Ok, so you've got a public domain name and you want to use Sovereign Stack to create a new bitcoin-native website. Great! Before you start running any Sovereign Stack scripts, you'll need to populate your DNS records in BOTH your internal DNS Server as well as your public name provider: e.g., namecheap, etc.
First, it is recommended to switch on DNSSEC for the domain and TURN OFF everything else. All you need are some DNS records: A+, ALIAS, and a bunch of CNAME records. Internal DNS names will resolve to the Cluster IP address (usually an RFC 1918 space), while the public domain records will resolve to your firewall WAN interface.
The table below shows the records required by a typical public domain,
|ALIAS||@||dc1.ddns-host.tld||This record returns the root A Record (an IP address); whatever 'dc1.ddns-host.tld' resovles to.|
|CAA||@||0 issue "letsencrypt.org"||Restricts certificate issuance/renewal to LetsEncrypt.|
|CNAME||www||domain.tld||Host record for www.domain.tld (ghost).|
|CNAME||btcpay||domain.tld||Host record for btcpay.domain.tld (btcpay server).|
|CNAME||nextcloud||domain.tld||Host record for nextcloud.domain.tld (nextcloud).|
|CNAME||git||domain.tld||Host record for git.domain.tld (gitea).|
|CNAME||relay||domain.tld||Host record for relay.domain.tld (nostr relay).|
Root A Record
@ record MAY be specified as an
ALIAS record in in your public DNS provider. If your public DNS provider doesn't support
ALIAS records, simply set the A+ record as your
@record MUST resolve to an
Arecord when resolved by clients.
When you have your domains configured using this structure, everything will just update whenever your datacenter (
dc0) gets a new IP address from your upstream ISP.
BTC Pay Aliases
In addition, if you desire, you can define additional CNAME records that resolve to your deployment BTCPay server. For example, if you want to accept tips, you might choose
tip.domain.tld. If you're a retail or online store, you might choose
store or something like that. Other examples includes
checkout, etc.. Whatever you choose, define them in your public records and be sure the value resolves to
btcpay.domain.tld (make these particular CNAME records dependent an a different CNAME).
Like this project? Consider donating to the monthly crowdfund.