Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements

- Add comprehensive database migrations (001-024) for schema evolution - Enhance API schema with expanded type definitions and resolvers - Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth - Implement new services: AI optimization, billing, blockchain, compliance, marketplace - Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage) - Update Crossplane provider with enhanced VM management capabilities - Add comprehensive test suite for API endpoints and services - Update frontend components with improved GraphQL subscriptions and real-time updates - Enhance security configurations and headers (CSP, CORS, etc.) - Update documentation and configuration files - Add new CI/CD workflows and validation scripts - Implement design system improvements and UI enhancements
2025-12-12 18:01:35 -08:00
parent e01131efaf
commit 9daf1fd378
968 changed files with 160890 additions and 1092 deletions
--- a/cloudflare/access-policies.yaml
+++ b/cloudflare/access-policies.yaml
@@ -12,7 +12,7 @@ data:
    {
      "name": "Portal Access",
      "application": {
-        "domain": "portal.yourdomain.com",
+        "domain": "portal.sankofa.nexus",
        "name": "Hybrid Cloud Portal"
      },
      "policies": [
@@ -22,14 +22,14 @@ data:
          "include": [
            {
              "email": {
-                "domain": "yourdomain.com"
+                "domain": "sankofa.nexus"
              }
            }
          ],
          "require": [
            {
              "email": {
-                "domain": "yourdomain.com"
+                "domain": "sankofa.nexus"
              }
            }
          ],
@@ -60,7 +60,7 @@ data:
    {
      "name": "Rancher Access",
      "application": {
-        "domain": "rancher.yourdomain.com",
+        "domain": "rancher.sankofa.nexus",
        "name": "Rancher UI"
      },
      "policies": [
@@ -99,7 +99,7 @@ data:
    {
      "name": "ArgoCD Access",
      "application": {
-        "domain": "argocd.yourdomain.com",
+        "domain": "argocd.sankofa.nexus",
        "name": "ArgoCD GitOps"
      },
      "policies": [
@@ -133,7 +133,7 @@ data:
    {
      "name": "Grafana Access",
      "application": {
-        "domain": "grafana.yourdomain.com",
+        "domain": "grafana.sankofa.nexus",
        "name": "Grafana Dashboards"
      },
      "policies": [
@@ -143,7 +143,7 @@ data:
          "include": [
            {
              "email": {
-                "domain": "yourdomain.com"
+                "domain": "sankofa.nexus"
              }
            }
          ],
@@ -157,7 +157,7 @@ data:
    {
      "name": "Vault Access",
      "application": {
-        "domain": "vault.yourdomain.com",
+        "domain": "vault.sankofa.nexus",
        "name": "HashiCorp Vault"
      },
      "policies": [
@@ -191,7 +191,7 @@ data:
    {
      "name": "Proxmox API Access",
      "application": {
-        "domain": "proxmox-api.yourdomain.com",
+        "domain": "proxmox-api.sankofa.nexus",
        "name": "Proxmox API"
      },
      "policies": [
@@ -232,7 +232,7 @@ data:
    {
      "name": "Keycloak Access",
      "application": {
-        "domain": "keycloak.yourdomain.com",
+        "domain": "keycloak.sankofa.nexus",
        "name": "Keycloak Admin"
      },
      "policies": [
--- a/cloudflare/dns/README.md
+++ b/cloudflare/dns/README.md
@@ -0,0 +1,55 @@
+# DNS Configuration for Proxmox Instances
+
+## Quick Start
+
+### Using Automated Script
+
+```bash
+export CLOUDFLARE_ZONE_ID="your-zone-id"
+export CLOUDFLARE_API_TOKEN="your-api-token"
+./scripts/setup-dns-records.sh
+```
+
+### Using Terraform
+
+```bash
+cd cloudflare/terraform
+terraform init
+terraform plan
+terraform apply
+```
+
+### Using Local /etc/hosts (Testing)
+
+```bash
+sudo cat scripts/hosts-entries.txt >> /etc/hosts
+```
+
+## DNS Records
+
+### Required Records
+
+**Instance 1 (ML110-01):**
+- `ml110-01.sankofa.nexus` → 192.168.11.10
+- `ml110-01-api.sankofa.nexus` → ml110-01.sankofa.nexus
+- `ml110-01-metrics.sankofa.nexus` → ml110-01.sankofa.nexus
+
+**Instance 2 (R630-01):**
+- `r630-01.sankofa.nexus` → 192.168.11.11
+- `r630-01-api.sankofa.nexus` → r630-01.sankofa.nexus
+- `r630-01-metrics.sankofa.nexus` → r630-01.sankofa.nexus
+
+## Verification
+
+```bash
+# Test resolution
+dig ml110-01.sankofa.nexus +short
+dig r630-01.sankofa.nexus +short
+
+# Test connectivity
+curl -k https://ml110-01.sankofa.nexus:8006/api2/json/version
+curl -k https://r630-01.sankofa.nexus:8006/api2/json/version
+```
+
+For detailed documentation, see [DNS Configuration Guide](../../docs/proxmox/DNS_CONFIGURATION.md).
+
--- a/cloudflare/dns/d-bis.org-records.yaml
+++ b/cloudflare/dns/d-bis.org-records.yaml
@@ -0,0 +1,87 @@
+# Cloudflare DNS Records for sankofa.nexus
+# Proxmox Instance DNS Configuration
+#
+# This file defines DNS records for Proxmox instances
+# Use with Cloudflare API or Terraform to create records
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: proxmox-dns-records
+  namespace: default
+data:
+  # Instance 1 (ML110-01) - Primary Records
+  ml110-01-a-record: |
+    {
+      "type": "A",
+      "name": "ml110-01.sankofa.nexus",
+      "content": "192.168.11.10",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 1 - ML110-01"
+    }
+  
+  ml110-01-api-cname: |
+    {
+      "type": "CNAME",
+      "name": "ml110-01-api.sankofa.nexus",
+      "content": "ml110-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 1 API endpoint"
+    }
+  
+  ml110-01-metrics-cname: |
+    {
+      "type": "CNAME",
+      "name": "ml110-01-metrics.sankofa.nexus",
+      "content": "ml110-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 1 metrics endpoint"
+    }
+  
+  # Instance 2 (R630-01) - Primary Records
+  r630-01-a-record: |
+    {
+      "type": "A",
+      "name": "r630-01.sankofa.nexus",
+      "content": "192.168.11.11",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 2 - R630-01"
+    }
+  
+  r630-01-api-cname: |
+    {
+      "type": "CNAME",
+      "name": "r630-01-api.sankofa.nexus",
+      "content": "r630-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 2 API endpoint"
+    }
+  
+  r630-01-metrics-cname: |
+    {
+      "type": "CNAME",
+      "name": "r630-01-metrics.sankofa.nexus",
+      "content": "r630-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 2 metrics endpoint"
+    }
+
+---
+# DNS Records Summary
+# 
+# A Records (Direct IP mapping):
+# - ml110-01.sankofa.nexus → 192.168.11.10
+# - r630-01.sankofa.nexus → 192.168.11.11
+#
+# CNAME Records (Aliases):
+# - ml110-01-api.sankofa.nexus → ml110-01.sankofa.nexus
+# - ml110-01-metrics.sankofa.nexus → ml110-01.sankofa.nexus
+# - r630-01-api.sankofa.nexus → r630-01.sankofa.nexus
+# - r630-01-metrics.sankofa.nexus → r630-01.sankofa.nexus
+
--- a/cloudflare/dns/sankofa.nexus-records.yaml
+++ b/cloudflare/dns/sankofa.nexus-records.yaml
@@ -0,0 +1,87 @@
+# Cloudflare DNS Records for sankofa.nexus
+# Proxmox Instance DNS Configuration
+#
+# This file defines DNS records for Proxmox instances
+# Use with Cloudflare API or Terraform to create records
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: proxmox-dns-records
+  namespace: default
+data:
+  # Instance 1 (ML110-01) - Primary Records
+  ml110-01-a-record: |
+    {
+      "type": "A",
+      "name": "ml110-01.sankofa.nexus",
+      "content": "192.168.11.10",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 1 - ML110-01"
+    }
+  
+  ml110-01-api-cname: |
+    {
+      "type": "CNAME",
+      "name": "ml110-01-api.sankofa.nexus",
+      "content": "ml110-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 1 API endpoint"
+    }
+  
+  ml110-01-metrics-cname: |
+    {
+      "type": "CNAME",
+      "name": "ml110-01-metrics.sankofa.nexus",
+      "content": "ml110-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 1 metrics endpoint"
+    }
+  
+  # Instance 2 (R630-01) - Primary Records
+  r630-01-a-record: |
+    {
+      "type": "A",
+      "name": "r630-01.sankofa.nexus",
+      "content": "192.168.11.11",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 2 - R630-01"
+    }
+  
+  r630-01-api-cname: |
+    {
+      "type": "CNAME",
+      "name": "r630-01-api.sankofa.nexus",
+      "content": "r630-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 2 API endpoint"
+    }
+  
+  r630-01-metrics-cname: |
+    {
+      "type": "CNAME",
+      "name": "r630-01-metrics.sankofa.nexus",
+      "content": "r630-01.sankofa.nexus",
+      "ttl": 300,
+      "proxied": false,
+      "comment": "Proxmox Instance 2 metrics endpoint"
+    }
+
+---
+# DNS Records Summary
+# 
+# A Records (Direct IP mapping):
+# - ml110-01.sankofa.nexus → 192.168.11.10
+# - r630-01.sankofa.nexus → 192.168.11.11
+#
+# CNAME Records (Aliases):
+# - ml110-01-api.sankofa.nexus → ml110-01.sankofa.nexus
+# - ml110-01-metrics.sankofa.nexus → ml110-01.sankofa.nexus
+# - r630-01-api.sankofa.nexus → r630-01.sankofa.nexus
+# - r630-01-metrics.sankofa.nexus → r630-01.sankofa.nexus
+
--- a/cloudflare/gateway-policies.yaml
+++ b/cloudflare/gateway-policies.yaml
@@ -135,8 +135,8 @@ data:
  split-dns: |
    {
      "domains": [
-        "yourdomain.com",
-        "*.yourdomain.com",
+        "sankofa.nexus",
+        "*.sankofa.nexus",
        "*.svc.cluster.local",
        "*.local"
      ],
--- a/cloudflare/terraform/dns.tf
+++ b/cloudflare/terraform/dns.tf
@@ -0,0 +1,82 @@
+# Cloudflare DNS Records for Proxmox Instances
+# Domain: sankofa.nexus
+
+# Get zone ID for sankofa.nexus
+data "cloudflare_zones" "sankofa_nexus" {
+  filter {
+    name = "sankofa.nexus"
+  }
+}
+
+locals {
+  zone_id = data.cloudflare_zones.sankofa_nexus.zones[0].id
+}
+
+# Instance 1 (ML110-01) DNS Records
+resource "cloudflare_record" "ml110_01" {
+  zone_id = local.zone_id
+  name    = "ml110-01"
+  value   = "192.168.11.10"
+  type    = "A"
+  ttl     = 300
+  comment = "Proxmox Instance 1 - ML110-01"
+}
+
+resource "cloudflare_record" "ml110_01_api" {
+  zone_id = local.zone_id
+  name    = "ml110-01-api"
+  value   = "ml110-01.sankofa.nexus"
+  type    = "CNAME"
+  ttl     = 300
+  comment = "Proxmox Instance 1 API endpoint"
+}
+
+resource "cloudflare_record" "ml110_01_metrics" {
+  zone_id = local.zone_id
+  name    = "ml110-01-metrics"
+  value   = "ml110-01.sankofa.nexus"
+  type    = "CNAME"
+  ttl     = 300
+  comment = "Proxmox Instance 1 metrics endpoint"
+}
+
+# Instance 2 (R630-01) DNS Records
+resource "cloudflare_record" "r630_01" {
+  zone_id = local.zone_id
+  name    = "r630-01"
+  value   = "192.168.11.11"
+  type    = "A"
+  ttl     = 300
+  comment = "Proxmox Instance 2 - R630-01"
+}
+
+resource "cloudflare_record" "r630_01_api" {
+  zone_id = local.zone_id
+  name    = "r630-01-api"
+  value   = "r630-01.sankofa.nexus"
+  type    = "CNAME"
+  ttl     = 300
+  comment = "Proxmox Instance 2 API endpoint"
+}
+
+resource "cloudflare_record" "r630_01_metrics" {
+  zone_id = local.zone_id
+  name    = "r630-01-metrics"
+  value   = "r630-01.sankofa.nexus"
+  type    = "CNAME"
+  ttl     = 300
+  comment = "Proxmox Instance 2 metrics endpoint"
+}
+
+# Output DNS record IDs
+output "dns_record_ids" {
+  value = {
+    ml110_01         = cloudflare_record.ml110_01.id
+    ml110_01_api     = cloudflare_record.ml110_01_api.id
+    ml110_01_metrics = cloudflare_record.ml110_01_metrics.id
+    r630_01          = cloudflare_record.r630_01.id
+    r630_01_api      = cloudflare_record.r630_01_api.id
+    r630_01_metrics  = cloudflare_record.r630_01_metrics.id
+  }
+}
+
--- a/cloudflare/terraform/main.tf
+++ b/cloudflare/terraform/main.tf
@@ -41,12 +41,12 @@ variable "account_id" {
 resource "cloudflare_access_application" "portal" {
  zone_id          = var.zone_id
  name             = "Hybrid Cloud Portal"
-  domain           = "portal.yourdomain.com"
+  domain           = "portal.sankofa.nexus"
  session_duration = "24h"
  
  cors_headers {
    allowed_methods = ["GET", "POST", "PUT", "DELETE"]
-    allowed_origins = ["https://portal.yourdomain.com"]
+    allowed_origins = ["https://portal.sankofa.nexus"]
    allow_credentials = true
  }
 }
@@ -54,35 +54,35 @@ resource "cloudflare_access_application" "portal" {
 resource "cloudflare_access_application" "rancher" {
  zone_id          = var.zone_id
  name             = "Rancher UI"
-  domain           = "rancher.yourdomain.com"
+  domain           = "rancher.sankofa.nexus"
  session_duration = "4h"
 }

 resource "cloudflare_access_application" "argocd" {
  zone_id          = var.zone_id
  name             = "ArgoCD GitOps"
-  domain           = "argocd.yourdomain.com"
+  domain           = "argocd.sankofa.nexus"
  session_duration = "8h"
 }

 resource "cloudflare_access_application" "grafana" {
  zone_id          = var.zone_id
  name             = "Grafana Dashboards"
-  domain           = "grafana.yourdomain.com"
+  domain           = "grafana.sankofa.nexus"
  session_duration = "24h"
 }

 resource "cloudflare_access_application" "vault" {
  zone_id          = var.zone_id
  name             = "HashiCorp Vault"
-  domain           = "vault.yourdomain.com"
+  domain           = "vault.sankofa.nexus"
  session_duration = "2h"
 }

 resource "cloudflare_access_application" "keycloak" {
  zone_id          = var.zone_id
  name             = "Keycloak Admin"
-  domain           = "keycloak.yourdomain.com"
+  domain           = "keycloak.sankofa.nexus"
  session_duration = "2h"
 }

@@ -95,7 +95,7 @@ resource "cloudflare_access_policy" "portal_authenticated" {
  precedence     = 1
  
  include {
-    email_domain = "yourdomain.com"
+    email_domain = "sankofa.nexus"
  }
 }

@@ -121,11 +121,11 @@ resource "cloudflare_access_group" "admins" {
  name       = "admins"
  
  include {
-    email_domain = "yourdomain.com"
+    email_domain = "sankofa.nexus"
  }
  
  require {
-    email = ["admin@yourdomain.com"]
+    email = ["admin@sankofa.nexus"]
  }
 }

@@ -134,7 +134,7 @@ resource "cloudflare_access_group" "platform_engineers" {
  name       = "platform-engineers"
  
  include {
-    email_domain = "yourdomain.com"
+    email_domain = "sankofa.nexus"
  }
 }

@@ -143,7 +143,7 @@ resource "cloudflare_access_group" "employees" {
  name       = "employees"
  
  include {
-    email_domain = "yourdomain.com"
+    email_domain = "sankofa.nexus"
  }
 }

--- a/cloudflare/terraform/variables.tf
+++ b/cloudflare/terraform/variables.tf
@@ -5,7 +5,7 @@ variable "cloudflare_api_token" {
 }

 variable "zone_id" {
-  description = "Cloudflare Zone ID for yourdomain.com"
+  description = "Cloudflare Zone ID for sankofa.nexus"
  type        = string
 }

--- a/cloudflare/tunnel-configs/control-plane.yaml
+++ b/cloudflare/tunnel-configs/control-plane.yaml
@@ -6,7 +6,7 @@ credentials-file: /etc/cloudflared/control-plane-tunnel.json

 ingress:
  # Portal
-  - hostname: portal.yourdomain.com
+  - hostname: portal.sankofa.nexus
    service: http://portal.portal.svc.cluster.local:80
    originRequest:
      noHappyEyeballs: true
@@ -16,42 +16,42 @@ ingress:
      keepAliveTimeout: 90s

  # Rancher
-  - hostname: rancher.yourdomain.com
+  - hostname: rancher.sankofa.nexus
    service: http://rancher.rancher-system.svc.cluster.local:80
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s

  # ArgoCD
-  - hostname: argocd.yourdomain.com
+  - hostname: argocd.sankofa.nexus
    service: http://argocd-server.argocd.svc.cluster.local:80
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s

  # Grafana
-  - hostname: grafana.yourdomain.com
+  - hostname: grafana.sankofa.nexus
    service: http://kube-prometheus-stack-grafana.monitoring.svc.cluster.local:80
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s

  # Vault
-  - hostname: vault.yourdomain.com
+  - hostname: vault.sankofa.nexus
    service: http://vault.vault.svc.cluster.local:8200
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s

  # Keycloak
-  - hostname: keycloak.yourdomain.com
+  - hostname: keycloak.sankofa.nexus
    service: http://keycloak.keycloak.svc.cluster.local:8080
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s

  # Kubernetes API (restricted)
-  - hostname: k8s-api.yourdomain.com
+  - hostname: k8s-api.sankofa.nexus
    service: https://kubernetes.default.svc.cluster.local:443
    originRequest:
      noHappyEyeballs: true
--- a/cloudflare/tunnel-configs/proxmox-site-1.yaml
+++ b/cloudflare/tunnel-configs/proxmox-site-1.yaml
@@ -1,4 +1,4 @@
-# Cloudflare Tunnel Configuration for Proxmox Site 1 (US-East)
+# Cloudflare Tunnel Configuration for Proxmox Site 1 (US San Francisco Valley)
 # This tunnel connects Proxmox cluster to Cloudflare

 tunnel: proxmox-site-1-tunnel
@@ -6,47 +6,47 @@ credentials-file: /etc/cloudflared/proxmox-site-1-tunnel.json

 ingress:
  # Proxmox Web UI
-  - hostname: pve1.yourdomain.com
-    service: https://pve1.local:8006
+  - hostname: ml110-01.sankofa.nexus
+    service: https://192.168.11.10:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve1.local:8006
+      httpHostHeader: ML110-01:8006

  # Proxmox API
-  - hostname: pve1-api.yourdomain.com
-    service: https://pve1.local:8006
+  - hostname: ml110-01-api.sankofa.nexus
+    service: https://192.168.11.10:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve1.local:8006
+      httpHostHeader: ML110-01:8006

  # Proxmox Node 2
-  - hostname: pve2.yourdomain.com
-    service: https://pve2.local:8006
+  - hostname: pve2.sankofa.nexus
+    service: https://192.168.11.10:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve2.local:8006
+      httpHostHeader: pve2.sankofa.nexus:8006

  # Proxmox Node 3
-  - hostname: pve3.yourdomain.com
-    service: https://pve3.local:8006
+  - hostname: pve3.sankofa.nexus
+    service: https://192.168.11.10:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve3.local:8006
+      httpHostHeader: pve3.sankofa.nexus:8006

  # Prometheus Exporter
-  - hostname: pve1-metrics.yourdomain.com
+  - hostname: ml110-01-metrics.sankofa.nexus
    service: http://localhost:9221
    originRequest:
      noHappyEyeballs: true
--- a/cloudflare/tunnel-configs/proxmox-site-2.yaml
+++ b/cloudflare/tunnel-configs/proxmox-site-2.yaml
@@ -6,47 +6,47 @@ credentials-file: /etc/cloudflared/proxmox-site-2-tunnel.json

 ingress:
  # Proxmox Web UI
-  - hostname: pve4.yourdomain.com
-    service: https://pve4.local:8006
+  - hostname: r630-01.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve4.local:8006
+      httpHostHeader: R630-01:8006

  # Proxmox API
-  - hostname: pve4-api.yourdomain.com
-    service: https://pve4.local:8006
+  - hostname: r630-01-api.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve4.local:8006
+      httpHostHeader: R630-01:8006

  # Proxmox Node 2
-  - hostname: pve5.yourdomain.com
-    service: https://pve5.local:8006
+  - hostname: pve5.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve5.local:8006
+      httpHostHeader: pve5.sankofa.nexus:8006

  # Proxmox Node 3
-  - hostname: pve6.yourdomain.com
-    service: https://pve6.local:8006
+  - hostname: pve6.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve6.local:8006
+      httpHostHeader: pve6.sankofa.nexus:8006

  # Prometheus Exporter
-  - hostname: pve4-metrics.yourdomain.com
+  - hostname: r630-01-metrics.sankofa.nexus
    service: http://localhost:9221
    originRequest:
      noHappyEyeballs: true
--- a/cloudflare/tunnel-configs/proxmox-site-3.yaml
+++ b/cloudflare/tunnel-configs/proxmox-site-3.yaml
@@ -6,37 +6,37 @@ credentials-file: /etc/cloudflared/proxmox-site-3-tunnel.json

 ingress:
  # Proxmox Web UI
-  - hostname: pve7.yourdomain.com
-    service: https://pve7.local:8006
+  - hostname: r630-01.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve7.local:8006
+      httpHostHeader: R630-01:8006

  # Proxmox API
-  - hostname: pve7-api.yourdomain.com
-    service: https://pve7.local:8006
+  - hostname: r630-01-api.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve7.local:8006
+      httpHostHeader: R630-01:8006

  # Proxmox Node 2
-  - hostname: pve8.yourdomain.com
-    service: https://pve8.local:8006
+  - hostname: pve8.sankofa.nexus
+    service: https://192.168.11.11:8006
    originRequest:
      noHappyEyeballs: true
      connectTimeout: 30s
      tls:
        skipVerify: true
-      httpHostHeader: pve8.local:8006
+      httpHostHeader: pve8.sankofa.nexus:8006

  # Prometheus Exporter
-  - hostname: pve7-metrics.yourdomain.com
+  - hostname: r630-01-metrics.sankofa.nexus
    service: http://localhost:9221
    originRequest:
      noHappyEyeballs: true
--- a/cloudflare/warp-config.json
+++ b/cloudflare/warp-config.json
@@ -1,7 +1,7 @@
 {
  "organization": {
    "name": "Your Organization",
-    "auth_domain": "yourdomain.com"
+    "auth_domain": "sankofa.nexus"
  },
  "enrollment": {
    "enabled": true,
@@ -101,7 +101,7 @@
    "split_tunnels": {
      "enabled": true,
      "exclude": [
-        "*.yourdomain.com",
+        "*.sankofa.nexus",
        "10.0.0.0/8",
        "172.16.0.0/12",
        "192.168.0.0/16"
@@ -115,8 +115,8 @@
      "split_dns": [
        {
          "domains": [
-            "yourdomain.com",
-            "*.yourdomain.com"
+            "sankofa.nexus",
+            "*.sankofa.nexus"
          ],
          "servers": [
            "10.0.0.53"