Back to Details

domain-dns-ops

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Domain/DNS Ops (Peter)

域名/DNS操作(专属Peter)

This skill is a thin router: use 
~/Projects/manager
as truth, run the repo scripts, follow the checklists.
本技能是一个轻量路由工具:以
~/Projects/manager
作为唯一可信源,运行仓库中的脚本并遵循检查清单操作。

Source of truth (read first)

唯一可信源(请先阅读)

  • ~/Projects/manager/DOMAINS.md
    (domain -> target map; registrar hints; exclusions)
  • ~/Projects/manager/DNS.md
    (Cloudflare onboarding + DNS/redirect checklist)
  • ~/Projects/manager/redirect-worker.ts
    + 
    ~/Projects/manager/redirect-worker-mapping.md
    (worker redirects)
  • ~/Projects/manager/DOMAINS.md
    (域名→目标映射、注册商提示、排除项)
  • ~/Projects/manager/DNS.md
    (Cloudflare接入 + DNS/重定向检查清单)
  • ~/Projects/manager/redirect-worker.ts
    + 
    ~/Projects/manager/redirect-worker-mapping.md
    (Worker重定向配置)

Golden path (new vanity domain -> Cloudflare -> redirect)

标准流程(新 vanity 域名 → Cloudflare → 重定向)

  1. Decide routing model
    • Page Rule redirect (small scale, per-zone).
    • Rulesets / Bulk Redirects (account-level; needs token perms).
    • Worker route (fallback; uses 
      redirect-worker
      ).
  2. Cloudflare zone
    • Create zone (UI), then confirm with 
      cli4
      : 
      • cli4 --get name=example.com /zones
  3. Nameservers
    • If registrar = Namecheap: 
      cd ~/Projects/manager && source profile && bin/namecheap-set-ns example.com emma.ns.cloudflare.com scott.ns.cloudflare.com
    • If registrar = DNSimple: see 
      ~/Projects/manager/DNS.md
      for delegation API notes.
  4. DNS placeholders (so CF can terminate HTTPS)
    • Proxied apex 
      A
      + wildcard 
      A
      192.0.2.1
      (see 
      ~/Projects/manager/DNS.md
      for exact 
      cli4
      calls).
  5. Redirect
    • If using Page Rules: use the 
      cli4 --post ... /pagerules
      template from 
      ~/Projects/manager/DNS.md
      .
    • If using Worker: update mapping (
      ~/Projects/manager/redirect-worker-mapping.md
      ), deploy/bind routes per 
      ~/Projects/manager/DNS.md
      .
  6. Verify
    • DNS: 
      dig +short example.com @1.1.1.1
      (expect CF anycast).
    • HTTPS redirect: 
      curl -I https://example.com
      (expect 
      301
      ).
  1. 确定路由模型
    • Page Rule重定向(小规模,按区域配置)。
    • Rulesets / 批量重定向(账户级;需要令牌权限)。
    • Worker路由(备选方案;基于
      redirect-worker
      实现)。
  2. Cloudflare区域配置
    • 在UI中创建区域,然后使用
      cli4
      确认: 
      • cli4 --get name=example.com /zones
  3. 域名服务器设置
    • 若注册商为Namecheap:执行
      cd ~/Projects/manager && source profile && bin/namecheap-set-ns example.com emma.ns.cloudflare.com scott.ns.cloudflare.com
    • 若注册商为DNSimple:查看
      ~/Projects/manager/DNS.md
      中的委托API说明。
  4. DNS占位符配置(使CF能终止HTTPS)
    • 配置代理化的根域名
      A
      记录 + 通配符
      A
      记录 → 
      192.0.2.1
      (具体
      cli4
      命令请查看
      ~/Projects/manager/DNS.md
      )。
  5. 重定向配置
    • 若使用Page Rules:使用
      ~/Projects/manager/DNS.md
      中的
      cli4 --post ... /pagerules
      模板。
    • 若使用Worker:更新映射文件
      ~/Projects/manager/redirect-worker-mapping.md
      ,并按照
      ~/Projects/manager/DNS.md
      中的说明部署/绑定路由。
  6. 验证配置
    • DNS验证:
      dig +short example.com @1.1.1.1
      (预期返回CF任播地址)。
    • HTTPS重定向验证:
      curl -I https://example.com
      (预期返回
      301
      状态码)。

Common ops

常见操作

  • Cloudflare token sanity: 
    source ~/.profile
    (prefer 
    CLOUDFLARE_API_TOKEN
    ; 
    CF_API_TOKEN
    fallback).
  • Disable “Block AI bots”: 
    cd ~/Projects/manager && source profile && bin/cloudflare-ai-bots status
    / 
    bin/cloudflare-ai-bots disable
    .
  • Cloudflare令牌有效性检查:执行
    source ~/.profile
    (优先使用
    CLOUDFLARE_API_TOKEN
    ;备选
    CF_API_TOKEN
    )。
  • 禁用“拦截AI机器人”功能:执行
    cd ~/Projects/manager && source profile && bin/cloudflare-ai-bots status
    / 
    bin/cloudflare-ai-bots disable

After edits (commit/push)

编辑后操作(提交/推送)

If you changed anything in 
~/Projects/manager
(docs, worker, scripts, mappings): commit there too.
  1. Review: 
    cd ~/Projects/manager && git status && git diff
  2. Stage: 
    git add <paths>
  3. Commit (Conventional Commits): 
    git commit -m "feat: …"
    / 
    fix:
    / 
    docs:
    / 
    chore:
  4. Push only when explicitly asked: 
    git push origin main
若你修改了
~/Projects/manager
中的任何内容(文档、Worker、脚本、映射):请同时提交到该仓库。
  1. 审查:
    cd ~/Projects/manager && git status && git diff
  2. 暂存:
    git add <paths>
  3. 提交(遵循Conventional Commits规范):
    git commit -m "feat: …"
    / 
    fix:
    / 
    docs:
    / 
    chore:
  4. 仅在明确要求时推送:
    git push origin main

Guardrails

操作限制

  • Don’t touch 
    .md
    lore domains or 
    steipete.md
    unless explicitly asked; check 
    ~/Projects/manager/DOMAINS.md
    .
  • Confirm registrar before debugging CF “invalid nameservers” (often “wrong registrar”).
  • Prefer reversible steps; verify after each change (NS → DNS → redirect).
  • 除非明确要求,否则请勿修改
    .md
    文档中的专属域名或
    steipete.md
    ;请先查看
    ~/Projects/manager/DOMAINS.md
  • 当调试Cloudflare“无效域名服务器”问题时,请先确认注册商信息(通常是“注册商选择错误”导致)。
  • 优先选择可回滚的操作步骤;每次修改后进行验证(域名服务器→DNS→重定向)。