Ok, so you've got a public domain name and you want to use Sovereign Stack to create a new bitcoin-native website. Great! Before you start running any Sovereign Stack scripts, you'll need to populate your DNS records in BOTH your internal DNS Server as well as your public name provider: e.g., namecheap, etc.
First, it is recommended to switch on DNSSEC for the domain and TURN OFF everything else. All you need are some DNS records: A+, ALIAS, and a bunch of CNAME records. Internal DNS names will resolve to the Cluster IP address (usually an RFC 1918 space), while the public domain records will resolve to your firewall WAN interface.
The table below shows the records required by a typical public domain, domain.tld.
| Type | Host | Value | Description |
|---|---|---|---|
| ALIAS | @ | dc1.ddns-host.tld | This record returns the root A Record (an IP address); whatever 'dc1.ddns-host.tld' resovles to. |
| CAA | @ | 0 issue "letsencrypt.org" | Restricts certificate issuance/renewal to LetsEncrypt. |
| CNAME | www | domain.tld | Host record for www.domain.tld (ghost). |
| CNAME | btcpay | domain.tld | Host record for btcpay.domain.tld (btcpay server). |
| CNAME | nextcloud | domain.tld | Host record for nextcloud.domain.tld (nextcloud). |
| CNAME | git | domain.tld | Host record for git.domain.tld (gitea). |
| CNAME | relay | domain.tld | Host record for relay.domain.tld (nostr relay). |
| CNAME | tip | domain.tld | BTCPay Alias. |
Root A Record
The @ record MAY be specified as an ALIAS record in in your public DNS provider. If your public DNS provider doesn't support ALIAS records, simply set the A+ record as your @ instead.
@ record MUST resolve to an A record when resolved by clients.When you have your domains configured using this structure, everything will just update whenever your datacenter (dc0) gets a new IP address from your upstream ISP.
BTC Pay Aliases
In addition, if you desire, you can define additional CNAME records that resolve to your deployment BTCPay server. For example, if you want to accept tips, you might choose tip.domain.tld. If you're a retail or online store, you might choose pay or store or something like that. Other examples includes crowdfund, pago, checkout, etc.. Whatever you choose, define them in your public records and be sure the value resolves to btcpay.domain.tld (make these particular CNAME records dependent an a different CNAME).
Like this project? Consider donating to the monthly crowdfund.