d-bis/smom-dbis-138
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
6817f53591c41cc9ee0fbf404fda7ebfe2a5bcb9
smom-dbis-138/terraform/phases/phase1/CLOUDFLARE_CREDENTIALS.md
defiQUG 1fb7266469 Add Oracle Aggregator and CCIP Integration 
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.
2025-12-12 14:57:48 -08:00

124 lines
3.2 KiB
Markdown
Raw Blame History

# Cloudflare Credentials Configuration
## ✅ Credentials Loaded from .env
Cloudflare credentials are automatically loaded from the `.env` file in the project root:
```bash
CLOUDFLARE_ZONE_ID="43599eed5d83f1fa641f2aaa276d3c4d"
CLOUDFLARE_ACCOUNT_ID="52ad57a71671c5fc009edf0744658196"
CLOUDFLARE_API_TOKEN="CWNCvhFa0EgXsazoUrJyv1CS-ORoiMmgvM0zm47N"
```
## Automatic Usage
All setup scripts automatically detect and use these credentials:
1. **`setup-cloudflare-tunnel.sh`** - Uses API token for authentication and DNS record creation
2. **`setup-cloudflare-tunnel-backend.sh`** - Uses account ID and API token
3. **`automated-cloudflare-setup.sh`** - Validates credentials and provides setup instructions
## Script Behavior
### With .env File Present
Scripts will:
- ✅ Automatically load credentials from `.env`
- ✅ Use API token for authentication (no browser login required)
- ✅ Create DNS records via Cloudflare API
- ✅ Skip manual credential entry prompts
### Without .env File
Scripts will:
- ⚠️ Prompt for manual authentication via browser
- ⚠️ Require manual DNS record creation
- ⚠️ Require manual credential entry
## Usage Examples
### Automated Setup (Recommended)
```bash
# Run automated setup script (validates credentials and provides instructions)
cd terraform/phases/phase1
./scripts/automated-cloudflare-setup.sh rpc.yourdomain.com
```
### Manual Setup with Auto-Loaded Credentials
```bash
# SSH to Nginx proxy
ssh besuadmin@20.160.58.99
# Script automatically loads credentials from .env
./setup-cloudflare-tunnel.sh rpc.yourdomain.com
```
## Security Notes
-`.env` file is in `.gitignore` (not committed to repository)
- ✅ API token has limited permissions (only what's needed for tunnel setup)
- ✅ Credentials are only loaded when scripts are executed
- ⚠️ Never commit `.env` file to version control
- ⚠️ Rotate API token if compromised
## Troubleshooting
### Credentials Not Found
If scripts can't find credentials:
1. **Check .env file location**:
```bash
ls -la /home/intlc/projects/smom-dbis-138/.env
```
2. **Verify credentials format**:
```bash
grep CLOUDFLARE /home/intlc/projects/smom-dbis-138/.env
```
3. **Check script path resolution**:
- Scripts look for `.env` in project root: `../../..` from script directory
- Ensure `.env` is in `/home/intlc/projects/smom-dbis-138/.env`
### API Token Invalid
If API token doesn't work:
1. Verify token in Cloudflare Dashboard
2. Check token permissions (needs DNS and Tunnel permissions)
3. Regenerate token if needed
4. Update `.env` file with new token
### Zone ID Not Found
If zone ID is incorrect:
1. Get correct zone ID from Cloudflare Dashboard
2. Update `CLOUDFLARE_ZONE_ID` in `.env`
3. Re-run setup script
## Required Permissions
The Cloudflare API token needs:
- **Zone**: DNS Edit, Zone Read
- **Account**: Cloudflare Tunnel Edit
- **Account**: Account Read
## Verification
Test credentials are working:
```bash
# Test API token
curl -X GET "https://api.cloudflare.com/client/v4/zones/${CLOUDFLARE_ZONE_ID}" \
-H "Authorization: Bearer ${CLOUDFLARE_API_TOKEN}" \
-H "Content-Type: application/json"
```
If successful, you'll see zone information. If not, check token permissions.
Reference in New Issue View Git Blame Copy Permalink