Skip to content

Post setup

Jump to bottom
github-actions[bot] edited this page Aug 7, 2023 · 1 revision

Post setup

enabling https traffic

using cloudflare full (strict)

first of all you need a cloudflare account, to create one go to https://dash.cloudflare.com/sign-up, enter your email and password and click on create account

Step 1

now you have to enter your domain. this has to be your actual domain (e.g. banchopy.com or banchopy.net) and mustn't include any domain-specific hostnames (e.g. www.banchopy.com or similar)

Step 2

then you have to choose your plan, for us it should be enough with the Free plan, you can also upgrade later if you need it

Step 3

now you'll have to copy the nameservers required by Cloudflare to your domain registrar. once you've done this, click on check nameservers

Step 4

once you have finished the above you'll have to add some dns records (A records) so that the necessary domains are being pointed to the ip where bancho.py is running.

you can generate the records to import in cloudflare using the script inside the tools folder

cd tools && ./generate_cf_dns_records.sh && cd..

and on the cloudflare dashboard click Import and Export

Step 5

If you use free freenom domains like .ml, .ga, .ml, .cf, you probably can't import the dns, this is because they are restricted in the Cloudflare API due to significant abuses, in that case you'll have to add the following dns records manually

  • a.yourdomain.com
  • api.yourdomain.com
  • assets.yourdomain.com
  • c.yourdomain.com
  • c4.yourdomain.com
  • ce.yourdomain.com
  • yourdomain.com
  • i.yourdomain.com
  • osu.yourdomain.com
  • s.yourdomain.com
 Step 6

then go to SSL/TLS > overwiew and activate Full (strict)

Step 7

now you'll need to create certificates generated by cloudflare, SSL>TLS > Origin Server and click on create certificate

Step 8

Step 9

after creating it you'll have to save the content of the origin certificate and the private key in different files in your client

Step 10

nano example.com.pem
# paste the content of the origin certificate

nano example.com.key
# paste the content of the private key

using an own ssl certificate

# you'll need to change:
# - YOUR_EMAIL_ADDRESS
# - YOUR_DOMAIN

# generate an ssl certificate for your domain
sudo certbot certonly \
    --manual \
    --preferred-challenges=dns \
    --email YOUR_EMAIL_ADDRESS \
    --server https://acme-v02.api.letsencrypt.org/directory \
    --agree-tos \
    -d *.YOUR_DOMAIN

enabling cloudflare geolocation data

You have to go to the cloudflare dashboard and go to Rules > Transform rules, after that click on managed transforms and activate add visitor location headers.

Enabling CF geolocation data

Python 3.11+ Code style: black pre-commit.ci status Discord

en-US de-DE es-ES

Basics

Guides

Developers

Clone this wiki locally