-
Notifications
You must be signed in to change notification settings - Fork 10
/
install-and-configure-cloudflare-dns-updater-service.yaml
137 lines (113 loc) · 4.83 KB
/
install-and-configure-cloudflare-dns-updater-service.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
---
- name: Install and configure Cloudflare DNS record updater service
# https://community.cloudflare.com/t/update-dns-records-via-api/132221
hosts: all
gather_facts: true
vars:
service_file_name: cloudflare-dns-updater.service
service_file_location: /etc/systemd/system/cloudflare-dns-updater.service
timer_file_name: cloudflare-dns-updater.timer
timer_file_location: /etc/systemd/system/cloudflare-dns-updater.timer
service_script_location: /usr/local/bin/cloudflare-dns-record-update.sh
tasks:
- name: Required dependencies
become: true
apt:
update_cache: yes
pkg:
- jq
state: latest
- name: "Remove {{ item }}"
become: true
file:
path: "{{ item }}"
state: absent
with_items:
- "{{ service_file_location }}"
- "{{ timer_file_location }}"
- "{{ service_script_location }}"
- name: "Create {{ item }}"
become: true
file:
path: "{{ item }}"
state: touch
with_items:
- "{{ service_file_location }}"
- "{{ timer_file_location }}"
- "{{ service_script_location }}"
- name: "Populate {{ service_file_location }} file"
become: True
blockinfile:
path: "{{ service_file_location }}"
block: |
[Unit]
Description=Cloudflare DNS Record Updater
[Service]
ExecStart=bash {{ service_script_location }}
Restart=on-failure
Type=oneshot
User={{ ansible_user }}
[Install]
WantedBy=multi-user.target
- name: "Populate {{ timer_file_location }} file"
become: True
blockinfile:
path: "{{ timer_file_location }}"
block: |
[Unit]
Description=Timer to run Cloudflare DNS Record Updater service every 4 hours
[Timer]
OnCalendar=00/4:00
[Install]
WantedBy=timers.target
- name: "Populate {{ service_script_location }} file"
become: True
blockinfile:
path: "{{ service_script_location }}"
block: |
#! /bin/bash
# Inspired from this page https://gist.github.com/Tras2/cba88201b17d765ec065ccbedfb16d9a
# Script to update a Cloudflare DNS record with the current public IP address
# of the machine from which this script is run
# Needs the DNS record pre-creating on Cloudflare
# Cloudflare zone ID is the zone ID for the Zone which holds the record
zone_id="{{ cloudflare.zone_id }}"
# Auth details, this is the Bearer Token
auth_key="{{ cloudflare.auth_key }}"
# Domain name
domain_name="{{ domain_name }}"
# Get the current external IP address
ip=$(curl -s -X GET https://checkip.amazonaws.com)
echo "Current IP is ${ip}"
cloudflare_api_base_url="https://api.cloudflare.com/client/v4"
echo "Zone ID is ${zone_id}"
dns_records=$(curl -s -X GET "${cloudflare_api_base_url}/zones/${zone_id}/dns_records" \
-H "Authorization: Bearer ${auth_key}" \
-H "Content-Type: application/json" | jq -r '{"result"}[]')
echo "${dns_records[@]}" | jq -c '.[]' | while read dns_record; do
dns_record_name=$(echo "${dns_record}" | jq -r '.name')
if [[ "${dns_record_name}" != "*.${domain_name}" && "${dns_record_name}" != "${domain_name}" ]]; then
echo "Skipping '${dns_record_name}' cause it doesnt match '${domain_name}' and '*.${domain_name}'"
continue
fi
dns_record_ip=$(echo "${dns_record}" | jq -r '.content')
if [ "${ip}" == "${dns_record_ip}" ]; then
echo "IP address for ${dns_record_name} is already ${ip}"
continue
fi
dns_record_id=$(echo "${dns_record}" | jq -r '.id')
dns_record_type=$(echo "${dns_record}" | jq -r '.type')
dns_record_ttl=$(echo "${dns_record}" | jq -r '.ttl')
dns_record_proxied=$(echo "${dns_record}" | jq -r '.proxied')
echo "DNS Record ${dns_record_name} has ID ${dns_record_id} and IP ${dns_record_ip}"
echo "Updating ${dns_record_name} to ${ip}"
curl -s -X PUT "${cloudflare_api_base_url}/zones/${zone_id}/dns_records/${dns_record_id}" \
-H "Authorization: Bearer ${auth_key}" \
-H "Content-Type: application/json" \
--data '{"type":"'${dns_record_type}'","name":"'${dns_record_name}'","content":"'${ip}'","ttl":'${dns_record_ttl}',"proxied":'${dns_record_proxied}'}'
done
- name: "Reload Systemd timer {{ timer_file_name }}"
include_tasks: tasks-reload-systemd-service.yaml
vars:
become: True
service_name: "{{ timer_file_name }}"