Added support for cloudflare API tokens. (#102)
* Added support for cloudflare API tokens. Do not provide a login if using one. The token must have permissions for All zones - Zone:Read, DNS:Edit. * Fixed the grammar in the comments. Co-authored-by: Greg Best <greg@NinjaCatServer>
This commit is contained in:
Greg Best
GitHub
parent
45ae9913f9
commit
18cc3a99e9
2 changed files with 261 additions and 250 deletions
27
ddclient
27
ddclient
|
|
@ -443,6 +443,7 @@ my %variables = (
|
|||
'cloudflare-common-defaults' => {
|
||||
'server' => setv(T_FQDNP, 1, 0, 1, 'api.cloudflare.com/client/v4', undef),
|
||||
'zone' => setv(T_FQDN, 1, 0, 1, '', undef),
|
||||
'login' => setv(T_LOGIN, 0, 0, 1, 'token', undef),
|
||||
'static' => setv(T_BOOL, 0, 1, 1, 0, undef),
|
||||
'wildcard' => setv(T_BOOL, 0, 1, 1, 0, undef),
|
||||
'mx' => setv(T_OFQDN, 0, 1, 1, '', undef),
|
||||
|
|
@ -4524,23 +4525,29 @@ The 'cloudflare' protocol is used by DNS service offered by www.cloudflare.com.
|
|||
Configuration variables applicable to the 'cloudflare' protocol are:
|
||||
protocol=cloudflare ##
|
||||
server=fqdn.of.service ## defaults to api.cloudflare.com/client/v4
|
||||
login=service-login ## login name and password registered with the service
|
||||
password=service-password ##
|
||||
login=service-login ## login email when using a global API key
|
||||
password=service-password ## Global API key, or an API token. If using an API token, it must have the permissions "Zone - DNS - Edit" and "Zone - Zone - Read". The Zone resources must be "Include - All zones".
|
||||
fully.qualified.host ## the host registered with the service.
|
||||
|
||||
Example ${program}.conf file entries:
|
||||
## single host update
|
||||
## single host update using a global API key
|
||||
protocol=cloudflare, \\
|
||||
zone=dns.zone, \\
|
||||
login=my-cloudflare.com-login, \\
|
||||
password=my-cloudflare.com-secure-token \\
|
||||
password=my-cloudflare-global-key \\
|
||||
myhost.com
|
||||
|
||||
## single host update using an API token
|
||||
protocol=cloudflare, \\
|
||||
zone=dns.zone, \\
|
||||
password=cloudflare-api-token \\
|
||||
myhost.com
|
||||
|
||||
## multiple host update to the custom DNS service
|
||||
protocol=cloudflare, \\
|
||||
zone=dns.zone, \\
|
||||
login=my-cloudflare.com-login, \\
|
||||
password=my-cloudflare.com-secure-token \\
|
||||
password=my-cloudflare-global-api-key \\
|
||||
my-toplevel-domain.com,my-other-domain.com
|
||||
EoEXAMPLE
|
||||
}
|
||||
|
|
@ -4560,9 +4567,13 @@ sub nic_cloudflare_update {
|
|||
my $key = $hosts[0];
|
||||
my $ip = $config{$key}{'wantip'};
|
||||
|
||||
my $headers = "X-Auth-Email: $config{$key}{'login'}\n";
|
||||
$headers .= "X-Auth-Key: $config{$key}{'password'}\n";
|
||||
$headers .= "Content-Type: application/json";
|
||||
my $headers = "Content-Type: application/json\n";
|
||||
if ($config{$key}{'login'} eq 'token') {
|
||||
$headers .= "Authorization: Bearer $config{$key}{'password'}";
|
||||
} else {
|
||||
$headers .= "X-Auth-Email: $config{$key}{'login'}\n";
|
||||
$headers .= "X-Auth-Key: $config{$key}{'password'}";
|
||||
}
|
||||
|
||||
# FQDNs
|
||||
for my $domain (@hosts) {
|
||||
|
|
|
|||
|
|
@ -210,8 +210,8 @@ ssl=yes # use ssl-support. Works with
|
|||
#protocol=cloudflare, \
|
||||
#zone=domain.tld, \
|
||||
#ttl=1, \
|
||||
#login=your-login-email, \
|
||||
#password=APIKey \
|
||||
#login=your-login-email, \ # Only needed if you are using your global API key.
|
||||
#password=APIKey \ # This is either your global API key, or an API token. If you are using an API token, it must have the permissions "Zone - DNS - Edit" and "Zone - Zone - Read". The Zone resources must be "Include - All zones".
|
||||
#domain.tld,my.domain.tld
|
||||
|
||||
##
|
||||
|
|
|
|||
Loading…
Reference in a new issue