3 #.Distributed under the terms of the GNU General Public License (GPL) version 2.0
5 # script for sending updates to cloudflare.com
6 #.based on Ben Kulbertis cloudflare-update-record.sh found at http://gist.github.com/benkulbertis
7 #.and on George Johnson's cf-ddns.sh found at https://github.com/gstuartj/cf-ddns.sh
8 #.2016 Christian Schoenebeck <christian dot schoenebeck at gmail dot com>
9 # CloudFlare API documentation at https://api.cloudflare.com/
11 # This script is parsed by dynamic_dns_functions.sh inside send_update() function
13 # using following options from /etc/config/ddns
14 # option username - your cloudflare e-mail
15 # option password - cloudflare api key, you can get it from cloudflare.com/my-account/
16 # option domain - "hostname@yourdomain.TLD" # syntax changed to remove split_FQDN() function and tld_names.dat.gz
18 # variable __IP already defined with the ip-address to use for update
22 [ -z "$CURL_SSL" ] && write_log 14 "Cloudflare communication require cURL with SSL support. Please install"
23 [ -z "$username" ] && write_log 14 "Service section not configured correctly! Missing key as 'username'"
24 [ -z "$password" ] && write_log 14 "Service section not configured correctly! Missing secret as 'password'"
25 [ $use_https -eq 0 ] && use_https=1 # force HTTPS
28 local __HOST __DOMAIN __TYPE __URLBASE __PRGBASE __RUNPROG __DATA __IPV6 __ZONEID __RECID
29 local __URLBASE="https://api.cloudflare.com/client/v4"
31 # split __HOST __DOMAIN from $domain
32 __HOST=$(printf %s "$domain" | cut -d@ -f1)
33 __DOMAIN=$(printf %s "$domain" | cut -d@ -f2)
35 # __HOST != __DOMAIN then host@domain.tld => host.domain.tld
36 [ "$__HOST" = "$__DOMAIN" ] || __HOST=$(printf %s "$domain" | tr "@" ".")
39 [ $use_ipv6 -eq 0 ] && __TYPE="A" || __TYPE="AAAA"
41 # transfer function to use for godaddy
42 # all needed variables are set global here
43 # so we can use them directly
44 cloudflare_transfer() {
48 write_log 7 "#> $__RUNPROG"
50 __ERR=$? # save communication error
51 [ $__ERR -eq 0 ] && break # no error break while
53 write_log 3 "cURL Error: '$__ERR'"
54 write_log 7 "$(cat $ERRFILE)" # report error
56 [ $VERBOSE_MODE -gt 1 ] && {
57 # VERBOSE_MODE > 1 then NO retry
58 write_log 4 "Transfer failed - Verbose Mode: $VERBOSE_MODE - NO retry on error"
62 __CNT=$(( $__CNT + 1 )) # increment error counter
63 # if error count > retry_count leave here
64 [ $retry_count -gt 0 -a $__CNT -gt $retry_count ] && \
65 write_log 14 "Transfer failed after $retry_count retries"
67 write_log 4 "Transfer failed - retry $__CNT/$retry_count in $RETRY_SECONDS seconds"
68 sleep $RETRY_SECONDS &
70 wait $PID_SLEEP # enable trap-handler
75 grep -q '"success":true' $DATFILE || {
76 write_log 4 "CloudFlare reported an error:"
77 write_log 7 "$(cat $DATFILE)" # report error
78 return 1 # HTTP-Fehler
82 # Build base command to use
83 __PRGBASE="$CURL -RsS -o $DATFILE --stderr $ERRFILE"
84 # force network/interface-device to use for communication
85 if [ -n "$bind_network" ]; then
87 network_get_physdev __DEVICE $bind_network || \
88 write_log 13 "Can not detect local device using 'network_get_physdev $bind_network' - Error: '$?'"
89 write_log 7 "Force communication via device '$__DEVICE'"
90 __PRGBASE="$__PRGBASE --interface $__DEVICE"
92 # force ip version to use
93 if [ $force_ipversion -eq 1 ]; then
94 [ $use_ipv6 -eq 0 ] && __PRGBASE="$__PRGBASE -4" || __PRGBASE="$__PRGBASE -6" # force IPv4/IPv6
96 # set certificate parameters
97 if [ "$cacert" = "IGNORE" ]; then # idea from Ticket #15327 to ignore server cert
98 __PRGBASE="$__PRGBASE --insecure" # but not empty better to use "IGNORE"
99 elif [ -f "$cacert" ]; then
100 __PRGBASE="$__PRGBASE --cacert $cacert"
101 elif [ -d "$cacert" ]; then
102 __PRGBASE="$__PRGBASE --capath $cacert"
103 elif [ -n "$cacert" ]; then # it's not a file and not a directory but given
104 write_log 14 "No valid certificate(s) found at '$cacert' for HTTPS communication"
106 # disable proxy if not set (there might be .wgetrc or .curlrc or wrong environment set)
107 # or check if libcurl compiled with proxy support
108 if [ -z "$proxy" ]; then
109 __PRGBASE="$__PRGBASE --noproxy '*'"
110 elif [ -z "$CURL_PROXY" ]; then
111 # if libcurl has no proxy support and proxy should be used then force ERROR
112 write_log 13 "cURL: libcurl compiled without Proxy support"
115 __PRGBASE="$__PRGBASE --header 'X-Auth-Email: $username' "
116 __PRGBASE="$__PRGBASE --header 'X-Auth-Key: $password' "
117 __PRGBASE="$__PRGBASE --header 'Content-Type: application/json' "
118 # __PRGBASE="$__PRGBASE --header 'Accept: application/json' "
120 # read zone id for registered domain.TLD
121 __RUNPROG="$__PRGBASE --request GET $__URLBASE/zones?name=$__DOMAIN"
122 cloudflare_transfer || return 1
124 __ZONEID=$(grep -o '"id":"[^"]*' $DATFILE | grep -o '[^"]*$' | head -1)
125 [ -z "$__ZONEID" ] && {
126 write_log 4 "Could not detect 'zone id' for domain.tld: '$__DOMAIN'"
130 # read record id for A or AAAA record of host.domain.TLD
131 __RUNPROG="$__PRGBASE --request GET $__URLBASE/zones/$__ZONEID/dns_records?name=$__HOST&type=$__TYPE"
132 cloudflare_transfer || return 1
134 __RECID=$(grep -o '"id":"[^"]*' $DATFILE | grep -o '[^"]*$' | head -1)
135 [ -z "$__RECID" ] && {
136 write_log 4 "Could not detect 'record id' for host.domain.tld: '$__HOST'"
140 # extract current stored IP
141 __DATA=$(grep -o '"content":"[^"]*' $DATFILE | grep -o '[^"]*$' | head -1)
144 [ $use_ipv6 -eq 0 ] \
145 && __DATA=$(printf "%s" "$__DATA" | grep -m 1 -o "$IPV4_REGEX") \
146 || __DATA=$(printf "%s" "$__DATA" | grep -m 1 -o "$IPV6_REGEX")
148 # we got data so verify
149 [ -n "$__DATA" ] && {
150 # expand IPv6 for compare
151 if [ $use_ipv6 -eq 1 ]; then
152 expand_ipv6 $__IP __IPV6
153 expand_ipv6 $__DATA __DATA
154 [ "$__DATA" = "$__IPV6" ] && { # IPv6 no update needed
155 write_log 7 "IPv6 at CloudFlare.com already up to date"
159 [ "$__DATA" = "$__IP" ] && { # IPv4 no update needed
160 write_log 7 "IPv4 at CloudFlare.com already up to date"
167 # let's build data to send,
168 # use file to work around " needed for json
169 cat > $DATFILE << EOF
170 {"id":"$__ZONEID","type":"$__TYPE","name":"$__HOST","content":"$__IP"}
173 # let's complete transfer command
174 __RUNPROG="$__PRGBASE --request PUT --data @$DATFILE $__URLBASE/zones/$__ZONEID/dns_records/$__RECID"
175 cloudflare_transfer || return 1