Skip to content

Home

Jump to bottom
AsaTyr2018 edited this page Mar 17, 2026 · 25 revisions

DomNexDomain User Guide

Welcome to the DomNexDomain wiki.

This guide is intentionally written for non-technical users and operators who want clear, practical steps.

Recommended Start

  1. Quick Start (10 Minutes)
  2. Prerequisites
  3. Installation (Bare Metal)
  4. First Login & Initial Setup
  5. Initial Setup Assistant and OTS

Topics

Who is DomNexDomain for?

  • Home lab users
  • Small teams with multiple internal services
  • Operators who want one Linux service instead of a stack of separate tools

What Changed Recently

  • New first-boot Setup Assistant with OTS unlock and setup API gating
  • In-house MFA/2FA upgrades:
    • per-role MFA enforcement in Settings -> MFA (admin, domain-admin, read-only)
    • per-user MFA self-service in My Account
    • admin MFA reset with break-glass operational path
    • security coupling: Disable IP check is only allowed for MFA-enabled users
  • Strategic Intel is now the unified analytics workspace:
    • Overview, Events, Telemetry, Geo, Investigations, Notifications
    • cleaner navigation for big-data operations
    • geo map embedded directly in the Geo tab
    • Investigations now pivots directly on trace IDs and shows chronological flow, evidence, and action entries
  • Resilience upgrades after internet/provider drops:
    • Public WAN IP sync now runs every 10 minutes and performs startup reconcile
    • DNS maintenance worker runs every 1 minute for apex + subdomain reachability transitions
    • automatic Cloudflare domain/host reconciliation on mismatch
    • maintenance writes change events only (no periodic check spam)
  • Built-in edge WAF baseline:
    • automatic temporary block on unknown-host flood patterns
    • 15-minute TTL (no permanent auto-block)
  • Threat Intel management upgrades:
    • two policy modes: Monitor only and Auto mode
    • allowlist-first behavior across both modes
    • XP/Level/Tier model with New, Watched, and Blocked views
    • feed intelligence is backend-first (no direct hard block on feed sync)
    • first real feed/signature-driven contact enters the watched band (Level 3) instead of instant block
    • hard blocks age into watch state after long inactivity for controlled lifecycle
    • hard-block requests are edge-dropped (proxy.block.hard_drop) instead of rendered as normal error pages
  • Trace collection upgrades:
    • dedicated trace timeline store for reproducible investigations
    • first-contact flow capture at the edge
    • trace retention limited to 60 days with automatic pruning
  • Retention controls in Settings -> Advanced:
    • configurable data retention per data domain
    • automatic daily purge job
    • audit evidence via retention.purge actions in Strategic Intel -> Events
  • Smart error pages:
    • branded DomNexDomain pages for routing/policy/origin failures
    • embedded trace IDs for direct log correlation
  • Style system and branding:
    • Monolith, CyberMonolith, and Custom themes
    • logo integrated across navigation, login, and error pages
  • Dedicated Backup menu with encrypted packages, scheduler, FTP target, and post-restore check/cert warmup
  • GeoIP data pipeline upgrades:
    • multi-source ingest (.mmdb, .csv, .mmdb.gz, .csv.gz, .zip)
    • compiled Source-of-Truth MMDB for runtime lookups
    • auto-compile on upload/start + scheduled compile checks
    • Settings -> GeoIP Sources now includes source index, dataset stats, and upload progress

Important

  • Restrict admin access to trusted networks only.
  • Complete first-boot setup immediately after installation and store admin credentials securely.
  • Use HTTPS for all external access whenever possible.

Need Help?

DomNexDomain Wiki

Clone this wiki locally