cb47cce074
- Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards.
5.3 KiB
5.3 KiB
Miracles In Motion - Cloudflare Configuration Guide
Date: December 26, 2025
Domain: mim4u.org
Status: ✅ CLOUDFLARE CONFIGURED
Cloudflare Information
- Domain: mim4u.org
- Zone ID: 5dc79e6edf9b9cf353e3cca94f26f454
- Account ID: 52ad57a71671c5fc009edf0744658196
✅ Configuration Completed
1. Environment Variables ✅
- Domain configured:
mim4u.org - API base URL:
https://mim4u.org/api - Cloudflare Zone ID and Account ID configured
2. Nginx Configuration ✅
- Server name set to
mim4u.organdwww.mim4u.org - www redirect configured
- API proxy configured to backend container
3. Cloudflare Tunnel ✅
- Configuration file created:
/etc/cloudflared/config.yml - Systemd service configured:
cloudflared-mim.service - Ready for tunnel token
📋 Next Steps to Complete Cloudflare Setup
Step 1: Create Cloudflare Tunnel
-
Access Cloudflare Zero Trust Dashboard:
- Navigate to: https://one.dash.cloudflare.com
- Sign in with your Cloudflare account
-
Create Tunnel:
- Go to Zero Trust → Networks → Tunnels
- Click Create a tunnel
- Select Cloudflared
- Enter tunnel name:
mim4u-tunnel - Click Save tunnel
-
Copy Tunnel Token:
- After creation, copy the tunnel token (starts with
eyJ...) - Save it securely
- After creation, copy the tunnel token (starts with
Step 2: Configure Tunnel in Container
# SSH to pve2
ssh root@192.168.11.12
# Enter the web container
pct enter 7810
# Set the tunnel token
export TUNNEL_TOKEN="your-tunnel-token-here"
# Update the service with the token
cat > /etc/systemd/system/cloudflared-mim.service <<EOF
[Unit]
Description=Cloudflare Tunnel for Miracles In Motion
After=network.target
[Service]
Type=simple
User=root
ExecStart=/usr/local/bin/cloudflared tunnel --config /etc/cloudflared/config.yml run
Restart=always
RestartSec=10
Environment="TUNNEL_TOKEN=${TUNNEL_TOKEN}"
[Install]
WantedBy=multi-user.target
EOF
# Reload and start
systemctl daemon-reload
systemctl enable cloudflared-mim
systemctl start cloudflared-mim
Step 3: Configure DNS Records
The tunnel will automatically create DNS records, but you can also manually configure:
-
In Cloudflare Dashboard:
- Go to DNS → Records
- Ensure
mim4u.orgpoints to the tunnel (CNAME to tunnel URL) - Ensure
www.mim4u.orgpoints to the tunnel
-
Or use Cloudflare API:
# Set CLOUDFLARE_API_TOKEN environment variable first curl -X POST "https://api.cloudflare.com/client/v4/zones/5dc79e6edf9b9cf353e3cca94f26f454/dns_records" \ -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \ -H "Content-Type: application/json" \ --data '{"type":"CNAME","name":"mim4u.org","content":"tunnel-url.cfargotunnel.com","proxied":true}'
Step 4: Configure SSL/TLS
-
In Cloudflare Dashboard:
- Go to SSL/TLS → Overview
- Set encryption mode to Full (strict)
- This ensures end-to-end encryption
-
Generate SSL Certificate (Optional - for origin):
# In container 7810 certbot --nginx -d mim4u.org -d www.mim4u.org --non-interactive --agree-tos --email admin@mim4u.org --redirect
Step 5: Verify Configuration
# Check tunnel status
pct exec 7810 -- systemctl status cloudflared-mim
# Check tunnel logs
pct exec 7810 -- journalctl -u cloudflared-mim -f
# Test domain access
curl -I https://mim4u.org
🔧 Current Configuration Files
Nginx Configuration
Location: /etc/nginx/sites-available/miracles-in-motion
- Server name:
mim4u.org,www.mim4u.org - Root:
/opt/miracles-in-motion/dist - API proxy:
http://192.168.11.8:3001
Cloudflare Tunnel Config
Location: /etc/cloudflared/config.yml
- Tunnel name:
mim4u-tunnel - Hostnames:
mim4u.org,www.mim4u.org - Service:
http://localhost:80
Environment Variables
Location: /opt/miracles-in-motion/.env.production
- Domain:
mim4u.org - API URL:
https://mim4u.org/api - Cloudflare IDs configured
📊 Service Status
| Service | Status | Notes |
|---|---|---|
| Nginx | ✅ Configured | Ready for domain |
| Cloudflared | ⏳ Pending | Needs tunnel token |
| DNS | ⏳ Pending | Will be created by tunnel |
| SSL/TLS | ⏳ Pending | Configure in Cloudflare dashboard |
🚀 Quick Start Commands
# Check current status
ssh root@192.168.11.12 "pct exec 7810 -- systemctl status nginx cloudflared-mim"
# View nginx config
ssh root@192.168.11.12 "pct exec 7810 -- cat /etc/nginx/sites-available/miracles-in-motion"
# View cloudflare config
ssh root@192.168.11.12 "pct exec 7810 -- cat /etc/cloudflared/config.yml"
# Test nginx configuration
ssh root@192.168.11.12 "pct exec 7810 -- nginx -t"
# Restart services
ssh root@192.168.11.12 "pct exec 7810 -- systemctl restart nginx"
✅ Configuration Checklist
- Domain configured in environment variables
- Nginx configured for mim4u.org
- Cloudflare tunnel configuration file created
- Systemd service configured
- Tunnel token configured (requires Cloudflare dashboard)
- DNS records created (automatic with tunnel)
- SSL/TLS configured in Cloudflare dashboard
- Tunnel service started and verified
Last Updated: December 26, 2025
Domain: mim4u.org
Container: 7810 (mim-web-1)