d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fbda1b4bebd0be1036952f8343d54298f6026865
proxmox/scripts/nginx-proxy-manager/update-npmplus-fourth-proxy-hosts.sh
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

112 lines
4.3 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# Add NPMplus proxy hosts for dev/Codespaces (fourth NPMplus at 192.168.11.170)
# Dev VM (Gitea) + direction to all three Proxmox VE admin panels.
# Usage: NPM_URL=https://192.168.11.170:81 NPM_PASSWORD=xxx bash scripts/nginx-proxy-manager/update-npmplus-fourth-proxy-hosts.sh
# Or use NPM_EMAIL + NPM_PASSWORD from .env (NPM_EMAIL_FOURTH / NPM_PASSWORD_FOURTH if set).
# See: docs/04-configuration/DEV_CODESPACES_76_53_10_40.md
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
source "$PROJECT_ROOT/config/ip-addresses.conf" 2>/dev/null || true
[ -f "$PROJECT_ROOT/.env" ] && set +u && source "$PROJECT_ROOT/.env" 2>/dev/null || true && set -u
# Fourth NPMplus (dev/Codespaces)
NPMPLUS_FOURTH_IP="${IP_NPMPLUS_FOURTH:-192.168.11.170}"
IP_DEV_VM="${IP_DEV_VM:-192.168.11.60}"
PROXMOX_ML110="${PROXMOX_HOST_ML110:-192.168.11.10}"
PROXMOX_R630_01="${PROXMOX_HOST_R630_01:-192.168.11.11}"
PROXMOX_R630_02="${PROXMOX_HOST_R630_02:-192.168.11.12}"
# Prefer fourth NPMplus URL so .env NPM_URL (e.g. first instance) does not override
NPM_URL="${NPM_URL_FOURTH:-https://${NPMPLUS_FOURTH_IP}:81}"
NPM_EMAIL="${NPM_EMAIL_FOURTH:-${NPM_EMAIL:-admin@example.org}}"
NPM_PASSWORD="${NPM_PASSWORD_FOURTH:-${NPM_PASSWORD:-}}"
if [ -z "$NPM_PASSWORD" ]; then
echo "Set NPM_PASSWORD or NPM_PASSWORD_FOURTH. Example: get from fourth NPMplus container (VMID TBD) or set in .env"
exit 1
fi
echo "Adding proxy hosts to NPMplus Fourth (dev/Codespaces) at $NPM_URL..."
# Authenticate (NPM 2 may use cookie-only)
COOKIE_JAR="/tmp/npm_fourth_cookies_$$"
cleanup_cookies() { rm -f "$COOKIE_JAR"; }
trap cleanup_cookies EXIT
AUTH_JSON=$(jq -n --arg identity "$NPM_EMAIL" --arg secret "$NPM_PASSWORD" '{identity:$identity,secret:$secret}')
TOKEN_RESPONSE=$(curl -s -k -X POST "$NPM_URL/api/tokens" -H "Content-Type: application/json" -d "$AUTH_JSON" -c "$COOKIE_JAR")
TOKEN=$(echo "$TOKEN_RESPONSE" | jq -r '.token // .accessToken // .access_token // .data.token // empty' 2>/dev/null)
USE_COOKIE_AUTH=0
if [ -z "$TOKEN" ] || [ "$TOKEN" = "null" ]; then
if echo "$TOKEN_RESPONSE" | jq -e '.expires' >/dev/null 2>&1; then
USE_COOKIE_AUTH=1
echo "Using cookie-based auth (NPM 2 style)."
else
echo "Authentication failed"
MSG=$(echo "$TOKEN_RESPONSE" | jq -r '.message // .error // .error.message // empty' 2>/dev/null)
[ -n "$MSG" ] && echo "API: $MSG"
exit 1
fi
fi
curl_auth() {
if [ "$USE_COOKIE_AUTH" = "1" ]; then
curl -s -k -b "$COOKIE_JAR" "$@"
else
curl -s -k -H "Authorization: Bearer $TOKEN" "$@"
fi
}
add_proxy_host() {
local domain=$1
local fwd_host=$2
local fwd_port=$3
local ws=${4:-false}
local payload
payload=$(jq -n \
--arg domain "$domain" \
--arg host "$fwd_host" \
--argjson port "$fwd_port" \
--argjson ws "$ws" \
'{
domain_names: [$domain],
forward_scheme: "http",
forward_host: $host,
forward_port: $port,
allow_websocket_upgrade: $ws,
block_exploits: false,
certificate_id: null,
ssl_forced: false
}')
local resp
resp=$(curl_auth -X POST "$NPM_URL/api/nginx/proxy-hosts" \
-H "Content-Type: application/json" \
-d "$payload")
local id
id=$(echo "$resp" | jq -r '.id // empty' 2>/dev/null)
if [ -n "$id" ] && [ "$id" != "null" ]; then
echo " Added: $domain -> $fwd_host:$fwd_port (websocket=$ws)"
return 0
else
echo " Skip (may exist): $domain - $(echo "$resp" | jq -r '.message // .error // "unknown"' 2>/dev/null)"
return 1
fi
}
# Dev VM (Gitea on 3000); dev and codespaces as aliases
add_proxy_host "dev.d-bis.org" "$IP_DEV_VM" 3000 false || true
add_proxy_host "gitea.d-bis.org" "$IP_DEV_VM" 3000 false || true
add_proxy_host "codespaces.d-bis.org" "$IP_DEV_VM" 3000 false || true
# Proxmox VE admin panels (port 8006; websocket required for console)
add_proxy_host "pve.ml110.d-bis.org" "$PROXMOX_ML110" 8006 true || true
add_proxy_host "pve.r630-01.d-bis.org" "$PROXMOX_R630_01" 8006 true || true
add_proxy_host "pve.r630-02.d-bis.org" "$PROXMOX_R630_02" 8006 true || true
echo ""
echo "Done. Request Let's Encrypt certs in NPMplus UI (Fourth instance) for: dev, gitea, codespaces, pve.ml110, pve.r630-01, pve.r630-02."
echo "Proxmox admin: https://pve.ml110.d-bis.org, https://pve.r630-01.d-bis.org, https://pve.r630-02.d-bis.org"
Reference in New Issue View Git Blame Copy Permalink