d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dc8abb06e2bbd33e30803ca59d284ead8ea970c6
proxmox/docs/04-configuration/VMID2400_DNS_STRUCTURE.md
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

181 lines
4.3 KiB
Markdown
Raw Blame History

# VMID 2400 - DNS CNAME Structure
**Last Updated:** 2026-01-31
**Document Version:** 1.0
**Status:** Active Documentation
---
**Date**: 2026-01-02
**Domain**: `defi-oracle.io`
**Purpose**: Two-level CNAME structure for ThirdWeb RPC endpoint
---
## DNS Structure
The DNS configuration uses a two-level CNAME chain for flexibility:
```
rpc.defi-oracle.io
↓ (CNAME)
rpc.public-0138.defi-oracle.io
↓ (CNAME)
26138c21-db00-4a02-95db-ec75c07bda5b.cfargotunnel.com
↓ (Cloudflare Tunnel)
192.168.11.240:443 (Nginx) → 127.0.0.1:8545 (Besu RPC)
```
---
## DNS Records to Create
### Record 1: Tunnel Endpoint
```
Type: CNAME
Name: rpc.public-0138
Domain: defi-oracle.io
Target: 26138c21-db00-4a02-95db-ec75c07bda5b.cfargotunnel.com
Proxy: 🟠 Proxied (orange cloud)
TTL: Auto
```
**Full FQDN**: `rpc.public-0138.defi-oracle.io`
**Purpose**: Points directly to the Cloudflare tunnel endpoint
---
### Record 2: Short Alias
```
Type: CNAME
Name: rpc
Domain: defi-oracle.io
Target: rpc.public-0138.defi-oracle.io
Proxy: 🟠 Proxied (orange cloud)
TTL: Auto
```
**Full FQDN**: `rpc.defi-oracle.io`
**Purpose**: Provides a shorter, more convenient alias that resolves to the full FQDN
---
## Benefits of Two-Level Structure
1. **Flexibility**: Can change the tunnel endpoint without updating the short alias
2. **Convenience**: `rpc.defi-oracle.io` is easier to remember and use
3. **Backwards Compatibility**: If you need to change the tunnel or endpoint structure, only the first CNAME needs updating
4. **Organization**: The `rpc.public-0138` name clearly indicates it's for ChainID 138 public RPC
---
## Usage
Both endpoints will work and resolve to the same tunnel:
**Full FQDN**:
- `https://rpc.public-0138.defi-oracle.io`
**Short Alias**:
- `https://rpc.defi-oracle.io`
Both URLs will:
1. Resolve through the CNAME chain
2. Connect to Cloudflare tunnel `26138c21-db00-4a02-95db-ec75c07bda5b`
3. Route to VMID 2400 (192.168.11.240)
4. Be handled by Nginx on port 443
5. Proxy to Besu RPC on port 8545
---
## Cloudflare Dashboard Configuration
### Step 1: Create First CNAME (Tunnel Endpoint)
1. Go to: **DNS****Records**
2. Click: **Add record**
3. Configure:
- **Type**: CNAME
- **Name**: `rpc.public-0138`
- **Target**: `26138c21-db00-4a02-95db-ec75c07bda5b.cfargotunnel.com`
- **Proxy**: 🟠 Proxied
- **TTL**: Auto
4. Click: **Save**
### Step 2: Create Second CNAME (Short Alias)
1. Click: **Add record** again
2. Configure:
- **Type**: CNAME
- **Name**: `rpc`
- **Target**: `rpc.public-0138.defi-oracle.io`
- **Proxy**: 🟠 Proxied
- **TTL**: Auto
3. Click: **Save**
---
## Verification
### Test DNS Resolution
```bash
# Test full FQDN
dig rpc.public-0138.defi-oracle.io
nslookup rpc.public-0138.defi-oracle.io
# Test short alias
dig rpc.defi-oracle.io
nslookup rpc.defi-oracle.io
# Both should resolve to Cloudflare IPs (if proxied)
```
### Test Endpoints
```bash
# Test full FQDN
curl -k https://rpc.public-0138.defi-oracle.io/health
# Test short alias
curl -k https://rpc.defi-oracle.io/health
# Both should work identically
```
---
## Important Notes
1. **Proxy Status**: Both CNAME records should be **Proxied** (🟠 orange cloud) for DDoS protection and SSL termination
2. **CNAME Chain**: Cloudflare supports CNAME chains, so `rpc``rpc.public-0138``tunnel` works correctly
3. **Tunnel Route**: The tunnel route in Cloudflare should be configured for `rpc.public-0138.defi-oracle.io` (the actual endpoint), but both URLs will work since DNS resolves the short alias first
4. **Nginx Configuration**: Nginx is configured for `rpc.public-0138.defi-oracle.io` as the server_name. If you want to support both, you can add `rpc.defi-oracle.io` to the server_name directive, but it's not required since Cloudflare handles the DNS resolution.
---
## Troubleshooting
### CNAME Chain Not Resolving
- Wait 1-2 minutes for DNS propagation
- Verify both CNAME records are created correctly
- Check that the target of the first CNAME (`rpc.public-0138`) points to the tunnel endpoint
- Verify tunnel is healthy in Cloudflare Dashboard
### Only One URL Works
- Check that both CNAME records are created
- Verify both are set to Proxied (orange cloud)
- Test DNS resolution for both: `dig rpc.defi-oracle.io` and `dig rpc.public-0138.defi-oracle.io`
---
**Last Updated**: 2026-01-02
**Status**: ✅ **DOCUMENTATION COMPLETE**
Reference in New Issue View Git Blame Copy Permalink