Cloudflare: Difference between revisions

From Bitpost wiki
No edit summary
 
Line 10: Line 10:
Check the log for status.  A useful ddclient command that will vet its access to all network interfaces:
Check the log for status.  A useful ddclient command that will vet its access to all network interfaces:
  ddclient -query
  ddclient -query
=== TODO ===
After updating IP, it seems i have to disable proxy to get it to resolve.  After a while, set it back on.  Need to learn more here...
I have never allowed ddclient to do its thing after reboot yet.  There will likely be work to get it to cooperate with stronger_firewall haproxy etc.  See physical notes.


== Email Forwarding ==
== Email Forwarding ==
Line 45: Line 40:
     rule_name: shitcutter_redirect
     rule_name: shitcutter_redirect
It's all a bit much, overengineered, but maybe someday will be useful.
It's all a bit much, overengineered, but maybe someday will be useful.
== TODO ==
I CANNOT PROXY bitpost.com or it breaks direct SSH!  Perhaps i can get the proxy to forward ssh traffic?  Tbd...
After updating IP, it seems i have to disable proxy to get it to resolve.  After a while, set it back on.  Need to learn more here...
I have never allowed ddclient to do its thing after reboot yet.  There will likely be work to get it to cooperate with stronger_firewall haproxy etc.  See physical notes.

Latest revision as of 19:15, 25 November 2023

Cloudflare seems to do everything I need and more: domain registration, DNS, domain forwarding, email forwarding, etc... and that world-class cloudflare proxying!

IP Change

ddclient is used to detect IP changes every 5 minutes. When it sees one, it calls the Cloudflare API to update the IP. WOW! ddclient runs as a service on bitpost, see the config file here:

/etc/ddclient.conf

Verbose logging is turned on, and logged to syslog, there. It is configured to check every 5 minutes. It includes all domains. Keep it synced with cloudflare domains, letsencrypt, haproxy, site code.

Check the log for status. A useful ddclient command that will vet its access to all network interfaces:

ddclient -query

Email Forwarding

Go to Email, start the "wizard", add an initial routing, and it will suggest adding the basic forwarding DNS records. Add them.

Then you have access to route emails to the domain. Route them to gmail. Use a catch-all until it is a problem (it hasn't been yet).

Email forwarding has been set up for...

thedigitalmachine.com
bitpost.com 
abettersoftware.com
abettertrader.com

Redirect one domain to another

  • Set up DNS records as usual (the domain has to resolve)
  • Use Bulk Redirects

Stupidly (or not?) you have to create a bulk redirect global list, then rules under it... read on...

  • Create bulk redirect list
domain > Rules > Redirect Rules > Bulk Redirects > Create build redirect list
eg:
   name shitcutter_redirect
  • Mange Bulk Redirect Rules
domain > Rules > Redirect Rules > Bulk Redirects > Mange Bulk Redirect Rules
eg:
   source willcodeforcoffee.org/
   target https://shitcutter.com
   status: 301
   rule_name: shitcutter_redirect

It's all a bit much, overengineered, but maybe someday will be useful.

TODO

I CANNOT PROXY bitpost.com or it breaks direct SSH! Perhaps i can get the proxy to forward ssh traffic? Tbd...

After updating IP, it seems i have to disable proxy to get it to resolve. After a while, set it back on. Need to learn more here...

I have never allowed ddclient to do its thing after reboot yet. There will likely be work to get it to cooperate with stronger_firewall haproxy etc. See physical notes.