d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fbe027bf04d72efa644d1593d35178ea336eca3f
proxmox/docs/04-configuration/DBIS_INSTITUTIONAL_SUBDOMAINS.md
defiQUG 7ac74f432b chore: sync docs, config schemas, scripts, and meta task alignment 
- Institutional / JVMTM / reserve-provenance / GRU transport + standards JSON
- Validation and verify scripts (Blockscout labels, x402, GRU preflight, P1 local path)
- Wormhole wiring in AGENTS, MCP_SETUP, MASTER_INDEX, 04-configuration README
- Meta docs, integration gaps, live verification log, architecture updates
- CI validate-config workflow updates

Operator/LAN items, submodule working trees, and public token-aggregation edge
routes remain follow-up (see TODOS_CONSOLIDATED P1).

Made-with: Cursor
2026-03-31 22:31:39 -07:00

3.8 KiB
Raw Blame History

DBIS institutional subdomains — inventory vs E2E

Purpose: Track planned d-bis.org portal hosts against E2E_ENDPOINTS_LIST.md and verify-end-to-end-routing.sh.

Canonical DBIS web surfaces (operator intent)

URL Role
https://d-bis.org Public web presence — sovereign / institutional portal (e.g. Gov Portals DBIS Next app behind NPM).
https://admin.d-bis.org Admin console — DBIS operations staff.
https://secure.d-bis.org Member secure portal — authenticated institution users.
https://core.d-bis.org DBIS Core banking application — client portal for users of the core banking stack (dbis_core repo); NPM upstream when provisioned (often alongside API tier).

Legacy: https://dbis-admin.d-bis.org may remain in DNS as an alias for the same upstream as admin.d-bis.org until names are consolidated.

Already in E2E inventory

Host Type Notes
explorer.d-bis.org web Blockscout
docs.d-bis.org web Docs
gitea.d-bis.org web Source
dbis-api.d-bis.org api Core API
dbis-api-2.d-bis.org api Secondary
secure.d-bis.org web Member secure portal
admin.d-bis.org web Admin console (canonical)
dbis-admin.d-bis.org web Legacy admin hostname (optional alias)
core.d-bis.org web DBIS Core client portal (TBD upstream)
mifos.d-bis.org web Fineract
dapp.d-bis.org web DApp
dev.d-bis.org, codespaces.d-bis.org web Dev VM
RPC / Cacti / Alltra / HYBX various As listed in E2E

Added to verifier (optional-when-fail until DNS + upstream live)

Host Type Intended upstream
d-bis.org web Public portal (NPM → Next static/server) — same intent as canonical d-bis.org row above
www.d-bis.org web 301/308 → d-bis.org (if used)
members.d-bis.org web Member BFF + OIDC
developers.d-bis.org web Developer portal
data.d-bis.org api Data API service
research.d-bis.org web Research publications
policy.d-bis.org web Policy + manifests
ops.d-bis.org web Staff SSO
identity.d-bis.org web Trust + DID registry docs/API
status.d-bis.org web Status page
sandbox.d-bis.org web Sandbox console
interop.d-bis.org web Interop lab

NPMplus / Cloudflare operator steps (summary)

  1. DNS (Cloudflare): DNS_ZONE_ONLY=d-bis.org ./scripts/update-all-dns-to-public-ip.sh --zone-only=d-bis.org (adds @, www, admin, core, plus existing RPC/DBIS rows — see DBIS_RECORDS in that script).
  2. NPMplus upstreams: ./scripts/nginx-proxy-manager/update-npmplus-proxy-hosts-api.sh (from LAN with NPM_PASSWORD in .env) — creates/updates d-bis.org, www.d-bis.org, admin.d-bis.org, core.d-bis.org, dbis-admin.d-bis.org, secure.d-bis.org. Defaults: apex → 7804 :3001; admin/legacy admin/secure → 10130 :80; core → 10150 :3000 (override via IP_DBIS_* in config/ip-addresses.conf or .env).
  3. TLS: ./scripts/request-npmplus-certificates.sh (optional CERT_DOMAINS_FILTER to limit Lets Encrypt requests).
  4. Run bash scripts/verify/verify-end-to-end-routing.sh --profile=public (optional hosts tolerate failure until configured).
  5. Remove hosts from E2E_OPTIONAL_WHEN_FAIL only when SLO requires strict checks.

See DBIS_WEB_AND_INSTITUTION_MASTER_BLUEPRINT.md for architecture context.

Related: OMNL_DBIS_CORE_CHAIN138_SMART_VAULT_RTGS_RUNBOOK.md — HYBX OMNL, DBIS Core, Chain 138 vaults, and external RTGS integration map.

Reference in New Issue View Git Blame Copy Permalink