Octodns-cloudflare - Cloudflare DNS provider for octoDNS

Related tags

Networking octodns-cloudflare
Overview

CloudflareProvider provider for octoDNS

An octoDNS provider that targets Cloudflare.

Installation

Command line

pip install octodns_cloudflare

requirements.txt/setup.py

Pinning specific versions or SHAs is recommended to avoid unplanned upgrades.

Versions
# Start with the latest versions and don't just copy what's here
octodns==0.9.14
octodns_cloudflare==0.0.1
SHAs
# Start with the latest/specific versions and don't just copy what's here
-e git+https://[email protected]/octodns/octodns.git@9da19749e28f68407a1c246dfdf65663cdc1c422#egg=octodns
-e git+https://[email protected]/octodns/octodns_cloudflare.git@ec9661f8b335241ae4746eea467a8509205e6a30#egg=octodns_powerdns

Configuration

providers:
  cloudflare:
    class: octodns_cloudflare.CloudflareProvider
    # The api key (required)
    # Your Cloudflare account email address (required, optional if using token)
    email: env/CLOUDFLARE_EMAIL
    token: env/CLOUDFLARE_TOKEN
    # Import CDN enabled records as CNAME to {}.cdn.cloudflare.net. Records
    # ending at .cdn.cloudflare.net. will be ignored when this provider is
    # not used as the source and the cdn option is enabled.
    #
    # See: https://support.cloudflare.com/hc/en-us/articles/115000830351
    #cdn: false
    # Optional. Default: 4. Number of times to retry if a 429 response
    # is received.
    #retry_count: 4
    # Optional. Default: 300. Number of seconds to wait before retrying.
    #retry_period: 300
    # Optional. Default: 50. Number of zones per page.
    #zones_per_page: 50
    # Optional. Default: 100. Number of dns records per page.
    #records_per_page: 100

Note: The "proxied" flag of "A", "AAAA" and "CNAME" records can be managed via the YAML provider like so:

name:
    octodns:
        cloudflare:
            proxied: true
    ttl: 120
    type: A
    value: 1.2.3.4

Support Information

Records

CloudflareProvider supports A, AAAA, ALIAS, CAA, CNAME, LOC, MX, NS, PTR, SPF, SRV, TXT, and URLFWD. There are restrictions on CAA tag support.

Dynamic

CloudflareProvider does not support dynamic records.

Developement

See the /script/ directory for some tools to help with the development process. They generally follow the Script to rule them all pattern. Most useful is ./script/bootstrap which will create a venv and install both the runtime and development related requirements. It will also hook up a pre-commit hook that covers most of what's run by CI.

Comments
  • Unable to update CloudFlare records

    Unable to update CloudFlare records

    Hello,

    I dumped zone, fixed TTL (detected TTL is 1, so I set 7200). Then I got the following error messages:

    $ octodns-sync --config-file=./env/production.yaml zajezyk.pl. --doit
2018-02-18T19:39:31  [140516258113280] INFO  Manager __init__: config_file=./env/production.yaml
2018-02-18T19:39:31  [140516258113280] INFO  Manager __init__:   max_workers=1
2018-02-18T19:39:31  [140516258113280] INFO  Manager __init__:   max_workers=False
2018-02-18T19:39:31  [140516258113280] INFO  Manager sync: eligible_zones=['zajezyk.pl.'], eligible_targets=[], dry_run=False, force=False
2018-02-18T19:39:31  [140516258113280] INFO  Manager sync:   zone=zajezyk.pl.
2018-02-18T19:39:31  [140516258113280] INFO  Manager sync:   sources=['config'] -> targets=['cloudflare_shared']
2018-02-18T19:39:31  [140516258113280] INFO  YamlProvider[config] populate:   found 6 records
2018-02-18T19:39:31  [140516258113280] INFO  CloudflareProvider[cloudflare_shared] plan: desired=zajezyk.pl.
2018-02-18T19:39:32  [140516258113280] INFO  CloudflareProvider[cloudflare_shared] populate:   found 6 records
2018-02-18T19:39:32  [140516258113280] INFO  CloudflareProvider[cloudflare_shared] plan:   Creates=0, Updates=6, Deletes=0, Existing Records=6
2018-02-18T19:39:32  [140516258113280] INFO  Manager 
********************************************************************************
* zajezyk.pl.
********************************************************************************
* cloudflare_shared (CloudflareProvider)
*   Update
*     <TxtRecord TXT 1, x._domainkey.zajezyk.pl., ['v=DKIM1\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomyrwWA5VA6NlUFafVCBKYOanaZesoWMsIxk4QALoSw3bUUwIf8tRMxetOi9gBxqScXwjdqz5mu8+qtZrdGeh1UdvIFCX3r/dC7GYzK7uiNGi2bIRrjsrssLmHzlnNuI3IZ9G2PSrYcYqrkCX4TQhE0rj5hI2zNVW06RoTiJMqRh29GoKS07InYjaQXiND7Nief8MoJD1cGmGky6sHvsO1kwL1KbGfqXbw2bawpm0jUQUVCjBGm/kuteq2GlirooVeKI3OsC8NjW8mOuAKy+ECGajo59HNoI2gM4hNpbegSjm/DS5TnJoarSpk4a66bmWDBayoEmjHFWUFBZsKac9QIDAQAB']> ->
*     <TxtRecord TXT 7200, x._domainkey.zajezyk.pl., ['v=DKIM1\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomyrwWA5VA6NlUFafVCBKYOanaZesoWMsIxk4QALoSw3bUUwIf8tRMxetOi9gBxqScXwjdqz5mu8+qtZrdGeh1UdvIFCX3r/dC7GYzK7uiNGi2bIRrjsrssLmHzlnNuI3IZ9G2PSrYcYqrkCX4TQhE0rj5hI2zNVW06RoTiJMqRh29GoKS07InYjaQXiND7Nief8MoJD1cGmGky6sHvsO1kwL1KbGfqXbw2bawpm0jUQUVCjBGm/kuteq2GlirooVeKI3OsC8NjW8mOuAKy+ECGajo59HNoI2gM4hNpbegSjm/DS5TnJoarSpk4a66bmWDBayoEmjHFWUFBZsKac9QIDAQAB']> (config)
*   Update
*     <TxtRecord TXT 1, _domainkey.zajezyk.pl., ['o=~']> ->
*     <TxtRecord TXT 7200, _domainkey.zajezyk.pl., ['o=~']> (config)
*   Update
*     <ARecord A 1, zajezyk.pl., ['185.23.21.15']> ->
*     <ARecord A 7200, zajezyk.pl., ['185.23.21.15']> (config)
*   Update
*     <ARecord A 1, www.zajezyk.pl., ['185.23.21.15']> ->
*     <ARecord A 7200, www.zajezyk.pl., ['185.23.21.15']> (config)
*   Update
*     <TxtRecord TXT 1, zajezyk.pl., ['v=spf1 a mx include:_spf.zenbox.pl -all']> ->
*     <TxtRecord TXT 7200, zajezyk.pl., ['v=spf1 a mx include:_spf.zenbox.pl -all']> (config)
*   Update
*     <TxtRecord TXT 1, _dmarc.zajezyk.pl., ['v=DMARC1\; p=none\; sp=none\; rua=mailto:[email protected]']> ->
*     <TxtRecord TXT 7200, _dmarc.zajezyk.pl., ['v=DMARC1\; p=none\; sp=none\; rua=mailto:[email protected]']> (config)
*   Summary: Creates=0, Updates=6, Deletes=0, Existing Records=6
********************************************************************************


2018-02-18T19:39:32  [140516258113280] INFO  CloudflareProvider[cloudflare_shared] apply: making changes
Traceback (most recent call last):
  File "/home/adas/.virtualenvs/infra/bin/octodns-sync", line 11, in <module>
    sys.exit(main())
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/cmds/sync.py", line 39, in main
    dry_run=not args.doit, force=args.force)
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/manager.py", line 313, in sync
    total_changes += target.apply(plan)
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/provider/base.py", line 157, in apply
    self._apply(plan)
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/provider/cloudflare.py", line 285, in _apply
    getattr(self, '_apply_{}'.format(class_name))(change)
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/provider/cloudflare.py", line 252, in _apply_Update
    self._apply_Create(change)
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/provider/cloudflare.py", line 248, in _apply_Create
    self._request('POST', path, data=content)
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/provider/cloudflare.py", line 68, in _request
    resp.raise_for_status()
  File "/home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/requests/models.py", line 935, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://api.cloudflare.com/client/v4/zones/e63fd9e266f8b6ba6f227901ee7294fc/dns_records

    For debug purpuses I added

            if resp.status_code != 200:
            import pdb; pdb.set_trace()

    in cloudflare.py in 68-69 lines.

    Next to I got following result:

    $ octodns-sync --config-file=./env/production.yaml zajezyk.pl. --doit
2018-02-18T19:41:06  [140449092114176] INFO  Manager __init__: config_file=./env/production.yaml
2018-02-18T19:41:06  [140449092114176] INFO  Manager __init__:   max_workers=1
2018-02-18T19:41:06  [140449092114176] INFO  Manager __init__:   max_workers=False
2018-02-18T19:41:06  [140449092114176] INFO  Manager sync: eligible_zones=['zajezyk.pl.'], eligible_targets=[], dry_run=False, force=False
2018-02-18T19:41:06  [140449092114176] INFO  Manager sync:   zone=zajezyk.pl.
2018-02-18T19:41:06  [140449092114176] INFO  Manager sync:   sources=['config'] -> targets=['cloudflare_shared']
2018-02-18T19:41:06  [140449092114176] INFO  YamlProvider[config] populate:   found 6 records
2018-02-18T19:41:06  [140449092114176] INFO  CloudflareProvider[cloudflare_shared] plan: desired=zajezyk.pl.
2018-02-18T19:41:08  [140449092114176] INFO  CloudflareProvider[cloudflare_shared] populate:   found 6 records
2018-02-18T19:41:08  [140449092114176] INFO  CloudflareProvider[cloudflare_shared] plan:   Creates=0, Updates=6, Deletes=0, Existing Records=6
2018-02-18T19:41:08  [140449092114176] INFO  Manager 
********************************************************************************
* zajezyk.pl.
********************************************************************************
* cloudflare_shared (CloudflareProvider)
*   Update
*     <TxtRecord TXT 1, x._domainkey.zajezyk.pl., ['v=DKIM1\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomyrwWA5VA6NlUFafVCBKYOanaZesoWMsIxk4QALoSw3bUUwIf8tRMxetOi9gBxqScXwjdqz5mu8+qtZrdGeh1UdvIFCX3r/dC7GYzK7uiNGi2bIRrjsrssLmHzlnNuI3IZ9G2PSrYcYqrkCX4TQhE0rj5hI2zNVW06RoTiJMqRh29GoKS07InYjaQXiND7Nief8MoJD1cGmGky6sHvsO1kwL1KbGfqXbw2bawpm0jUQUVCjBGm/kuteq2GlirooVeKI3OsC8NjW8mOuAKy+ECGajo59HNoI2gM4hNpbegSjm/DS5TnJoarSpk4a66bmWDBayoEmjHFWUFBZsKac9QIDAQAB']> ->
*     <TxtRecord TXT 7200, x._domainkey.zajezyk.pl., ['v=DKIM1\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomyrwWA5VA6NlUFafVCBKYOanaZesoWMsIxk4QALoSw3bUUwIf8tRMxetOi9gBxqScXwjdqz5mu8+qtZrdGeh1UdvIFCX3r/dC7GYzK7uiNGi2bIRrjsrssLmHzlnNuI3IZ9G2PSrYcYqrkCX4TQhE0rj5hI2zNVW06RoTiJMqRh29GoKS07InYjaQXiND7Nief8MoJD1cGmGky6sHvsO1kwL1KbGfqXbw2bawpm0jUQUVCjBGm/kuteq2GlirooVeKI3OsC8NjW8mOuAKy+ECGajo59HNoI2gM4hNpbegSjm/DS5TnJoarSpk4a66bmWDBayoEmjHFWUFBZsKac9QIDAQAB']> (config)
*   Update
*     <TxtRecord TXT 1, _domainkey.zajezyk.pl., ['o=~']> ->
*     <TxtRecord TXT 7200, _domainkey.zajezyk.pl., ['o=~']> (config)
*   Update
*     <ARecord A 1, zajezyk.pl., ['185.23.21.15']> ->
*     <ARecord A 7200, zajezyk.pl., ['185.23.21.15']> (config)
*   Update
*     <ARecord A 1, www.zajezyk.pl., ['185.23.21.15']> ->
*     <ARecord A 7200, www.zajezyk.pl., ['185.23.21.15']> (config)
*   Update
*     <TxtRecord TXT 1, zajezyk.pl., ['v=spf1 a mx include:_spf.zenbox.pl -all']> ->
*     <TxtRecord TXT 7200, zajezyk.pl., ['v=spf1 a mx include:_spf.zenbox.pl -all']> (config)
*   Update
*     <TxtRecord TXT 1, _dmarc.zajezyk.pl., ['v=DMARC1\; p=none\; sp=none\; rua=mailto:[email protected]']> ->
*     <TxtRecord TXT 7200, _dmarc.zajezyk.pl., ['v=DMARC1\; p=none\; sp=none\; rua=mailto:[email protected]']> (config)
*   Summary: Creates=0, Updates=6, Deletes=0, Existing Records=6
********************************************************************************


2018-02-18T19:41:08  [140449092114176] INFO  CloudflareProvider[cloudflare_shared] apply: making changes
> /home/adas/.virtualenvs/infra/local/lib/python2.7/site-packages/octodns/provider/cloudflare.py(70)_request()
-> resp.raise_for_status()
(Pdb) print(resp)
<Response [400]>
(Pdb) resp.status_code
400
(Pdb) resp.json()
{u'errors': [{u'message': u'The record already exists.', u'code': 81057}], u'messages': [], u'result': None, u'success': False}
    Stale 
    opened by ad-m 10
  • Cloudflare ALIAS continually recreated

    Cloudflare ALIAS continually recreated

    Hello, I have run into a situation where I have a non-root alias recorded in Cloudflare. During creation, the record is correctly changed to a CNAME and added to Cloudflare. However, the record is continually replaced on future runs of Octodns since Ocotdns believes that it should still be an ALIAS.

    Example zone config

    test:
  ttl: 300
  type: A
  value: SOME_IP
ztest.test:
  octodns:
    cloudflare:
      proxied: true
    lenient: true
  ttl: 300
  type: ALIAS
  value: test.example.com.

    Example output

    octodns % octodns-sync --config-file config/example.com.yaml
2021-10-13T10:06:29  [4376120832] INFO  Manager __init__: config_file=config/example.com.yaml
2021-10-13T10:06:29  [4376120832] INFO  Manager __init__:   max_workers=1
2021-10-13T10:06:29  [4376120832] INFO  Manager __init__:   include_meta=False
2021-10-13T10:06:29  [4376120832] INFO  Manager sync: eligible_zones=[], eligible_targets=[], dry_run=True, force=False, plan_output_fh=<stdout>
2021-10-13T10:06:29  [4376120832] INFO  Manager sync:   zone=example.com.
2021-10-13T10:06:29  [4376120832] INFO  Manager sync:   sources=['data'] -> targets=['cloudflare']
2021-10-13T10:06:29  [4376120832] WARNING Record Invalid record ztest.test.example.com.
  - non-root ALIAS not allowed
2021-10-13T10:06:29  [4376120832] INFO  YamlProvider[data] populate:   found 2 records, exists=False
2021-10-13T10:06:29  [4376120832] INFO  CloudflareProvider[cloudflare] plan: desired=example.com.
2021-10-13T10:06:30  [4376120832] INFO  CloudflareProvider[cloudflare] populate:   found 2 records, exists=True
2021-10-13T10:06:30  [4376120832] INFO  CloudflareProvider[cloudflare] plan:   Creates=1, Updates=0, Deletes=1, Existing Records=2
2021-10-13T10:06:30  [4376120832] INFO  Manager 
********************************************************************************
* example.com.
********************************************************************************
* cloudflare (CloudflareProvider)
*   Create <AliasRecord ALIAS 300, ztest.test.example.com., test.example.com.> (data)
*   Delete <CnameRecord CNAME 300, ztest.test.example.com., test.example.com.>
*   Summary: Creates=1, Updates=0, Deletes=1, Existing Records=2
********************************************************************************

    I am using version 0.9.14 I expect there to be no change shown during sync.

    Stale 
    opened by awellock 7
  • octodns-dump does not print cloud flare proxy flag

    octodns-dump does not print cloud flare proxy flag

    Hey!

    This is a follow-up to https://github.com/github/octodns/pull/264 by @begincalendar.

    My dns records can be found at parkr/dns. In that repo, I have a script called script/dump which I use to dump new zones when I create them. I upgraded to octodns 0.9.3 and re-ran script/dump hoping to see the new proxied field in my config files. Alas, my YAML output was unchanged.

    Is it possible to add this provider-specific flag to octodns-dump?

    Here's my incantation:

    for zone in "${ZONES[@]}"; do
    echo "Processing zone $zone."
    ./vendor/bin/octodns-dump \
      --config-file config/production.yaml \
      --output-dir config \
      "$zone." cloudflare \
      "$@"
done

    (Also, I tried doing octodns-dump --version, and it would have no part of it. Think we could add a global --version flag to make checking versions easier?)

    Stale 
    opened by parkr 6
  • PR suggestion - add ignore_proxied setting to avoid overwriting CF setting

    PR suggestion - add ignore_proxied setting to avoid overwriting CF setting

    In my scenario, the source does not support the proxied setting, so when syncing to a CF target it always sets the proxied boolean as false.

    If we manually set the proxied setting on the CF website for some specific records then octodns-sync will set them to false again.

    We did a little change to include an ignore_proxied setting so if set to true, the proxied setting will not be included in the sync.

    Are you open to include this if I do a PR? these are the changes so far:

    __init__py:50

    def __init__(self, id, email=None, token=None, cdn=False, retry_count=4,
                 retry_period=300, zones_per_page=50, records_per_page=100,ignore_proxied=False,
                 *args, **kwargs):

    __init__py:71

    self.ignore_proxied = ignore_proxied

    __init__py:316

    if _type in _PROXIABLE_RECORD_TYPES:
            if not self.ignore_proxied:
                if( records[0].get('proxied', False)):
                    record._octodns['cloudflare'] = {
                        'proxied': records[0].get('proxied', False)
                    }
    Stale 
    opened by mrbarletta 5
  • Support TLSA Record

    Support TLSA Record

    Source of support (type also available in dashboard): https://blog.cloudflare.com/additional-record-types-available-with-cloudflare-dns/. Mostly used for DANE support in mail servers.

    args:

    • usage
    • selector
    • matching_type

    Currently my workflow fails because of

    AttributeError: 'CloudflareProvider' object has no attribute '_data_for_TLSA'. Did you mean: '_data_for_A'?

    There is nothing configured in octodns for TLSA just a manual dns record using the dashboard.

    opened by felixoi 4
  • Does Cloudflare changed his API ? Proxied record issue

    Does Cloudflare changed his API ? Proxied record issue

    Hello all,

    since ~1 month i'm not able to update CloudFlare records using OctoDNS. The config file i've used before was the same and suddenly it stopped to work. After tests (fortunately i run it using GitLab pipelines), like forcing OctoDNS to run an older version, issue is still here. So i guess CloudFlare did an update to his API regarding proxied records. For information, i usually run the latest OctoDNS from the Git repository here on master branch, and the issue is still there.

    All my records works if i put them manually in CloudFlare web gui, and i can proxy them. OctoDNS in dry mode does not detect any error with my record config file.

    Here the error i get: octodns.provider.cloudflare.CloudflareError: This kind of record cannot be proxied

    My record config file is quite big, but i can share it if you think it's relevant or are not able to reproduce my issue.

    Thanks a lot for your help.

    -- o_be_one

    Stale 
    opened by o-be-one 4
  • feat: add ignore_proxied config support

    feat: add ignore_proxied config support

    Adding this change will stop the proxied setting to be forcefully set for any _PROXIABLE_RECORD_TYPES record.

    Currently, if the source DNS doesn't support proxied setting, instead of ignoring the proxied flag, it will always be set to false overriding a change in the Cloudflare's DNS interface.

    IMHO, if the proxied flag is not set for a given record, it should not be set to false but ignored.

    Stale 
    opened by mrbarletta 3
  • Cloudflare: Alias record type on Apex always shows up as changing when proxied: true

    Cloudflare: Alias record type on Apex always shows up as changing when proxied: true

    Alias records on the Apex always show up as changing when proxied is set to true. Removing the proxied: true shows no records changing and doesn't undo the proxy through cloudflare config. Is any of this expected behavior? I would expect removing proxied: true, or setting proxied: false to actually change this apex record.

    ---
? ''
: - octodns:
      cloudflare:
        proxied: true
    ttl: 1
    type: ALIAS
    value: 123.kewlzone.net.

    (env)  ~/git/octodns   amurphy/kewlzone-net ●  octodns-sync --config-file=./config.yml kewlzone.net.     
2018-11-27T09:53:20  [140136761390272] INFO  Manager __init__: config_file=./config.yml
2018-11-27T09:53:20  [140136761390272] INFO  Manager __init__:   max_workers=1
2018-11-27T09:53:20  [140136761390272] INFO  Manager __init__:   max_workers=False
2018-11-27T09:53:20  [140136761390272] INFO  Manager sync: eligible_zones=['kewlzone.net.'], eligible_targets=[], dry_run=True, force=False
2018-11-27T09:53:20  [140136761390272] INFO  Manager sync:   zone=kewlzone.net.
2018-11-27T09:53:20  [140136761390272] INFO  Manager sync:   sources=['config'] -> targets=['cloudflare']
2018-11-27T09:53:20  [140136761390272] INFO  YamlProvider[config] populate:   found 6 records, exists=False
2018-11-27T09:53:20  [140136761390272] INFO  CloudflareProvider[cloudflare] plan: desired=kewlzone.net.
2018-11-27T09:53:21  [140136761390272] INFO  CloudflareProvider[cloudflare] populate:   found 6 records, exists=True
2018-11-27T09:53:21  [140136761390272] INFO  CloudflareProvider[cloudflare] plan:   filtered out 1 changes
2018-11-27T09:53:21  [140136761390272] INFO  CloudflareProvider[cloudflare] plan:   extra changes
  Update
    <AliasRecord ALIAS 1, kewlzone.net., 123.kewlzone.net.> ->
    <AliasRecord ALIAS 1, kewlzone.net., 123.kewlzone.net.> (config)
2018-11-27T09:53:21  [140136761390272] INFO  CloudflareProvider[cloudflare] plan:   Creates=0, Updates=1, Deletes=0, Existing Records=6
2018-11-27T09:53:21  [140136761390272] INFO  Manager 
********************************************************************************
* kewlzone.net.
********************************************************************************
* cloudflare (CloudflareProvider)
*   Update
*     <AliasRecord ALIAS 1, kewlzone.net., 123.kewlzone.net.> ->
*     <AliasRecord ALIAS 1, kewlzone.net., 123.kewlzone.net.> (config)
*   Summary: Creates=0, Updates=1, Deletes=0, Existing Records=6
********************************************************************************
    Stale 
    opened by Moumoutaru 3
  • Unable to convert CNAME record to A record on Cloudflare

    Unable to convert CNAME record to A record on Cloudflare

    I'm unable to change CNAME record to A.

    octodns version: 0.9.10

    * cloudflare (CloudflareProvider)
*   Create <ARecord A 3600, foo.example.com., ['1.1.1.1']> (yaml_example)
*   Delete <CnameRecord CNAME 3600, foo.example.com., bar01.example.net.>
*   Summary: Creates=1, Updates=0, Deletes=1, Existing Records=42
********************************************************************************


2021-01-28T17:26:04  [140277747840832] INFO  CloudflareProvider[cloudflare] apply: making changes
Traceback (most recent call last):
  File "./venv/bin/octodns-sync", line 8, in <module>
    sys.exit(main())
  File "/usr/lib/python3.8/site-packages/octodns/cmds/sync.py", line 38, in main
    manager.sync(eligible_zones=args.zone, eligible_targets=args.target,
  File "/usr/lib/python3.8/site-packages/octodns/manager.py", line 344, in sync
    total_changes += target.apply(plan)
  File "/usr/lib/python3.8/site-packages/octodns/provider/base.py", line 95, in apply
    self._apply(plan)
  File "/usr/lib/python3.8/site-packages/octodns/provider/cloudflare.py", line 576, in _apply
    getattr(self, '_apply_{}'.format(class_name))(change)
  File "/usr/lib/python3.8/site-packages/octodns/provider/cloudflare.py", line 433, in _apply_Create
    self._request('POST', path, data=content)
  File "/usr/lib/python3.8/site-packages/octodns/provider/cloudflare.py", line 101, in _request
    raise CloudflareError(resp.json())
octodns.provider.cloudflare.CloudflareError: A CNAME record with that host already exists.

    Similar issue octodns/octodns#507 but for Route53 provider.

    Stale 
    opened by deric 3
  • Cloudflare provider assumes a zone does not exist when it has no records

    Cloudflare provider assumes a zone does not exist when it has no records

    We ran into an issue when using the Cloudflare provider for a new, existing zone with no DNS records. It will try to create the zone, even though it already exists:

    ********************************************************************************
* domain.com.
********************************************************************************
* cloudflare (CloudflareProvider)
*   Create Zone<domain.com.>
*   Create <CnameRecord CNAME 1, record.domain.com., record.domain2.com.> (config)
*   Summary: Creates=1, Updates=0, Deletes=0, Existing Records=0
********************************************************************************

    After creating a single test record test.domain.com manually via the Cloudflare interface, this is the result:

    ********************************************************************************
* domain.com.
********************************************************************************
* cloudflare (CloudflareProvider)
*   Create <CnameRecord CNAME 1, record.domain.com., record.domain2.com.> (config)
*   Delete <ARecord A 1, test.domain.com., ['127.0.0.1']>
*   Summary: Creates=1, Updates=0, Deletes=1, Existing Records=1
********************************************************************************

    As you can see it no longer tries to create the zone. I suspect it has something to do with the code around this line: https://github.com/octodns/octodns/blob/master/octodns/provider/cloudflare.py#L338.

    Stale 
    opened by LukasdeBoer 3
  • issues dumping records from Cloudflare

    issues dumping records from Cloudflare

    Hi,

    Having some issues trying to dump existing records in CF.

    Config:

    ---
manager:
  max_workers: 2
providers:
  config:
    class: octodns.provider.yaml.YamlProvider
    directory: ../config
    default_ttl: 3600
    enforce_order: True
    

  cloudflare:
    class: octodns_cloudflare.CloudflareProvider
    # The api key (required)
    # Your Cloudflare account email address (required, optional if using token)
    email: env/CLOUDFLARE_EMAIL
    token: env/CLOUDFLARE_TOKEN

    source .source
(octodnsenv) ➜  config cat .source
export CLOUDFLARE_EMAIL='myemail'
export CLOUDFLARE_TOKEN='mytoken'

    Running dump:

    (octodnsenv) ➜  config octodns-dump --config-file=prod.yaml --output-dir=tmp/ mydomain.tld. cloudflare --debug
2022-02-28T00:16:22  [4371137920] INFO  Manager __init__: config_file=prod.yaml
2022-02-28T00:16:22  [4371137920] INFO  Manager __init__:   max_workers=2
2022-02-28T00:16:22  [4371137920] INFO  Manager __init__:   include_meta=False
2022-02-28T00:16:22  [4371137920] DEBUG Manager __init__:   configuring providers
2022-02-28T00:16:22  [4371137920] DEBUG YamlProvider[config] __init__: id=config, directory=../config, default_ttl=3600, enforce_order=1, populate_should_replace=0
2022-02-28T00:16:22  [4371137920] DEBUG YamlProvider[config] __init__: id=config, apply_disabled=False, update_pcent_threshold=0.30, delete_pcent_threshold=0.30
2022-02-28T00:16:22  [4371137920] DEBUG CloudflareProvider[cloudflare] __init__: id=cloudflare, email=myemail, token=***, cdn=False
2022-02-28T00:16:22  [4371137920] DEBUG CloudflareProvider[cloudflare] __init__: id=cloudflare, apply_disabled=False, update_pcent_threshold=0.30, delete_pcent_threshold=0.30
Traceback (most recent call last):
  File "/Users/blk/git/octodns/octodnsenv/bin/octodns-dump", line 8, in <module>
    sys.exit(main())
  File "/Users/blk/git/octodns/octodnsenv/lib/python3.9/site-packages/octodns/cmds/dump.py", line 33, in main
    manager = Manager(args.config_file)
  File "/Users/blk/git/octodns/octodnsenv/lib/python3.9/site-packages/octodns/manager.py", line 145, in __init__
    for name in sorted(self.config['zones'].keys(), key=lambda s: s[::-1]):
KeyError: 'zones'

    (octodnsenv) ➜  config pip list | grep octodns
octodns            0.9.15
octodns-cloudflare 0.0.1

    Dir structure:

    (octodnsenv) ➜  octodns tree config
config
└── prod.yaml

    mydomain.tld redacted, along with email and token Confirming that env shows my email and token. Cloudflare token generate from READ all template and tried granting permissions to single account / all accounts.

    (octodnsenv) ➜  octodns python -V
Python 3.9.8

    Thanks

    Stale 
    opened by mihaiturcu 2
  • SPF records can no longer be created

    SPF records can no longer be created

    TXT records should be used instead. See https://github.com/octodns/octodns-cloudflare/issues/28 for more details.

    /cc Fixes https://github.com/octodns/octodns-cloudflare/issues/28 /cc @felixoi

    opened by ross 0
  • Cloudflare no longer supports SPF records

    Cloudflare no longer supports SPF records

    This provider states to support SPF records. As my syncs started failing after adding a SPF record, I debugged this a bit.

    I did not find any official changelog but Cloudflare no longer supports SPF records. It answers with: "DNS Validation Error (Code: 1004) The SPF record type was deprecated in RFC 7208 and is no longer supported. Use a TXT record instead". IMO this provider should also stop advertising the support for this type of record.

    opened by felixoi 8
Owner
octoDNS
DNS as code - Tools for managing DNS across multiple providers
octoDNS
GitHub
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

Oli Zimmermann 1 Jan 11, 2022
DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS.

What is DNSStager? DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create a malic

Askar 547 Dec 20, 2022
Way find out if DNS is down or your instance

DNS-PING Way to find out if DNS is down or your instance Problem: At times it happens that DNS provider services of a website URL is down and so to re

Giten Mitra 4 Nov 18, 2022
ExtDNS synchronizes labeled records in docker-compose with DNS providers.

ExtDNS for docker-compose ExtDNS synchronizes labeled records in docker-compose with DNS providers. Inspired by External DNS, ExtDNS makes resources d

DNTSK 6 Dec 24, 2022
mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server.

mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server.

Fox-IT 1.3k Jan 5, 2023
🥑 A Python ARP and DNS Spoofer CLI and INTERFACE 🥓

NEXTGEN SPOOFER ?? A Python ARP and DNS Spoofer CLI and INTERFACE ?? CLI -> advanced pentesters INTERFACE -> beginners SetUp Make sure you installed P

null 9 Dec 25, 2022
Script and library to wait for a DNS authority server to get its configuration.

DNSWait dnswait is a small script to wait for the "propagation" of a namserver configuration. Installing It's as easy as: python -m pip install dnswai

Julien Palard 14 Jan 17, 2022
Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package

Build custom OSINT tools and APIs with this python package - It includes different OSINT modules (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whoi

QeeqBox 52 Jan 6, 2023
Dark Utilities - Cloudflare Uam Bypass

Dark Utilities - Cloudflare Uam Bypass

Inplex-sys 26 Dec 14, 2022
A pure python implementation of multicast DNS service discovery

python-zeroconf Documentation. This is fork of pyzeroconf, Multicast DNS Service Discovery for Python, originally by Paul Scott-Murphy (https://github

Jakub Stasiak 483 Dec 29, 2022
A great python/java dynamic DNS service for NameSilo, with log, email reminder...

English NameSilo DDNS is a DDNS service for NameSilo domain names for home broadband , it can automatically detect IP changes in home broadband

云牧青 77 Dec 28, 2022
Heroku Cloudflare App Domain

Heroku Cloudflare App Domain Creating branded herokuapp.com-like domains using Cloudflare, based on the app name (eg my-app-prod.example.com). Feature

Torchbox 2 Oct 4, 2022
WARP+ uses Cloudflare’s virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet

WARP+ uses Cloudflare’s virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet

Rivane Rasetiansyah 3 Apr 1, 2022
Automatically block traffic on Cloudflare's side based on Nginx Log parsing.

AutoRL This is a PoC of automatically block traffic on Cloudflare's side based on Nginx Log parsing. It will evaluate Nginx access.log and find potent

Nova Kwok 62 Dec 28, 2022
Makes dynamically updating your Cloudflare DNS records a bit easier ⏩👍😎

Easy Dynamic Cloudflare DNS Updater Makes dynamically updating your Cloudflare DNS records a bit easier ⏩ ?? ?? If using it as a 'Dynamic DNS' client,

Zac Koch 3 Dec 19, 2021
Purpose To make a cloudflare challenge pass successfully, Can be use cf_clearance bypassed by cloudflare

Purpose To make a cloudflare challenge pass successfully, Can be use cf_clearance bypassed by cloudflare, However, with the cf_clearance, make sure you use the same IP and UA as when you got it.

vvanglro 129 Jan 9, 2023
EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

EchoDNS - Analyze your DNS traffic super easy, shows all requested DNS traffic

Oli Zimmermann 1 Jan 11, 2022
Python DNS Lookup: The Domain Name System (DNS) is basically the phonebook of the Internet

-Python-DNS-Lookup- ✨ ?? Python DNS Lookup ✨ ?? The Domain Name System (DNS) is

Ronnie Atuhaire 2 Feb 14, 2022
Dns-Client-Server - Dns Client Server For Python

Dns-client-server DNS Server: supporting all types of queries and replies. Shoul

Nishant Badgujar 1 Feb 15, 2022
Apache Libcloud is a Python library which hides differences between different cloud provider APIs and allows you to manage different cloud resources through a unified and easy to use API

Apache Libcloud - a unified interface for the cloud Apache Libcloud is a Python library which hides differences between different cloud provider APIs

The Apache Software Foundation 1.9k Dec 25, 2022