blackroad-os/blackroad-operating-system
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/BlackRoad-Operating-System.git synced 2026-03-16 23:57:10 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
32c6bae16336214983278ea928dfdee17c249cac
blackroad-operating-system/backend/.env.example
Claude 5305790504 Add Cloudflare DNS migration infrastructure and automation 
Implements Action #1 from NEXT_ACTIONS_ALEXA.md: Complete Cloudflare DNS
migration tooling and documentation for BlackRoad domains.

New Features:
- Automated DNS sync script (scripts/cloudflare/sync_dns.py)
  * Syncs DNS records from ops/domains.yaml to Cloudflare API
  * Supports dry-run mode for safe previewing
  * Handles CNAME, A, MX, and TXT records
  * Colored output for easy scanning

- DNS validation script (scripts/cloudflare/validate_dns.py)
  * Verifies DNS resolution and propagation
  * Checks SSL certificate validity
  * Tests HTTP/HTTPS accessibility and redirects
  * Supports checking multiple domains

- GitHub Actions workflow (.github/workflows/sync-cloudflare-dns.yml)
  * Automatically syncs DNS on ops/domains.yaml changes
  * Includes dry-run validation step
  * Manual trigger support via workflow_dispatch

Documentation:
- Comprehensive migration guide (docs/CLOUDFLARE_MIGRATION_GUIDE.md)
  * Step-by-step instructions for migrating from GoDaddy to Cloudflare
  * Covers all 10 BlackRoad domains
  * Includes troubleshooting and rollback procedures
  * Estimated 2-4 hours total migration time

- Scripts README (scripts/cloudflare/README.md)
  * Installation and usage instructions
  * API token setup guide
  * Integration examples for CI/CD

Configuration:
- Updated backend/.env.example with Cloudflare variables:
  * CLOUDFLARE_API_TOKEN
  * CLOUDFLARE_ACCOUNT_ID
  * CLOUDFLARE_ZONE_ID
  * CLOUDFLARE_EMAIL

- Python dependencies (scripts/cloudflare/requirements.txt)
  * requests, PyYAML, dnspython, colorama

Benefits of Cloudflare Migration:
- Free SSL certificates with automatic renewal
- Global CDN for faster page loads
- DDoS protection and Web Application Firewall
- Better DNS performance via anycast network
- Advanced features (Workers, Zero Trust, edge functions)
- Superior analytics and security insights

Next Steps:
1. Set up Cloudflare account and get API token
2. Add blackroad.systems domain to Cloudflare
3. Update nameservers at GoDaddy
4. Run sync script to configure DNS records
5. Verify migration with validation script
6. Repeat for remaining 9 domains

Related:
- Implements infra/cloudflare/CLOUDFLARE_DNS_BLUEPRINT.md
- Addresses ops/DOMAIN_FIX_GUIDE.md recommendations
- Part of Phase 1 Q1 infrastructure foundation

Files Added:
- scripts/cloudflare/sync_dns.py (352 lines)
- scripts/cloudflare/validate_dns.py (387 lines)
- scripts/cloudflare/README.md
- scripts/cloudflare/requirements.txt
- docs/CLOUDFLARE_MIGRATION_GUIDE.md (867 lines)
- .github/workflows/sync-cloudflare-dns.yml

Files Modified:
- backend/.env.example (added Cloudflare env vars)
2025-11-18 02:43:48 +00:00

90 lines
3.2 KiB
Plaintext
Raw Blame History

# BlackRoad OS Backend - Railway Secrets Template
# Copy this file to .env for local development and keep the actual
# values in Railway's Variables dashboard. The GitHub workflow
# scripts/railway/validate_env_template.py ensures this template stays
# aligned with app/app.config.Settings.
# Application metadata
APP_NAME=BlackRoad Operating System
APP_VERSION=1.0.0
DEBUG=False
ENVIRONMENT=production
NODE_ENV=production
PYTHON_ENV=production
# Database connectivity
DATABASE_URL=postgresql://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
DATABASE_ASYNC_URL=postgresql+asyncpg://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
POSTGRES_URL=postgresql://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
REDIS_URL=redis://YOUR_REDIS_HOST:6379/0
# Security / auth
SECRET_KEY=changeme-super-secret-key
ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES=30
REFRESH_TOKEN_EXPIRE_DAYS=7
WALLET_MASTER_KEY=changeme-wallet-master-key
ALLOWED_ORIGINS=https://blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://blackroad-operating-system-production.up.railway.app,http://localhost:3000,http://localhost:8000
JWT_SECRET=changeme-jwt-secret
SESSION_SECRET=changeme-session-secret
NEXTAUTH_SECRET=changeme-nextauth-secret
# Object storage
AWS_ACCESS_KEY_ID=YOUR_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY
AWS_REGION=us-east-1
S3_BUCKET_NAME=blackroad-files
# Email / SMTP
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=road@example.com
SMTP_PASSWORD=changeme-smtp-password
EMAIL_FROM=blackroad@example.com
# AI integrations
OPENAI_API_KEY=sk-your-openai-key
ANTHROPIC_API_KEY=anthropic-key-placeholder
# Blockchain tuning
BLOCKCHAIN_DIFFICULTY=4
MINING_REWARD=50.0
# Railway deployment + alerting
RAILWAY_TOKEN=railway-token-placeholder
RAILWAY_PROJECT_ID=00000000-0000-0000-0000-000000000000
RAILWAY_ENVIRONMENT_ID=00000000-0000-0000-0000-000000000000
RAILWAY_DOMAIN=your-service.up.railway.app
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/XXX/YYY/ZZZ
DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/XXX/YYY
# Cloudflare DNS and CDN
CLOUDFLARE_API_TOKEN=cloudflare-api-token-placeholder
CLOUDFLARE_ACCOUNT_ID=your-cloudflare-account-id
CLOUDFLARE_ZONE_ID=your-cloudflare-zone-id-for-blackroad-systems
CLOUDFLARE_EMAIL=your-cloudflare-email@example.com
# Optional cloud/API integrations
DIGITAL_OCEAN_API_KEY=your-digital-ocean-api-key
GITHUB_TOKEN=your-github-personal-access-token
HUGGINGFACE_TOKEN=your-huggingface-token
VERCEL_TOKEN=vercel-token-placeholder
VERCEL_TEAM_ID=your-vercel-team-id
STRIPE_SECRET_KEY=sk_test_your-stripe-secret-key
STRIPE_PUBLISHABLE_KEY=pk_test_your-stripe-publishable-key
TWILIO_ACCOUNT_SID=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
TWILIO_AUTH_TOKEN=your-twilio-auth-token
TWILIO_PHONE_NUMBER=+10000000000
SLACK_BOT_TOKEN=xoxb-your-slack-bot-token
DISCORD_BOT_TOKEN=discord-bot-token-placeholder
SENTRY_DSN=https://example.ingest.sentry.io/project-id
SENTRY_AUTH_TOKEN=your-sentry-auth-token
SENTRY_ORG=your-sentry-org
ROADCHAIN_RPC_URL=https://chain.example-rpc.net
ROADCOIN_POOL_URL=pool.example.roadcoin:3333
ROADCOIN_WALLET_ADDRESS=your-roadcoin-wallet
MQTT_BROKER_URL=mqtt://broker.example.internal:1883
MQTT_USERNAME=blackroad
MQTT_PASSWORD=your-mqtt-password
DEVICE_HEARTBEAT_TIMEOUT_SECONDS=300
Reference in New Issue View Git Blame Copy Permalink