evan/ewconfig
1
Fork 0
Code

Add API token param for cron

Browse Source
This commit is contained in:
Evan Pratten 2024-04-22 11:41:46 -04:00
parent 808ba8ec94
commit e2c3a2fcdc
1 changed files with 49 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
scripts/cfddns
View File

@ -130,6 +130,7 @@ def main() -> int:
help="Print actions instead of performing them", help="Print actions instead of performing them",
action="store_true", action="store_true",
) )
ap.add_argument("--api-token", help="Cloudflare API token")
ap.add_argument( ap.add_argument(
"-v", "--verbose", help="Enable verbose logging", action="store_true" "-v", "--verbose", help="Enable verbose logging", action="store_true"
) )
@ -142,7 +143,7 @@ def main() -> int:
) )
# Read env vars needed for the Cloudflare API # Read env vars needed for the Cloudflare API
cf_api_token = read_secret("api-token") cf_api_token = args.api_token or read_secret("api-token")
if not cf_api_token: if not cf_api_token:
logger.error( logger.error(
"Failed to read the Cloudflare API token. Either set $CFDDNS_API_TOKEN or use ewp-secrets" "Failed to read the Cloudflare API token. Either set $CFDDNS_API_TOKEN or use ewp-secrets"
@ -170,7 +171,7 @@ def main() -> int:
# Print the IPs we found # Print the IPs we found
logger.info(f"Our IPv4 address is {ipv4}") logger.info(f"Our IPv4 address is {ipv4}")
logger.info(f"Our IPv6 address is {ipv6}") logger.info(f"Our IPv6 address is {ipv6}")
# Look up the contents of the zone # Look up the contents of the zone
zone_contents_response = requests.get( zone_contents_response = requests.get(
f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records", f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records",
@ -189,18 +190,24 @@ def main() -> int:
logger.error("Failed to get the zone contents") logger.error("Failed to get the zone contents")
print(zone_contents) print(zone_contents)
return 1 return 1
# Clear all non-matching A and AAAA records on the base zone # Clear all non-matching A and AAAA records on the base zone
has_correct_ipv4_record = False has_correct_ipv4_record = False
has_correct_ipv6_record = False has_correct_ipv6_record = False
apex_name = None apex_name = None
for record in zone_contents["result"]: for record in zone_contents["result"]:
if record["name"] == args.base_zone and record["type"] in ["A", "AAAA"]: if record["name"] == args.base_zone and record["type"] in ["A", "AAAA"]:
logger.info(f"Found existing {record['type']} record for {record['name']}. Value: {record['content']}") logger.info(
f"Found existing {record['type']} record for {record['name']}. Value: {record['content']}"
)
# If this doesn't match the corresponding IP, delete it # If this doesn't match the corresponding IP, delete it
if (record["type"] == "A" and record["content"] != str(ipv4)) or (record["type"] == "AAAA" and record["content"] != str(ipv6)): if (record["type"] == "A" and record["content"] != str(ipv4)) or (
logger.info(f"Deleting stale record {record['id']} ({record['content']})") record["type"] == "AAAA" and record["content"] != str(ipv6)
):
logger.info(
f"Deleting stale record {record['id']} ({record['content']})"
)
if not args.dry_run: if not args.dry_run:
delete_response = requests.delete( delete_response = requests.delete(
f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records/{record['id']}", f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records/{record['id']}",
@ -214,24 +221,24 @@ def main() -> int:
except Exception as e: except Exception as e:
logger.error(delete_response.json()) logger.error(delete_response.json())
raise e raise e
# Mark the record as OK if it is ok # Mark the record as OK if it is ok
else: else:
if record["type"] == "A": if record["type"] == "A":
has_correct_ipv4_record = True has_correct_ipv4_record = True
elif record["type"] == "AAAA": elif record["type"] == "AAAA":
has_correct_ipv6_record = True has_correct_ipv6_record = True
# Keep track of the apex # Keep track of the apex
if not apex_name: if not apex_name:
apex_name = record["zone_name"] apex_name = record["zone_name"]
# Figure out *when* we are # Figure out *when* we are
now = datetime.now().isoformat() now = datetime.now().isoformat()
# If the base name is the apex, switch it to @ # If the base name is the apex, switch it to @
base_name = args.base_zone if args.base_zone != apex_name else "@" base_name = args.base_zone if args.base_zone != apex_name else "@"
# Write new A and AAAA records (if needed) to the base zone # Write new A and AAAA records (if needed) to the base zone
if ipv4 and not has_correct_ipv4_record: if ipv4 and not has_correct_ipv4_record:
logger.info(f"Creating new A record for {base_name} with value {ipv4}") logger.info(f"Creating new A record for {base_name} with value {ipv4}")
@ -248,7 +255,7 @@ def main() -> int:
"content": str(ipv4), "content": str(ipv4),
"ttl": 60, "ttl": 60,
"proxied": False, "proxied": False,
"comment": f"Auto-generated by cfddns on {now}" "comment": f"Auto-generated by cfddns on {now}",
}, },
) )
try: try:
@ -271,7 +278,7 @@ def main() -> int:
"content": str(ipv6), "content": str(ipv6),
"ttl": 60, "ttl": 60,
"proxied": False, "proxied": False,
"comment": f"Auto-generated by cfddns on {now}" "comment": f"Auto-generated by cfddns on {now}",
}, },
) )
try: try:
@ -279,22 +286,26 @@ def main() -> int:
except Exception as e: except Exception as e:
logger.error(create_response.json()) logger.error(create_response.json())
raise e raise e
# If we should be creating subdomains, do so # If we should be creating subdomains, do so
if not args.no_ipv4_subzone and ipv4: if not args.no_ipv4_subzone and ipv4:
# Look for an existing record # Look for an existing record
already_exists = False already_exists = False
for record in zone_contents["result"]: for record in zone_contents["result"]:
if record["name"] == f"ipv4.{args.base_zone}" and record["type"] == "A": if record["name"] == f"ipv4.{args.base_zone}" and record["type"] == "A":
logger.info(f"Found existing A record for {record['name']}. Value: {record['content']}") logger.info(
f"Found existing A record for {record['name']}. Value: {record['content']}"
)
# If the record matches, we're done # If the record matches, we're done
if record["content"] == str(ipv4): if record["content"] == str(ipv4):
already_exists = True already_exists = True
break break
# Otherwise, delete it # Otherwise, delete it
logger.info(f"Deleting stale record {record['id']} ({record['content']})") logger.info(
f"Deleting stale record {record['id']} ({record['content']})"
)
if not args.dry_run: if not args.dry_run:
delete_response = requests.delete( delete_response = requests.delete(
f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records/{record['id']}", f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records/{record['id']}",
@ -308,10 +319,12 @@ def main() -> int:
except Exception as e: except Exception as e:
logger.error(delete_response.json()) logger.error(delete_response.json())
raise e raise e
# If the record doesn't exist, create it # If the record doesn't exist, create it
if not already_exists: if not already_exists:
logger.info(f"Creating new A record for ipv4.{args.base_zone} with value {ipv4}") logger.info(
f"Creating new A record for ipv4.{args.base_zone} with value {ipv4}"
)
if not args.dry_run: if not args.dry_run:
create_response = requests.post( create_response = requests.post(
f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records", f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records",
@ -325,7 +338,7 @@ def main() -> int:
"content": str(ipv4), "content": str(ipv4),
"ttl": 60, "ttl": 60,
"proxied": False, "proxied": False,
"comment": f"Auto-generated by cfddns on {now}" "comment": f"Auto-generated by cfddns on {now}",
}, },
) )
try: try:
@ -338,15 +351,19 @@ def main() -> int:
already_exists = False already_exists = False
for record in zone_contents["result"]: for record in zone_contents["result"]:
if record["name"] == f"ipv6.{args.base_zone}" and record["type"] == "AAAA": if record["name"] == f"ipv6.{args.base_zone}" and record["type"] == "AAAA":
logger.info(f"Found existing AAAA record for {record['name']}. Value: {record['content']}") logger.info(
f"Found existing AAAA record for {record['name']}. Value: {record['content']}"
)
# If the record matches, we're done # If the record matches, we're done
if record["content"] == str(ipv6): if record["content"] == str(ipv6):
already_exists = True already_exists = True
break break
# Otherwise, delete it # Otherwise, delete it
logger.info(f"Deleting stale record {record['id']} ({record['content']})") logger.info(
f"Deleting stale record {record['id']} ({record['content']})"
)
if not args.dry_run: if not args.dry_run:
delete_response = requests.delete( delete_response = requests.delete(
f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records/{record['id']}", f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records/{record['id']}",
@ -360,10 +377,12 @@ def main() -> int:
except Exception as e: except Exception as e:
logger.error(delete_response.json()) logger.error(delete_response.json())
raise e raise e
# If the record doesn't exist, create it # If the record doesn't exist, create it
if not already_exists: if not already_exists:
logger.info(f"Creating new AAAA record for ipv6.{args.base_zone} with value {ipv6}") logger.info(
f"Creating new AAAA record for ipv6.{args.base_zone} with value {ipv6}"
)
if not args.dry_run: if not args.dry_run:
create_response = requests.post( create_response = requests.post(
f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records", f"https://api.cloudflare.com/client/v4/zones/{args.zone_id}/dns_records",
@ -377,7 +396,7 @@ def main() -> int:
"content": str(ipv6), "content": str(ipv6),
"ttl": 60, "ttl": 60,
"proxied": False, "proxied": False,
"comment": f"Auto-generated by cfddns on {now}" "comment": f"Auto-generated by cfddns on {now}",
}, },
) )
try: try: