# DNS Update Script Guide **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation --- **Script**: `scripts/update-all-dns-to-public-ip.sh` **Purpose**: Automate Cloudflare DNS updates for direct public IP routing **Date**: 2026-01-09 --- ## Overview This script updates all Cloudflare DNS records to point to a single public IP (76.53.10.35) with DNS only mode (gray cloud), enabling direct NAT routing through ER605 to Nginx. --- ## Prerequisites 1. **Cloudflare API Access** - API Token (recommended) OR - Email + API Key 2. **Zone IDs** - Get from Cloudflare Dashboard → Domain → Overview → Zone ID - Required for each domain: sankofa.nexus, d-bis.org, mim4u.org, defi-oracle.io 3. **Dependencies** - `curl` - `jq` (JSON processor) - `bash` 4.0+ --- ## Configuration ### Step 1: Add to .env file Add these variables to your `.env` file: ```bash # Public IP for all services PUBLIC_IP=76.53.10.35 # Cloudflare Authentication (choose one method) # Method 1: API Token (recommended) CLOUDFLARE_API_TOKEN=your-api-token-here # Method 2: Email + API Key (alternative) # CLOUDFLARE_EMAIL=your-email@example.com # CLOUDFLARE_API_KEY=your-api-key-here # Zone IDs CLOUDFLARE_ZONE_ID_SANKOFA_NEXUS=your-zone-id CLOUDFLARE_ZONE_ID_D_BIS_ORG=your-zone-id CLOUDFLARE_ZONE_ID_MIM4U_ORG=your-zone-id CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO=your-zone-id ``` ### Step 2: Get Zone IDs 1. Log in to [Cloudflare Dashboard](https://dash.cloudflare.com) 2. Select each domain 3. Copy the Zone ID from the Overview page --- ## Usage ### Run the script ```bash cd /home/intlc/projects/proxmox ./scripts/update-all-dns-to-public-ip.sh ``` ### What it does 1. **Reads configuration** from `.env` file 2. **Processes each zone**: - sankofa.nexus - d-bis.org - mim4u.org - defi-oracle.io 3. **For each domain**: - Checks if record exists - Updates existing record OR creates new record - Sets to DNS only mode (proxied: false) - Points to public IP (76.53.10.35) --- ## DNS Records Created/Updated ### sankofa.nexus - `sankofa.nexus` (apex) - `www.sankofa.nexus` - `phoenix.sankofa.nexus` - `www.phoenix.sankofa.nexus` - `the-order.sankofa.nexus` ### d-bis.org - `rpc-http-pub.d-bis.org` - `rpc-ws-pub.d-bis.org` - `rpc-http-prv.d-bis.org` - `rpc-ws-prv.d-bis.org` - `explorer.d-bis.org` - `dbis-admin.d-bis.org` - `dbis-api.d-bis.org` - `dbis-api-2.d-bis.org` - `secure.d-bis.org` ### mim4u.org - `mim4u.org` (apex) - `www.mim4u.org` - `secure.mim4u.org` - `training.mim4u.org` ### defi-oracle.io - `rpc.public-0138.defi-oracle.io` --- ## Verification ### Check DNS resolution ```bash # Test sankofa.nexus dig sankofa.nexus +short # Expected: 76.53.10.35 # Test secure.d-bis.org dig secure.d-bis.org +short # Expected: 76.53.10.35 # Test mim4u.org dig mim4u.org +short # Expected: 76.53.10.35 ``` ### Check Cloudflare Dashboard 1. Go to Cloudflare Dashboard → DNS → Records 2. Verify all records: - Type: A - Content: 76.53.10.35 - Proxy status: DNS only (gray cloud) --- ## Troubleshooting ### Error: "Missing Cloudflare credentials" **Solution**: Add to `.env`: - `CLOUDFLARE_API_TOKEN` OR - `CLOUDFLARE_EMAIL` + `CLOUDFLARE_API_KEY` ### Error: "Skipping zone (no zone ID configured)" **Solution**: Add zone ID to `.env`: - `CLOUDFLARE_ZONE_ID_SANKOFA_NEXUS=...` - `CLOUDFLARE_ZONE_ID_D_BIS_ORG=...` - etc. ### Error: "Failed to create/update" **Possible causes**: - Invalid zone ID - Insufficient API permissions - Rate limiting (wait and retry) **Check API permissions**: - DNS: Edit - Zone: Read ### DNS not resolving **Wait for propagation**: - Cloudflare: Usually instant - Global DNS: 1-5 minutes - Some resolvers: Up to 24 hours **Force refresh**: ```bash # Clear local DNS cache sudo systemd-resolve --flush-caches # Test with different DNS servers dig @8.8.8.8 sankofa.nexus +short dig @1.1.1.1 sankofa.nexus +short ``` --- ## Script Output The script provides: - ✅ Success indicators for each record - ⚠️ Warnings for missing zone IDs - ❌ Errors for failed operations - Summary of successes and failures --- ## Related Documentation - ER605 NAT Configuration: `docs/04-configuration/ER605_ROUTER_CONFIGURATION.md` - Nginx Configuration: `docs/04-configuration/NGINX_CONFIGURATIONS_VMIDS_2400-2508.md` - Network Architecture: `docs/02-architecture/NETWORK_ARCHITECTURE.md` --- **Last Updated**: 2026-01-09