Skip to content

toodlepip/cloudflare-ddns

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
cf-update-dns.py
cf-update-dns.py
 
 
settings.example.py
settings.example.py
 
 

Repository files navigation

Cloudflare Dynamic DNS Updater

This script updates a Cloudflare DNS record dynamically when the public IP address changes. It's going to come in handy if you have a server hosted on an ISP that allocated IP addresses via DHCP.

The script is written for Linux/macOS but could be easily adapted for other environments. Logging, error reporting and log rotation are handled on the first run, if they're not set up.

Error reporting via email will only be triggered, on error, if the email settings are included in settings.py.

How It Works

  • The script checks the current public IP address.
  • It retrieves the existing DNS record from Cloudflare.
  • If the public IP has changed, the script updates the Cloudflare DNS record.
  • If an error occurs, an email notification is sent.

Requirements

  • A Cloudflare account with API access.
  • An API Token with permissions to update DNS records.
  • A domain managed in Cloudflare.
  • Python 3 installed on your system.

Creating a Cloudflare API Token

To enhance security by limiting API access to a specific domain, you can create a Cloudflare API token with restricted permissions. Follow these steps:

  1. Log in to Cloudflare Dashboard:

  2. Access API Tokens:

    • Click on your profile icon and choose "My Profile".
    • Go to the "API Tokens" tab.

  3. Create a New Token:

    • Select "Create Token".
    • You can use a template like "Edit zone DNS" or start with a custom token.

  4. Configure Token Permissions:

    • Permissions: Set to "Zone" > "DNS" > "Edit" to allow DNS modifications.
    • Zone Resources: Choose "Include" > "Specific zone" and select your domain (e.g., yourdomain.com).

  5. Optional Restrictions:

    • IP Address Filtering: Specify IP ranges that can use this token.
    • Time to Live (TTL): Define the token's validity period.

  6. Finalize and Save:

    • Review your settings.
    • Click "Create Token".
    • Copy and securely store the token; it will be shown only once.

For detailed guidance, refer to Cloudflare's official documentation on creating API tokens.

Note: Currently, Cloudflare API tokens can be scoped to entire zones (domains) but not to individual subdomains. To restrict access to a subdomain, consider adding it as a separate zone in Cloudflare. More details can be found in this Cloudflare community discussion.

By following these steps, you ensure that the API token has permissions limited to the specified domain, enhancing the security of your Cloudflare account.

Finding Your Cloudflare Zone ID

To retrieve your Cloudflare Zone ID, follow these steps:

  1. Log in to Cloudflare Dashboard:

  2. Select Your Domain:

    • From your list of domains, click on the domain for which you need the Zone ID.

  3. Access the Overview Page:

    • Upon selecting your domain, you'll be directed to the Overview page.

  4. Locate the API Section:

    • On the right-hand side of the Overview page, find the API section.

  5. Find Your Zone ID:

    • Within the API section, your Zone ID will be displayed.

An example of a Cloudflare Zone ID:

023e105f4ecef8ad9ca31a8372d0c353

For more detailed information, refer to Cloudflare's official documentation on finding your Zone and Account IDs.

Setup

  1. Clone this repository:

    git clone https://github.com/toodlepip/cloudflare-ddns.git
cd cloudflare-ddns

  2. Install required dependencies:

    pip install requests

  3. Copy settings.example.py to settings.py and update it with your credentials:

    cp settings.example.py settings.py

  4. Edit settings.py with your Cloudflare and email credentials:

    CLOUDFLARE_API_KEY = "your-api-key-here"
CLOUDFLARE_EMAIL = "your-email@example.com"
ZONE_ID = "your-cloudflare-zone-id"
RECORD_NAME = "your.domain.com"

SMTP_SERVER = "your-smtp-server"
SMTP_PORT = 587
SMTP_USERNAME = "your-smtp-username"
SMTP_PASSWORD = "your-smtp-password"
EMAIL_FROM = "your-email@example.com"
EMAIL_TO = "your-email@example.com"

Usage

  • Run the script manually:

    sudo python3 cf-update-dns.py

  • Automate using a cron job:

    sudo vi /etc/crontab

    Add the following line to run the script every hour at 15 minutes past the hour:

    15 * * * * root /usr/bin/python3 /var/local/cloudflare-ddns/cf-update-dns.py

Security Considerations

  • Do not commit settings.py as it contains sensitive credentials.
  • Use strong API tokens with limited permissions.
  • Restrict file permissions for settings.py: 
    chmod 600 settings.py

Logging

  • Logs are written to /var/log/cloudflare-ddns.log.
  • Log rotation is automatically configured to prevent excessive growth.

Troubleshooting

  • Ensure you have the correct API permissions in Cloudflare.
  • Check logs for errors: 
    cat /var/log/cloudflare-ddns.log
  • Verify that the script has the correct Python dependencies installed.

License

This project is licensed under the MIT License - see the MIT License for details.

Thanks

Thanks to Akash Rajpurohit whose original blog post inspired this approach.

About

Automated updates of Cloudflare DNS record for hosts with a dynamically assigned IP address

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages