fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands - CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround - CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check - NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere - MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates - LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference Co-authored-by: Cursor <cursoragent@cursor.com>
105 lines
3.5 KiB
Bash
Executable File
105 lines
3.5 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Fix certbot DNS-01 challenge propagation time issue
|
|
# Updates certbot configuration to use longer propagation wait time
|
|
|
|
set -euo pipefail
|
|
|
|
# Load IP configuration
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
|
|
|
|
|
|
# Colors
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
NC='\033[0m'
|
|
|
|
log_info() { echo -e "${BLUE}[INFO]${NC} $1"; }
|
|
log_success() { echo -e "${GREEN}[✓]${NC} $1"; }
|
|
log_warn() { echo -e "${YELLOW}[⚠]${NC} $1"; }
|
|
log_error() { echo -e "${RED}[✗]${NC} $1"; }
|
|
|
|
PROXMOX_HOST="${1:-192.168.11.11}"
|
|
CONTAINER_ID="${2:-10233}"
|
|
|
|
# Source .env for API token
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
if [ -f "$PROJECT_ROOT/.env" ]; then
|
|
set +euo pipefail
|
|
source "$PROJECT_ROOT/.env" 2>/dev/null || true
|
|
set -euo pipefail
|
|
fi
|
|
|
|
CLOUDFLARE_API_TOKEN="${CLOUDFLARE_API_TOKEN:-JSEO_sruWB6lf1id77gtI7HOLVdhkhaR2goPEJIk}"
|
|
|
|
echo ""
|
|
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
echo "🔧 Fixing Certbot DNS Propagation Configuration"
|
|
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
echo ""
|
|
|
|
log_info "Container: $CONTAINER_ID on $PROXMOX_HOST"
|
|
echo ""
|
|
|
|
# Check if certbot DNS plugin is installed
|
|
log_info "Checking certbot DNS plugin..."
|
|
DNS_PLUGIN=$(ssh root@"$PROXMOX_HOST" \
|
|
"pct exec $CONTAINER_ID -- python3 -c 'import certbot_dns_cloudflare' 2>&1 || echo 'not installed'")
|
|
|
|
if echo "$DNS_PLUGIN" | grep -q "not installed\|No module"; then
|
|
log_warn "Installing certbot DNS plugin..."
|
|
ssh root@"$PROXMOX_HOST" \
|
|
"pct exec $CONTAINER_ID -- bash -c 'apt-get update && apt-get install -y python3-certbot-dns-cloudflare'"
|
|
log_success "DNS plugin installed"
|
|
else
|
|
log_success "DNS plugin already installed"
|
|
fi
|
|
|
|
# Setup Cloudflare credentials
|
|
log_info "Setting up Cloudflare credentials..."
|
|
ssh root@"$PROXMOX_HOST" \
|
|
"pct exec $CONTAINER_ID -- bash -c '
|
|
mkdir -p /etc/cloudflare
|
|
cat > /etc/cloudflare/credentials.ini <<EOF
|
|
dns_cloudflare_api_token = $CLOUDFLARE_API_TOKEN
|
|
EOF
|
|
chmod 600 /etc/cloudflare/credentials.ini
|
|
echo \"Credentials file created\"
|
|
'"
|
|
log_success "Cloudflare credentials configured"
|
|
|
|
# Test DNS record creation
|
|
log_info "Testing DNS record creation..."
|
|
TEST_RESULT=$(ssh root@"$PROXMOX_HOST" \
|
|
"pct exec $CONTAINER_ID -- bash -c '
|
|
python3 <<PYTHON
|
|
import dns.resolver
|
|
try:
|
|
result = dns.resolver.resolve(\"sankofa.nexus\", \"A\")
|
|
print(\"DNS resolution works\")
|
|
except Exception as e:
|
|
print(f\"DNS test: {e}\")
|
|
PYTHON
|
|
' 2>&1" || echo "test failed")
|
|
|
|
if echo "$TEST_RESULT" | grep -q "works"; then
|
|
log_success "DNS resolution test passed"
|
|
else
|
|
log_warn "DNS resolution test: $TEST_RESULT"
|
|
fi
|
|
|
|
echo ""
|
|
log_info "Configuration complete!"
|
|
log_info ""
|
|
log_info "To obtain certificates with proper propagation time, use:"
|
|
log_info " certbot certonly --dns-cloudflare \\"
|
|
log_info " --dns-cloudflare-credentials /etc/cloudflare/credentials.ini \\"
|
|
log_info " --dns-cloudflare-propagation-seconds 120 \\"
|
|
log_info " -d sankofa.nexus -d www.sankofa.nexus \\"
|
|
log_info " --non-interactive --agree-tos --email nsatoshi2007@hotmail.com"
|
|
echo ""
|