pob
/
cloudflare
mirror of https://github.com/K0p1-Git/cloudflare-ddns-updater
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow user to load variables from different places

Browse Source
pull/77/head
Rui Coelho 1 year ago
parent e62fbd56ce
commit c726506a19
No known key found for this signature in database
GPG Key ID: 6AFF33C32F7DB31B
1 changed files with 219 additions and 173 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 254
      cloudflare-templatev6.sh

254
cloudflare-templatev6.sh
Unescape View File

@ -1,67 +1,103 @@
#!/bin/bash
## change to "bin/sh" when necessary
############## CLOUDFLARE CREDENTIALS ##############
# @auth_email - The email used to login 'https://dash.cloudflare.com'
# @auth_method - Set to "global" for Global API Key or "token" for Scoped API Token
# @auth_key - Your API Token or Global API Key
# @zone_identifier - Can be found in the "Overview" tab of your domain
# -------------------------------------------------- #
auth_email=""
auth_method="token"
auth_key=""
zone_identifier=""
############# DNS RECORD CONFIGURATION #############
# @record_name - Which record you want to be synced
# @ttl - DNS TTL (seconds), can be set between (30 if enterprise) 60 and 86400 seconds, or 1 for Automatic
# @proxy - Set the proxy to true or false
# -------------------------------------------------- #
record_name=""
ttl="3600"
proxy="false"
############### SCRIPT CONFIGURATION ###############
# @static_IPv6_mode - Useful if you are using EUI-64 IPv6 address with SLAAC IPv6 suffix token. (Privacy Extensions)
# + Or some kind of static IPv6 assignment from DHCP server configuration, etc
# + If set to false, the IPv6 address will be acquired from external services
# @last_notable_hexes - Used with `static_IPv6_mode`. Configure this to target what specific IPv6 address to search for
# + E.g. Your global primary IPv6 address is 2404:6800:4001:80e::59ec:ab12:34cd, then
# + You can put values (i.e. static suffixes) such as "34cd", "ab12:34cd" and etc
# @log_header_name - Header name used for logs
# -------------------------------------------------- #
static_IPv6_mode="false"
last_notable_hexes="ffff:ffff"
log_header_name="DDNS Updater_v6"
############# WEBHOOKS CONFIGURATION ###############
# @sitename - Title of site "Example Site"
# @slackchannel - Slack Channel #example
# @slackuri - URI for Slack WebHook "https://hooks.slack.com/services/xxxxx"
# @discorduri - URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx"
# -------------------------------------------------- #
sitename=""
slackchannel=""
slackuri=""
discorduri=""
################################################
## Make sure we have a valid IPv6 connection
################################################
if ! { curl -6 -s --head --fail https://ipv6.google.com >/dev/null; }; then
display_help(){
logger "Usage: $0 [local|file|pass]"
logger " local - Load variables from this script"
logger " file - Load variables from a file"
logger " pass - Load variables from pass"
}
load_variables(){
case "$1" in
"local")
############## CLOUDFLARE CREDENTIALS ##############
# @auth_email - The email used to login 'https://dash.cloudflare.com'
# @auth_method - Set to "global" for Global API Key or "token" for Scoped API Token
# @auth_key - Your API Token or Global API Key
# @zone_identifier - Can be found in the "Overview" tab of your domain
# -------------------------------------------------- #
auth_email=""
auth_method="token"
auth_key=""
zone_identifier=""
############# DNS RECORD CONFIGURATION #############
# @record_name - Which record you want to be synced
# @ttl - DNS TTL (seconds), can be set between (30 if enterprise) 60 and 86400 seconds, or 1 for Automatic
# @proxy - Set the proxy to true or false
# -------------------------------------------------- #
record_name=""
ttl="3600"
proxy="false"
############### SCRIPT CONFIGURATION ###############
# @static_IPv6_mode - Useful if you are using EUI-64 IPv6 address with SLAAC IPv6 suffix token. (Privacy Extensions)
# + Or some kind of static IPv6 assignment from DHCP server configuration, etc
# + If set to false, the IPv6 address will be acquired from external services
# @last_notable_hexes - Used with `static_IPv6_mode`. Configure this to target what specific IPv6 address to search for
# + E.g. Your global primary IPv6 address is 2404:6800:4001:80e::59ec:ab12:34cd, then
# + You can put values (i.e. static suffixes) such as "34cd", "ab12:34cd" and etc
# @log_header_name - Header name used for logs
# -------------------------------------------------- #
static_IPv6_mode="false"
last_notable_hexes="ffff:ffff"
log_header_name="DDNS Updater_v6"
############# WEBHOOKS CONFIGURATION ###############
# @sitename - Title of site "Example Site"
# @slackchannel - Slack Channel #example
# @slackuri - URI for Slack WebHook "https://hooks.slack.com/services/xxxxx"
# @discorduri - URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx"
# -------------------------------------------------- #
sitename=""
slackchannel=""
slackuri=""
discorduri=""
;;
"file")
# Load variables from file
CONFIG_FILE="$HOME/.cloudflare/config6.ini"
# Check if the configuration file exists
if [ -f "$CONFIG_FILE" ]; then
# Load configuration from the file
source "$CONFIG_FILE"
else
logger "Error: Configuration file '$CONFIG_FILE' not found."
exit 1
fi
;;
"pass")
# Load variables from pass
source <(pass credentials/cloudflare)
;;
*)
logger "Invalid load_variables option"
exit 1
;;
esac
}
validate_variables(){
# Validate required variables
if [[ -z $auth_email || -z $auth_key || -z $zone_identifier || -z $record_name ]]; then
logger "Missing required variables. Please provide values for 'auth_email', 'auth_key', 'zone_identifier', and 'record_name'."
exit 1
fi
}
check_ipv6_is_available(){
if ! { curl -6 -s --head --fail https://ipv6.google.com >/dev/null; }; then
logger -s "$log_header_name: Unable to establish a valid IPv6 connection to a known host."
exit 1
fi
fi
################################################
## Finding our IPv6 address
################################################
# Regex credits to https://stackoverflow.com/a/17871737
ipv6_regex="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))"
# Regex credits to https://stackoverflow.com/a/17871737
ipv6_regex="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))"
if $static_IPv6_mode; then
if $static_IPv6_mode; then
# Test whether 'ip' command is available
if { command -v "ip" &>/dev/null; }; then
ip=$(ip -6 -o addr show scope global primary -deprecated | grep -oE "$ipv6_regex" | grep -oE ".*($last_notable_hexes)$")
@ -69,7 +105,7 @@ if $static_IPv6_mode; then
# Fall back to 'ifconfig' command
ip=$(ifconfig | grep -oE "$ipv6_regex" | grep -oE ".*($last_notable_hexes)$")
fi
else
else
# Use external services to discover our system's preferred IPv6 address
ip=$(curl -s -6 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip')
ret=$?
@ -80,76 +116,63 @@ else
# Extract just the ip from the ip line from cloudflare.
ip=$(echo $ip | sed -E "s/^ip=($ipv6_regex)$/\1/")
fi
fi
fi
# Check point: Make sure the collected IPv6 address is valid
if [[ ! $ip =~ ^$ipv6_regex$ ]]; then
# Check point: Make sure the collected IPv6 address is valid
if [[ ! $ip =~ ^$ipv6_regex$ ]]; then
logger -s "$log_header_name: Failed to find a valid IPv6 address."
exit 1
fi
fi
}
################################################
## Check and set the proper auth header
################################################
if [[ "${auth_method}" == "global" ]]; then
set_auth_headers(){
if [[ "${auth_method}" == "global" ]]; then
auth_header="X-Auth-Key:"
else
else
auth_header="Authorization: Bearer"
fi
fi
}
################################################
## Seek for the AAAA record
################################################
logger "$log_header_name: Check Initiated"
record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=AAAA&name=$record_name" \
check_if_aaaa_record_exists(){
logger "$log_header_name: Check Initiated"
record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=AAAA&name=$record_name" \
-H "X-Auth-Email: $auth_email" \
-H "$auth_header $auth_key" \
-H "Content-Type: application/json")
################################################
## Check if the domain has an AAAA record
################################################
if [[ $record == *"\"count\":0"* ]]; then
if [[ $record == *"\"count\":0"* ]]; then
logger -s "$log_header_name: Record does not exist, perhaps create one first? (${ip} for ${record_name})"
exit 1
fi
fi
}
################################################
## Get existing IP
################################################
old_ip=$(echo "$record" | sed -E 's/.*"content":"'${ipv6_regex}'".*/\1/')
get_current_ip_from_cloudflare(){
old_ip=$(echo "$record" | sed -E 's/.*"content":"'${ipv6_regex}'".*/\1/')
# Make sure the extracted IPv6 address is valid
if [[ ! $old_ip =~ ^$ipv6_regex$ ]]; then
# Make sure the extracted IPv6 address is valid
if [[ ! $old_ip =~ ^$ipv6_regex$ ]]; then
logger -s "$log_header_name: Unable to extract existing IPv6 address from DNS record."
exit 1
fi
fi
# Compare if they're the same
if [[ $ip == $old_ip ]]; then
# Compare if they're the same
if [[ $ip == $old_ip ]]; then
logger "$log_header_name: IP ($ip) for ${record_name} has not changed."
exit 0
fi
################################################
## Set the record identifier from result
################################################
record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/')
fi
}
################################################
## Change the IP@Cloudflare using the API
################################################
update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \
update_ip_on_cloudflare(){
record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/')
update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \
-H "X-Auth-Email: $auth_email" \
-H "$auth_header $auth_key" \
-H "Content-Type: application/json" \
--data "{\"content\":\"$ip\",\"ttl\":\"$ttl\",\"proxied\":$proxy}")
}
################################################
## Report the status
################################################
case "$update" in
*"\"success\":false"*)
send_webhooks(){
case "$update" in
*"\"success\":false"*)
echo -e "$log_header_name: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s
if [[ $slackuri != "" ]]; then
curl -L -X POST $slackuri \
@ -166,7 +189,7 @@ case "$update" in
fi
exit 1
;;
*)
*)
logger "$log_header_name: $ip $record_name DDNS updated."
if [[ $slackuri != "" ]]; then
curl -L -X POST $slackuri \
@ -183,4 +206,27 @@ case "$update" in
fi
exit 0
;;
esac
}
main(){
validate_variables
check_ipv6_is_available
set_auth_headers
check_if_aaaa_record_exists
get_current_ip_from_cloudflare
update_ip_on_cloudflare
send_webhooks
}
# switch for environment variables loading
case "$1" in
"local"|"file"|"pass")
load_variables "$1"
main
;;
*)
display_help
exit 1
;;
esac
Write Preview
Loading…
Cancel
Save