mirror of https://github.com/AeThex-Corporation/AeThex-OS.git synced 2026-04-18 06:17:21 +00:00

MrPiglr a15b5b1015 feat: integrate AeThex Language across entire OS ecosystem

Major Features:
- Custom .aethex programming language with cross-platform compilation
- Compiles to JavaScript, Lua (Roblox), Verse (UEFN), and C# (Unity)
- Built-in COPPA compliance and PII detection for safe metaverse development

Integration Points:
1. Terminal Integration
   - Added 'aethex' command for in-terminal compilation
   - Support for all compilation targets with --target flag
   - Real-time error reporting and syntax highlighting

2. IDE Integration
   - Native .aethex file support in Monaco editor
   - One-click compilation with target selector
   - Download compiled code functionality
   - Two example files: hello.aethex and auth.aethex

3. Curriculum Integration
   - New "AeThex Language" section in Foundry tech tree
   - Three modules: Realities & Journeys, Cross-Platform Sync, COPPA Compliance
   - Certification path for students

4. Documentation Site
   - Complete docs at /docs route (client/src/pages/aethex-docs.tsx)
   - Searchable documentation with sidebar navigation
   - Language guide, standard library reference, and examples
   - Ready for deployment to aethex.dev

5. npm Package Publishing
   - @aethex.os/core@1.0.0 - Standard library (published)
   - @aethex.os/cli@1.0.1 - Command line compiler (published)
   - Both packages live on npm and globally installable

Domain Configuration:
- DNS setup for 29+ domains (aethex.app, aethex.co, etc.)
- nginx reverse proxy configuration
- CORS configuration for cross-domain requests
- OAuth redirect fixes for hash-based routing

Standard Library Features:
- Passport: Universal identity across platforms
- DataSync: Cross-platform data synchronization
- SafeInput: PII detection (phone, email, SSN, credit cards)
- Compliance: COPPA/FERPA age gates and audit logging

Documentation Package:
- Created aethex-dev-docs.zip with complete documentation
- Ready for static site deployment
- Includes examples, API reference, and quickstart guide

Technical Improvements:
- Fixed OAuth blank page issue (hash routing)
- Added .gitignore rules for temp files
- Cleaned up build artifacts and temporary files
- Updated all package references to @aethex.os namespace

Co-Authored-By: Claude <noreply@anthropic.com>

2026-02-11 22:28:05 -07:00

19 KiB

Raw Blame History

AeThex Domain Integration Guide

This guide covers how to connect all 29+ AeThex domains to the OS infrastructure.

DNS Configuration
SSL/TLS Certificates
Reverse Proxy Setup
Application Configuration
Deployment Strategy

DNS Configuration

Primary Domains (Active Services)

Configure these DNS records at your domain registrar:

Web Application Domains

# Main OS Interface
aethex.app          A      <your-web-server-ip>
aethex.app          AAAA   <your-web-server-ipv6>

# Alternative entry points
aethex.co           CNAME  aethex.app
aethex.online       CNAME  aethex.app
aethex.site         CNAME  aethex.app

API & Network Services

# Primary API
aethex.network      A      <your-api-server-ip>
aethex.net          CNAME  aethex.network

# API Gateway
api.aethex.cloud    A      <your-api-server-ip>

Authentication Services

# Primary Auth
aethex.tech         A      <your-auth-server-ip>
aethex.id           CNAME  aethex.tech

Cloud Services & Kernel

# Services Layer
aethex.cloud        A      <your-services-server-ip>

# Kernel (Railway deployment)
kernel.aethex.cloud CNAME  <your-railway-url>.up.railway.app

# CDN
cdn.aethex.cloud    CNAME  <your-cdn-provider>

Specialized Services

# Education & Training
aethex.education    CNAME  aethex.app
aethex.studio       CNAME  aethex.app

# E-commerce
aethex.shop         CNAME  aethex.app

# Support
aethex.support      CNAME  aethex.app

# Documentation
aethex.dev          CNAME  aethex.app
aethex.info         CNAME  aethex.app

# Blog & Content
aethex.blog         CNAME  aethex.app

# Storage
aethex.locker       A      <your-storage-server-ip>

# Bot Services
aethex.bot          A      <your-api-server-ip>

# Live Streaming
aethex.live         CNAME  aethex.app

# Gaming
aethex.fun          CNAME  aethex.app

# Metaverse
aethex.space        CNAME  aethex.app

# Profiles
aethex.bio          CNAME  aethex.app
aethex.me           CNAME  aethex.app

# Business
aethex.biz          CNAME  aethex.app
aethex.pro          CNAME  aethex.app

# Foundation
aethex.foundation   CNAME  aethex.app

# Regional
aethex.us           CNAME  aethex.app

# Collaboration
aethex.sbs          CNAME  aethex.app

# Waitlist
waitlist.aethex.app A      <your-web-server-ip>

DNS Propagation Check

After configuring DNS, verify propagation:

# Check A records
dig aethex.app +short
dig aethex.network +short

# Check CNAME records
dig aethex.tech +short
dig kernel.aethex.cloud +short

# Check from multiple locations
for domain in aethex.app aethex.network aethex.tech aethex.cloud; do
  echo "Checking $domain..."
  dig $domain +short @8.8.8.8
  dig $domain +short @1.1.1.1
done

SSL/TLS Certificates

Option 1: Let's Encrypt with Certbot (Recommended)

Install certbot and obtain certificates for all domains:

# Install certbot
sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx

# Obtain certificates (batch request)
sudo certbot certonly --nginx \
  -d aethex.app \
  -d aethex.co \
  -d aethex.network \
  -d aethex.net \
  -d aethex.tech \
  -d aethex.id \
  -d aethex.cloud \
  -d kernel.aethex.cloud \
  -d api.aethex.cloud \
  -d cdn.aethex.cloud \
  -d aethex.education \
  -d aethex.studio \
  -d aethex.shop \
  -d aethex.support \
  -d aethex.dev \
  -d aethex.info \
  -d aethex.blog \
  -d aethex.locker \
  -d aethex.bot \
  -d aethex.live \
  -d aethex.fun \
  -d aethex.space \
  -d aethex.bio \
  -d aethex.me \
  -d aethex.biz \
  -d aethex.pro \
  -d aethex.foundation \
  -d aethex.us \
  -d aethex.sbs \
  -d aethex.online \
  -d aethex.site \
  --email admin@aethex.app \
  --agree-tos

# Auto-renewal (certbot creates this automatically)
sudo systemctl enable certbot.timer
sudo systemctl start certbot.timer

Option 2: Cloudflare (Free SSL + CDN)

Add all domains to Cloudflare
Update nameservers at your registrar
Enable "Full (strict)" SSL mode
Enable "Always Use HTTPS"
Configure Page Rules for routing

Option 3: Wildcard Certificate

For subdomains like *.aethex.cloud:

sudo certbot certonly --manual \
  --preferred-challenges dns \
  -d *.aethex.cloud \
  -d aethex.cloud

Follow prompts to add TXT records to DNS.

Reverse Proxy Setup

Nginx Configuration

Create /etc/nginx/sites-available/aethex-domains:

# Web Application Domains (React SPA)
server {
    listen 80;
    listen [::]:80;
    server_name aethex.app aethex.co aethex.online aethex.site
                aethex.education aethex.studio aethex.shop aethex.support
                aethex.dev aethex.info aethex.blog aethex.fun aethex.space
                aethex.bio aethex.me aethex.biz aethex.pro aethex.foundation
                aethex.us aethex.sbs aethex.live;

    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name aethex.app aethex.co aethex.online aethex.site
                aethex.education aethex.studio aethex.shop aethex.support
                aethex.dev aethex.info aethex.blog aethex.fun aethex.space
                aethex.bio aethex.me aethex.biz aethex.pro aethex.foundation
                aethex.us aethex.sbs aethex.live;

    ssl_certificate /etc/letsencrypt/live/aethex.app/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/aethex.app/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    root /var/www/aethex/dist/public;
    index index.html;

    # SPA routing
    location / {
        try_files $uri $uri/ /index.html;
    }

    # API proxy to backend
    location /api/ {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
    }

    # WebSocket support
    location /ws {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
    }

    # Static assets caching
    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
}

# API & Network Services
server {
    listen 80;
    listen [::]:80;
    server_name aethex.network aethex.net api.aethex.cloud;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name aethex.network aethex.net api.aethex.cloud;

    ssl_certificate /etc/letsencrypt/live/aethex.network/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/aethex.network/privkey.pem;

    location / {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Rate limiting for API
    limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s;
    limit_req zone=api burst=20;
}

# Authentication Services
server {
    listen 80;
    listen [::]:80;
    server_name aethex.tech aethex.id;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name aethex.tech aethex.id;

    ssl_certificate /etc/letsencrypt/live/aethex.tech/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/aethex.tech/privkey.pem;

    location / {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Cloud Services
server {
    listen 80;
    listen [::]:80;
    server_name aethex.cloud;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name aethex.cloud;

    ssl_certificate /etc/letsencrypt/live/aethex.cloud/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/aethex.cloud/privkey.pem;

    location / {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Bot Services
server {
    listen 80;
    listen [::]:80;
    server_name aethex.bot;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name aethex.bot;

    ssl_certificate /etc/letsencrypt/live/aethex.bot/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/aethex.bot/privkey.pem;

    location / {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Storage Services
server {
    listen 80;
    listen [::]:80;
    server_name aethex.locker;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name aethex.locker;

    ssl_certificate /etc/letsencrypt/live/aethex.locker/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/aethex.locker/privkey.pem;

    client_max_body_size 100M;

    location / {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Enable the configuration:

# Link configuration
sudo ln -s /etc/nginx/sites-available/aethex-domains /etc/nginx/sites-enabled/

# Test configuration
sudo nginx -t

# Reload nginx
sudo systemctl reload nginx

Application Configuration

Update Environment Variables

Create/update .env.production:

# Node Environment
NODE_ENV=production

# Domain Configuration
PRIMARY_DOMAIN=aethex.app
API_DOMAIN=aethex.network
AUTH_DOMAIN=aethex.tech
CLOUD_DOMAIN=aethex.cloud

# Allowed Origins (all domains)
ALLOWED_ORIGINS=https://aethex.app,https://aethex.co,https://aethex.network,https://aethex.net,https://aethex.tech,https://aethex.id,https://aethex.cloud,https://kernel.aethex.cloud,https://api.aethex.cloud,https://aethex.education,https://aethex.studio,https://aethex.shop,https://aethex.support,https://aethex.dev,https://aethex.info,https://aethex.blog,https://aethex.locker,https://aethex.bot,https://aethex.live,https://aethex.fun,https://aethex.space,https://aethex.bio,https://aethex.me,https://aethex.biz,https://aethex.pro,https://aethex.foundation,https://aethex.us,https://aethex.sbs,https://aethex.online,https://aethex.site

# API Configuration
VITE_API_BASE_URL=https://aethex.network

# Supabase
SUPABASE_URL=https://kmdeisowhtsalsekkzqd.supabase.co
SUPABASE_SERVICE_KEY=<your-service-key>
VITE_SUPABASE_URL=https://kmdeisowhtsalsekkzqd.supabase.co
VITE_SUPABASE_ANON_KEY=<your-anon-key>

# OAuth Providers
OAUTH_REDIRECT_URI=https://aethex.app
DISCORD_CLIENT_ID=<your-client-id>
DISCORD_CLIENT_SECRET=<your-client-secret>
GITHUB_CLIENT_ID=<your-client-id>
GITHUB_CLIENT_SECRET=<your-client-secret>
ROBLOX_CLIENT_ID=<your-client-id>
ROBLOX_CLIENT_SECRET=<your-client-secret>
TWITCH_CLIENT_ID=<your-client-id>
TWITCH_CLIENT_SECRET=<your-client-secret>

# Stripe
STRIPE_SECRET_KEY=<your-stripe-key>
STRIPE_SUCCESS_URL=https://aethex.tech/upgrade/success
STRIPE_CANCEL_URL=https://aethex.tech/upgrade/cancel

# Session
SESSION_SECRET=<generate-strong-secret-32chars>

# Database
DATABASE_URL=postgresql://user:password@host:5432/aethex_os

Update CORS Configuration

Update server/index.ts or create server/cors-config.ts:

import cors from 'cors';

// All AeThex domains
const allowedOrigins = [
  'https://aethex.app',
  'https://aethex.co',
  'https://aethex.network',
  'https://aethex.net',
  'https://aethex.tech',
  'https://aethex.id',
  'https://aethex.cloud',
  'https://kernel.aethex.cloud',
  'https://api.aethex.cloud',
  'https://cdn.aethex.cloud',
  'https://aethex.education',
  'https://aethex.studio',
  'https://aethex.shop',
  'https://aethex.support',
  'https://aethex.dev',
  'https://aethex.info',
  'https://aethex.blog',
  'https://aethex.locker',
  'https://aethex.bot',
  'https://aethex.live',
  'https://aethex.fun',
  'https://aethex.space',
  'https://aethex.bio',
  'https://aethex.me',
  'https://aethex.biz',
  'https://aethex.pro',
  'https://aethex.foundation',
  'https://aethex.us',
  'https://aethex.sbs',
  'https://aethex.online',
  'https://aethex.site',
  // Development
  'http://localhost:5173',
  'http://localhost:5000',
];

export const corsOptions: cors.CorsOptions = {
  origin: (origin, callback) => {
    // Allow requests with no origin (mobile apps, Postman, etc.)
    if (!origin) return callback(null, true);

    if (allowedOrigins.includes(origin)) {
      callback(null, true);
    } else {
      callback(new Error('Not allowed by CORS'));
    }
  },
  credentials: true,
  methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
  allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
};

Update OAuth Redirect URIs

For each OAuth provider, add ALL possible redirect URIs:

Discord Developer Portal:

https://aethex.app/auth/discord/callback
https://aethex.tech/auth/discord/callback
https://aethex.id/auth/discord/callback

GitHub OAuth Apps:

https://aethex.app/auth/github/callback
https://aethex.tech/auth/github/callback
https://aethex.dev/auth/github/callback

Roblox Creator Hub:

https://aethex.app/auth/roblox/callback
https://aethex.tech/auth/roblox/callback
https://aethex.fun/auth/roblox/callback

Twitch Developer Console:

https://aethex.app/auth/twitch/callback
https://aethex.tech/auth/twitch/callback
https://aethex.live/auth/twitch/callback

Microsoft Azure (Minecraft):

https://aethex.app/auth/minecraft/callback
https://aethex.tech/auth/minecraft/callback
https://aethex.fun/auth/minecraft/callback

Deployment Strategy

Phase 1: Core Infrastructure (Week 1)

Primary Domains:
- aethex.app (main application)
- aethex.network (API)
- aethex.tech (auth)
- aethex.cloud (services)
- kernel.aethex.cloud (Railway deployment)
Setup:
- Configure DNS for primary domains
- Obtain SSL certificates
- Deploy nginx configuration
- Test OAuth flows
- Verify API connectivity

Phase 2: Content & Services (Week 2)

Content Domains:
- aethex.education
- aethex.studio
- aethex.blog
- aethex.info
- aethex.dev
Service Domains:
- aethex.bot
- aethex.locker
- aethex.shop
Setup:
- Route to appropriate services
- Configure content delivery
- Test e-commerce integration

Phase 3: Community & Specialized (Week 3)

Community Domains:
- aethex.live
- aethex.space
- aethex.fun
- aethex.bio
- aethex.me
Setup:
- Configure specialized features
- Test streaming capabilities
- Verify profile systems

Phase 4: Regional & Business (Week 4)

Business Domains:
- aethex.biz
- aethex.pro
- aethex.foundation
- aethex.support
Regional:
- aethex.us
Setup:
- Configure support systems
- Test enterprise features
- Regional routing if needed

Phase 5: Custom TLD (.aethex via Freename)

Blockchain DNS Setup:
- Configure Freename nameservers
- Create architect subdomains
- Integrate with Web3 wallets
Examples:
- architect.aethex
- kernel.aethex
- os.aethex

Monitoring & Verification

Health Check Endpoints

Test each domain:

# Create test script
cat > test-domains.sh << 'EOF'
#!/bin/bash

DOMAINS=(
  "aethex.app"
  "aethex.co"
  "aethex.network"
  "aethex.tech"
  "aethex.cloud"
  "kernel.aethex.cloud"
  "aethex.education"
  "aethex.studio"
  "aethex.shop"
  "aethex.bot"
  "aethex.locker"
  "aethex.live"
  "aethex.dev"
  "aethex.info"
  "aethex.blog"
  "aethex.fun"
  "aethex.space"
  "aethex.bio"
  "aethex.me"
  "aethex.biz"
  "aethex.pro"
  "aethex.foundation"
  "aethex.us"
  "aethex.support"
  "aethex.sbs"
  "aethex.online"
  "aethex.site"
  "aethex.id"
  "aethex.net"
)

for domain in "${DOMAINS[@]}"; do
  echo -n "Testing https://$domain ... "
  status=$(curl -s -o /dev/null -w "%{http_code}" "https://$domain" --max-time 5)
  if [ "$status" -eq 200 ] || [ "$status" -eq 301 ] || [ "$status" -eq 302 ]; then
    echo "✓ $status"
  else
    echo "✗ $status"
  fi
done
EOF

chmod +x test-domains.sh
./test-domains.sh

SSL Certificate Monitoring

# Check certificate expiry
for domain in aethex.app aethex.network aethex.tech aethex.cloud; do
  echo "Checking $domain..."
  echo | openssl s_client -servername $domain -connect $domain:443 2>/dev/null | openssl x509 -noout -dates
done

Uptime Monitoring

Set up monitoring with:

UptimeRobot (free for 50 monitors)
Pingdom
StatusCake
Custom monitoring with /health endpoints

Troubleshooting

DNS Not Resolving

# Clear local DNS cache
sudo systemd-resolve --flush-caches  # Linux
dscacheutil -flushcache              # macOS

# Check DNS propagation
dig aethex.app @8.8.8.8
dig aethex.app @1.1.1.1

SSL Certificate Issues

# Renew certificates manually
sudo certbot renew --force-renewal

# Check certificate chain
openssl s_client -connect aethex.app:443 -showcerts

CORS Errors

Check:

Origin is in allowedOrigins array
Credentials are set correctly
Preflight OPTIONS requests succeed

OAuth Redirect Mismatch

Ensure redirect URI matches exactly:

Protocol (https)
Domain (including subdomain)
Path (including trailing slash if configured)

Next Steps

Review config/domains.json for domain-to-service mapping
Configure DNS records at your registrar
Obtain SSL certificates
Deploy nginx configuration
Update application environment variables
Test OAuth flows on each domain
Monitor health checks

For Railway deployment of kernel.aethex.cloud, see /RAILWAY_DEPLOYMENT.md.

19 KiB Raw Blame History