
local zone_id="$1" name="$2"
local response; response=$(cf_api_request "GET" "$zone_id" "/dns_records?name=${name}")
echo "$response" | jq -r '.result[]? | .type + " " + .id' 2>/dev/null || true
}
delete_dns_record() {
local zone_id="$1" record_id="$2"
local response; response=$(cf_api_request "DELETE" "$zone_id" "/dns_records/$record_id")
echo "$response" | jq -e '.success' >/dev/null 2>&1
}
create_or_update_cname() {
local zone_id="$1" full_name="$2" target="$3"
log_info "Processing: $full_name → CNAME $target (Proxied)"
# Delete any A record (CNAME and A cannot coexist for same name)
local all; all=$(get_all_dns_records "$zone_id" "$full_name")
while read -r typ id; do
[ -z "$id" ] && continue
if [ "$typ" = "A" ]; then
if delete_dns_record "$zone_id" "$id"; then
log_success " Deleted A record"
else
log_warn " Failed to delete A record $id"
fi
fi
done <<< "$all"
# Create or update CNAME
local cname; cname=$(get_dns_record "$zone_id" "$full_name" "CNAME")
local data; data=$(jq -n --arg name "$full_name" --arg content "$target" '{
type: "CNAME", name: $name, content: $content, proxied: true, ttl: 1
}')
local response
if [ -n "$cname" ] && [ "$cname" != "null" ]; then
local record_id; record_id=$(echo "$cname" | jq -r '.id')
response=$(cf_api_request "PUT" "$zone_id" "/dns_records/$record_id" "$data")
else
response=$(cf_api_request "POST" "$zone_id" "/dns_records" "$data")
fi
if echo "$response" | jq -e '.success' >/dev/null 2>&1; then
log_success " CNAME set: $full_name"
return 0
fi
local err; err=$(echo "$response" | jq -r '.errors[0].message // "Unknown error"' 2>/dev/null)
log_error " Failed: $err"
return 1
}
echo ""
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "Option B: Set 6 RPC hostnames → CNAME to Tunnel"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
log_info "Tunnel target: $TUNNEL_TARGET"
echo ""
FAIL=0
# d-bis.org (4 RPC hostnames)
RPC_DBIS=( "rpc-http-pub.d-bis.org" "rpc.d-bis.org" "rpc2.d-bis.org" "rpc-http-prv.d-bis.org" )
for name in "${RPC_DBIS[@]}"; do
create_or_update_cname "$ZONE_D_BIS_ORG" "$name" "$TUNNEL_TARGET" || FAIL=$((FAIL+1))
done
# defi-oracle.io (2 RPC hostnames)
if [ -n "$ZONE_DEFI_ORACLE_IO" ]; then
RPC_DEFI=( "rpc.public-0138.defi-oracle.io" "rpc.defi-oracle.io" )
for name in "${RPC_DEFI[@]}"; do
create_or_update_cname "$ZONE_DEFI_ORACLE_IO" "$name" "$TUNNEL_TARGET" || FAIL=$((FAIL+1))
done
else
log_warn "Skipped defi-oracle.io (no zone ID)"
FAIL=$((FAIL+2))
fi
echo ""
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
if [ $FAIL -eq 0 ]; then
log_success "Done. Wait 15 min for DNS, then: bash scripts/verify/troubleshoot-rpc-failures.sh"
else
log_warn "Completed with $FAIL failure(s). Check zone IDs and credentials."
exit 1
fi
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
Reference in New Issue View Git Blame Copy Permalink