d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
76e2e64008c8b0dd38dcf5cb4731e8ee170c5d43
proxmox/docs/09-troubleshooting/NO_SSH_ACCESS_SOLUTION.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

122 lines
3.5 KiB
Markdown
Raw Blame History

# Solution: Fix Tunnels Without SSH Access
**Last Updated:** 2026-01-31
**Document Version:** 1.0
**Status:** Active Documentation
---
## Problem
- All 6 Cloudflare tunnels are DOWN
- Cannot access Proxmox network via SSH (network segmentation)
- SSH tunnel setup fails (can't connect to establish tunnel)
## Solution: Cloudflare Dashboard ⭐ EASIEST
**No SSH needed!** Configure tunnels directly in Cloudflare Dashboard.
### Step-by-Step
1. **Access Dashboard**
- Go to: https://one.dash.cloudflare.com/
- Sign in
- Navigate to: **Zero Trust****Networks****Tunnels**
2. **For Each Tunnel** (6 total):
- Click on tunnel name
- Click **Configure** button
- Go to **Public Hostnames** tab
- Add/Edit hostname configurations
- Save
3. **Wait 1-2 Minutes**
- Tunnels should reconnect automatically
- Status should change from **DOWN** to **HEALTHY**
### Tunnel Configuration Details
#### Shared Tunnel (Most Important)
**Tunnel**: `rpc-http-pub.d-bis.org` (ID: `10ab22da-8ea3-4e2e-a896-27ece2211a05`)
**Add these 9 hostnames** (all pointing to `http://192.168.11.21:80`):
- `dbis-admin.d-bis.org`
- `dbis-api.d-bis.org`
- `dbis-api-2.d-bis.org`
- `mim4u.org.d-bis.org`
- `www.mim4u.org.d-bis.org`
- `rpc-http-prv.d-bis.org`
- `rpc-http-pub.d-bis.org`
- `rpc-ws-prv.d-bis.org`
- `rpc-ws-pub.d-bis.org`
**Important**: Add catch-all rule (HTTP 404) as the LAST entry.
#### Proxmox Tunnels
Each needs one hostname pointing to HTTPS:
| Tunnel | Hostname | Target |
|--------|----------|--------|
| tunnel-ml110 | ml110-01.d-bis.org | https://192.168.11.10:8006 |
| tunnel-r630-01 | r630-01.d-bis.org | https://192.168.11.11:8006 |
| tunnel-r630-02 | r630-02.d-bis.org | https://192.168.11.12:8006 |
**Options**: Enable "No TLS Verify" (Proxmox uses self-signed certs)
#### Other Tunnels
- `explorer.d-bis.org``http://192.168.11.21:80`
- `mim4u-tunnel``http://192.168.11.21:80`
## Why This Works
Cloudflare tunnels use **outbound connections** from your infrastructure to Cloudflare. The configuration in the dashboard tells Cloudflare how to route traffic. Even if the tunnel connector (cloudflared) is down, once it reconnects, it will use the dashboard configuration.
## If Dashboard Method Doesn't Work
If tunnels remain DOWN after dashboard configuration, the tunnel connector (cloudflared in VMID 102) is likely not running. You need physical/network access to:
### Option 1: Physical Access to Proxmox Host
```bash
# Direct console access to 192.168.11.12
pct start 102
pct exec 102 -- systemctl start cloudflared-*
pct exec 102 -- systemctl status cloudflared-*
```
### Option 2: VPN Access
If you have VPN access to `192.168.11.0/24` network:
```bash
# Connect via VPN first, then:
ssh root@192.168.11.12 "pct start 102"
ssh root@192.168.11.12 "pct exec 102 -- systemctl start cloudflared-*"
```
### Option 3: Cloudflare Tunnel Token Method
If you can get new tunnel tokens from Cloudflare Dashboard:
1. Go to tunnel → Configure
2. Download new token/credentials
3. Deploy to container (requires access)
## Verification
After configuring in dashboard:
```bash
# Wait 1-2 minutes, then test:
curl -I https://ml110-01.d-bis.org
curl -I https://r630-01.d-bis.org
curl -I https://explorer.d-bis.org
curl -I https://rpc-http-pub.d-bis.org
```
## Summary
**Best Method**: Cloudflare Dashboard (no SSH needed)
⚠️ **If that fails**: Need physical/network access to start container
📋 **All tunnel IDs and configs**: See generated files in `/tmp/tunnel-fix-manual-*/`
Reference in New Issue View Git Blame Copy Permalink