From 703cac8d18d8ef7a0da1b381522e3f0536c6e7b8 Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 22:33:54 +0000 Subject: [PATCH 01/12] Use functions --- cloudflare-template.sh | 214 +++++++++++++++++++++-------------------- 1 file changed, 111 insertions(+), 103 deletions(-) diff --git a/cloudflare-template.sh b/cloudflare-template.sh index 32cbaa8..66b48b3 100644 --- a/cloudflare-template.sh +++ b/cloudflare-template.sh @@ -14,110 +14,118 @@ slackuri="" # URI for Slack WebHook "htt discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" -########################################### -## Check if we have a public IP -########################################### -ipv4_regex='([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])' -ip=$(curl -s -4 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip'); ret=$? -if [[ ! $ret == 0 ]]; then # In the case that cloudflare failed to return an ip. - # Attempt to get the ip from other websites. - ip=$(curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com) -else - # Extract just the ip from the ip line from cloudflare. - ip=$(echo $ip | sed -E "s/^ip=($ipv4_regex)$/\1/") -fi - -# Use regex to check for proper IPv4 format. -if [[ ! $ip =~ ^$ipv4_regex$ ]]; then - logger -s "DDNS Updater: Failed to find a valid IP." - exit 2 -fi - -########################################### -## Check and set the proper auth header -########################################### -if [[ "${auth_method}" == "global" ]]; then - auth_header="X-Auth-Key:" -else - auth_header="Authorization: Bearer" -fi - -########################################### -## Seek for the A record -########################################### - -logger "DDNS Updater: Check Initiated" -record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=A&name=$record_name" \ - -H "X-Auth-Email: $auth_email" \ - -H "$auth_header $auth_key" \ - -H "Content-Type: application/json") - -########################################### -## Check if the domain has an A record -########################################### -if [[ $record == *"\"count\":0"* ]]; then - logger -s "DDNS Updater: Record does not exist, perhaps create one first? (${ip} for ${record_name})" - exit 1 -fi - -########################################### -## Get existing IP -########################################### -old_ip=$(echo "$record" | sed -E 's/.*"content":"(([0-9]{1,3}\.){3}[0-9]{1,3})".*/\1/') -# Compare if they're the same -if [[ $ip == $old_ip ]]; then - logger "DDNS Updater: IP ($ip) for ${record_name} has not changed." - exit 0 -fi - -########################################### -## Set the record identifier from result -########################################### -record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') - -########################################### -## Change the IP@Cloudflare using the API -########################################### -update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \ - -H "X-Auth-Email: $auth_email" \ - -H "$auth_header $auth_key" \ - -H "Content-Type: application/json" \ - --data "{\"type\":\"A\",\"name\":\"$record_name\",\"content\":\"$ip\",\"ttl\":\"$ttl\",\"proxied\":${proxy}}") - -########################################### -## Report the status -########################################### -case "$update" in -*"\"success\":false"*) - echo -e "DDNS Updater: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s - if [[ $slackuri != "" ]]; then - curl -L -X POST $slackuri \ - --data-raw '{ - "channel": "'$slackchannel'", - "text" : "'"$sitename"' DDNS Update Failed: '$record_name': '$record_identifier' ('$ip')." - }' +validate_variables(){ + # Validate required variables + if [[ -z $auth_email || -z $auth_key || -z $zone_identifier || -z $record_name ]]; then + echo "Missing required variables. Please provide values for 'auth_email', 'auth_key', 'zone_identifier', and 'record_name'." + exit 1 + fi +} + +check_ipv4_is_available(){ + ipv4_regex='([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])' + + ip=$(curl -s -4 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip'); ret=$? + if [[ ! $ret == 0 ]]; then # In the case that cloudflare failed to return an ip. + # Attempt to get the ip from other websites. + ip=$(curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com) + else + # Extract just the ip from the ip line from cloudflare. + ip=$(echo $ip | sed -E "s/^ip=($ipv4_regex)$/\1/") fi - if [[ $discorduri != "" ]]; then - curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ - --data-raw '{ - "content" : "'"$sitename"' DDNS Update Failed: '$record_name': '$record_identifier' ('$ip')." - }' $discorduri + + # Use regex to check for proper IPv4 format. + if [[ ! $ip =~ ^$ipv4_regex$ ]]; then + logger -s "DDNS Updater: Failed to find a valid IP." + exit 2 fi - exit 1;; -*) - logger "DDNS Updater: $ip $record_name DDNS updated." - if [[ $slackuri != "" ]]; then - curl -L -X POST $slackuri \ - --data-raw '{ - "channel": "'$slackchannel'", - "text" : "'"$sitename"' Updated: '$record_name''"'"'s'""' new IP Address is '$ip'" - }' +} + +set_auth_headers(){ + if [[ "${auth_method}" == "global" ]]; then + auth_header="X-Auth-Key:" + else + auth_header="Authorization: Bearer" fi - if [[ $discorduri != "" ]]; then - curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ - --data-raw '{ - "content" : "'"$sitename"' Updated: '$record_name''"'"'s'""' new IP Address is '$ip'" - }' $discorduri +} + + +check_if_a_record_exists(){ + logger "DDNS Updater: Check Initiated" + record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=A&name=$record_name" \ + -H "X-Auth-Email: $auth_email" \ + -H "$auth_header $auth_key" \ + -H "Content-Type: application/json") + + if [[ $record == *"\"count\":0"* ]]; then + logger -s "DDNS Updater: Record does not exist, perhaps create one first? (${ip} for ${record_name})" + exit 1 fi - exit 0;; -esac +} + +get_current_ip_from_cloudflare(){ + old_ip=$(echo "$record" | sed -E 's/.*"content":"(([0-9]{1,3}\.){3}[0-9]{1,3})".*/\1/') + # Compare if they're the same + if [[ $ip == $old_ip ]]; then + logger "DDNS Updater: IP ($ip) for ${record_name} has not changed." + exit 0 + fi +} + +update_ip_on_cloudflare(){ + record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') + + + update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \ + -H "X-Auth-Email: $auth_email" \ + -H "$auth_header $auth_key" \ + -H "Content-Type: application/json" \ + --data "{\"type\":\"A\",\"name\":\"$record_name\",\"content\":\"$ip\",\"ttl\":\"$ttl\",\"proxied\":${proxy}}") +} + +send_webhooks(){ + case "$update" in + *"\"success\":false"*) + echo -e "DDNS Updater: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s + if [[ $slackuri != "" ]]; then + curl -L -X POST $slackuri \ + --data-raw '{ + "channel": "'$slackchannel'", + "text" : "'"$sitename"' DDNS Update Failed: '$record_name': '$record_identifier' ('$ip')." + }' + fi + if [[ $discorduri != "" ]]; then + curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ + --data-raw '{ + "content" : "'"$sitename"' DDNS Update Failed: '$record_name': '$record_identifier' ('$ip')." + }' $discorduri + fi + exit 1;; + *) + logger "DDNS Updater: $ip $record_name DDNS updated." + if [[ $slackuri != "" ]]; then + curl -L -X POST $slackuri \ + --data-raw '{ + "channel": "'$slackchannel'", + "text" : "'"$sitename"' Updated: '$record_name''"'"'s'""' new IP Address is '$ip'" + }' + fi + if [[ $discorduri != "" ]]; then + curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ + --data-raw '{ + "content" : "'"$sitename"' Updated: '$record_name''"'"'s'""' new IP Address is '$ip'" + }' $discorduri + fi + exit 0;; + esac +} + +main(){ + validate_variables + check_ipv4_is_available + set_auth_headers + check_if_a_record_exists + get_current_ip_from_cloudflare + update_ip_on_cloudflare + send_webhooks +} \ No newline at end of file From 5d171e4c5b0e37cd88ab38ca97bb68d1bfd4413c Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:15:14 +0000 Subject: [PATCH 02/12] Add config.ini --- config.ini | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 config.ini diff --git a/config.ini b/config.ini new file mode 100644 index 0000000..c780a6e --- /dev/null +++ b/config.ini @@ -0,0 +1,11 @@ +auth_email="" # The email used to login 'https://dash.cloudflare.com' +auth_method="" # Set to "global" for Global API Key or "token" for Scoped API Token +auth_key="" # Your API Token or Global API Key +zone_identifier="" # Can be found in the "Overview" tab of your domain +record_name="" # Which record you want to be synced +ttl="3600" # Set the DNS TTL (seconds) +proxy="false" # Set the proxy to true or false +sitename="" # Title of site "Example Site" +slackchannel="" # Slack Channel #example +slackuri="" # URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" +discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" \ No newline at end of file From a23f3414d38bb2ee81c7356ff7ea8a185cbbf4ca Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:15:27 +0000 Subject: [PATCH 03/12] Update README.md --- README.md | 118 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) diff --git a/README.md b/README.md index 6bafc13..f24a50d 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,21 @@ This script is used to update Dynamic DNS (DDNS) service based on Cloudflare! Ac ## Support Me [![Donate Via Paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://www.paypal.me/Jasonkkf) +## Table of Contents + +- [Cloudflare Dynamic DNS IP Updater](#cloudflare-dynamic-dns-ip-updater) + * [Support Me](#support-me) + * [Table of Contents](#table-of-contents) + * [Installation](#installation) + * [Usage](#usage) + + [Local variables](#local-variables) + + [Configuration file](#configuration-file) + + [Pass](#pass) + * [Tested Environments:](#tested-environments) + * [Contributing](#contributing) + * [Reference](#reference) + * [License](#license) + ## Installation ```bash @@ -27,6 +42,109 @@ This script is used with crontab. Specify the frequency of execution through cro # * * * * * /bin/bash {Location of the script} ``` +### Local variables + +If you want to use your variables inside the script fill the script with them and execute it like the following example: + +```bash +./cloudflare-template.sh local +``` + +### Configuration file + +If you want to use the configuration file to store your credentials execute the following commands: + +```bash +mkdir -p ~/.cloudflare +cp config.ini ~/.cloudflare/config.ini + +./cloudflare-template.sh file +``` + +### Pass + +If you want to use [Pass](https://www.passwordstore.org/) you can execute the following commands: + +```bash +gpg2 --full-generate-key +``` + +Fll the prompts: +```text +Please select what kind of key you want: + + (1) RSA and RSA (default) + (2) DSA and Elgamal + (3) DSA (sign only) + (4) RSA (sign only) + +Your selection? 1 + +RSA keys may be between 1024 and 4096 bits long. +What keysize do you want? (2048) 4096 +Requested keysize is 4096 bits + +Please specify how long the key should be valid. + + 0 = key does not expire + = key expires in n days + w = key expires in n weeks + m = key expires in n months + y = key expires in n years + +Key is valid for? (0) 2y +Key expires at Sat 18 Mar 2023 15:03:38 CET +Is this correct? (y/N) y + +GnuPG needs to construct a user ID to identify your key. + +Real name: John Doe +Email address: john.doe@example.com +Comment: +You selected this USER-ID: + "John Doe " + +Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O +``` + +List secret keys: + +```bash +gpg2 --list-secret-keys --keyid-format LONG + +sec 4096R/AAAA2222CCCC4444 2021-03-18 [expires: 2023-03-18] uid John Doe +``` + +Init pass: + +```bash +pass init 'AAAA2222CCCC4444' + +mkdir: created directory ‘/home/myhome/.password-store’ Password store initialized for AAAA2222CCCC4444. +``` + +Execute: + +```bash +pass insert -m credentials/cloudflare +``` + +Add your variables: + +```text +auth_email="" # The email used to login 'https://dash.cloudflare.com' +auth_method="" # Set to "global" for Global API Key or "token" for Scoped API Token +auth_key="" # Your API Token or Global API Key +zone_identifier="" # Can be found in the "Overview" tab of your domain +record_name="" # Which record you want to be synced +ttl="3600" # Set the DNS TTL (seconds) +proxy="false" # Set the proxy to true or false +sitename="" # Title of site "Example Site" +slackchannel="" # Slack Channel #example +slackuri="" # URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" +discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" +``` + ## Tested Environments: macOS Mojave version 10.14.6 (x86_64)
AlmaLinux 9.3 (Linux kernel: 5.14.0 | x86_64)
From 0ae79d1ef11ddde5a3211050363b06f9168075b4 Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:16:10 +0000 Subject: [PATCH 04/12] Allow user to load variables from different places --- cloudflare-template.sh | 89 ++++++++++++++++++++++++++++++++++-------- 1 file changed, 72 insertions(+), 17 deletions(-) diff --git a/cloudflare-template.sh b/cloudflare-template.sh index 66b48b3..efc7dc6 100644 --- a/cloudflare-template.sh +++ b/cloudflare-template.sh @@ -1,23 +1,59 @@ #!/bin/bash ## change to "bin/sh" when necessary -auth_email="" # The email used to login 'https://dash.cloudflare.com' -auth_method="token" # Set to "global" for Global API Key or "token" for Scoped API Token -auth_key="" # Your API Token or Global API Key -zone_identifier="" # Can be found in the "Overview" tab of your domain -record_name="" # Which record you want to be synced -ttl="3600" # Set the DNS TTL (seconds) -proxy="false" # Set the proxy to true or false -sitename="" # Title of site "Example Site" -slackchannel="" # Slack Channel #example -slackuri="" # URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" -discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" +display_help(){ + logger "Usage: $0 [local|file|pass]" + logger " local - Load variables from this script" + logger " file - Load variables from a file" + logger " pass - Load variables from pass" + +} + + +load_variables(){ + case "$1" in + "local") + auth_email="" # The email used to login 'https://dash.cloudflare.com' + auth_method="" # Set to "global" for Global API Key or "token" for Scoped API Token + auth_key="" # Your API Token or Global API Key + zone_identifier="" # Can be found in the "Overview" tab of your domain + record_name="" # Which record you want to be synced + ttl="3600" # Set the DNS TTL (seconds) + proxy="false" # Set the proxy to true or false + sitename="" # Title of site "Example Site" + slackchannel="" # Slack Channel #example + slackuri="" # URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" + discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" + ;; + "file") + # Load variables from file + CONFIG_FILE="$HOME/.cloudflare/config.ini" + + # Check if the configuration file exists + if [ -f "$CONFIG_FILE" ]; then + # Load configuration from the file + source "$CONFIG_FILE" + else + logger "Error: Configuration file '$CONFIG_FILE' not found." + exit 1 + fi + ;; + "pass") + # Load variables from pass + source <(pass credentials/cloudflare) + ;; + *) + logger "Invalid load_variables option" + exit 1 + ;; + esac +} validate_variables(){ # Validate required variables if [[ -z $auth_email || -z $auth_key || -z $zone_identifier || -z $record_name ]]; then - echo "Missing required variables. Please provide values for 'auth_email', 'auth_key', 'zone_identifier', and 'record_name'." + logger "Missing required variables. Please provide values for 'auth_email', 'auth_key', 'zone_identifier', and 'record_name'." exit 1 fi } @@ -31,7 +67,7 @@ check_ipv4_is_available(){ ip=$(curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com) else # Extract just the ip from the ip line from cloudflare. - ip=$(echo $ip | sed -E "s/^ip=($ipv4_regex)$/\1/") + ip=$(logger $ip | sed -E "s/^ip=($ipv4_regex)$/\1/") fi # Use regex to check for proper IPv4 format. @@ -64,7 +100,7 @@ check_if_a_record_exists(){ } get_current_ip_from_cloudflare(){ - old_ip=$(echo "$record" | sed -E 's/.*"content":"(([0-9]{1,3}\.){3}[0-9]{1,3})".*/\1/') + old_ip=$(logger "$record" | sed -E 's/.*"content":"(([0-9]{1,3}\.){3}[0-9]{1,3})".*/\1/') # Compare if they're the same if [[ $ip == $old_ip ]]; then logger "DDNS Updater: IP ($ip) for ${record_name} has not changed." @@ -73,7 +109,7 @@ get_current_ip_from_cloudflare(){ } update_ip_on_cloudflare(){ - record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') + record_identifier=$(logger "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \ @@ -86,7 +122,7 @@ update_ip_on_cloudflare(){ send_webhooks(){ case "$update" in *"\"success\":false"*) - echo -e "DDNS Updater: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s + logger -e "DDNS Updater: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s if [[ $slackuri != "" ]]; then curl -L -X POST $slackuri \ --data-raw '{ @@ -128,4 +164,23 @@ main(){ get_current_ip_from_cloudflare update_ip_on_cloudflare send_webhooks -} \ No newline at end of file +} + +# switch for environment variables loading +case "$1" in + "local") + load_variables "local" + main + ;; + "file") + load_variables "file" + main + ;; + "pass") + load_variables "pass" + main + ;; + *) + display_help + ;; +esac \ No newline at end of file From 4f6d41ec66cab89676fa689697cb29498519490d Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:17:31 +0000 Subject: [PATCH 05/12] Docs --- cloudflare-template.sh | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/cloudflare-template.sh b/cloudflare-template.sh index efc7dc6..b9451d6 100644 --- a/cloudflare-template.sh +++ b/cloudflare-template.sh @@ -1,18 +1,19 @@ #!/bin/bash ## change to "bin/sh" when necessary +# display_help function: Displays the usage instructions for the script. display_help(){ logger "Usage: $0 [local|file|pass]" logger " local - Load variables from this script" logger " file - Load variables from a file" logger " pass - Load variables from pass" - } - +# load_variables function: Loads the required variables based on the input option. load_variables(){ case "$1" in "local") + # Load variables from this script auth_email="" # The email used to login 'https://dash.cloudflare.com' auth_method="" # Set to "global" for Global API Key or "token" for Scoped API Token auth_key="" # Your API Token or Global API Key @@ -49,7 +50,7 @@ load_variables(){ esac } - +# validate_variables function: Validates the required variables. validate_variables(){ # Validate required variables if [[ -z $auth_email || -z $auth_key || -z $zone_identifier || -z $record_name ]]; then @@ -58,6 +59,7 @@ validate_variables(){ fi } +# check_ipv4_is_available function: Checks if IPv4 is available and retrieves the IP address. check_ipv4_is_available(){ ipv4_regex='([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])' @@ -77,6 +79,7 @@ check_ipv4_is_available(){ fi } +# set_auth_headers function: Sets the authentication headers based on the authentication method. set_auth_headers(){ if [[ "${auth_method}" == "global" ]]; then auth_header="X-Auth-Key:" @@ -85,7 +88,7 @@ set_auth_headers(){ fi } - +# check_if_a_record_exists function: Checks if the DNS record exists in Cloudflare. check_if_a_record_exists(){ logger "DDNS Updater: Check Initiated" record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=A&name=$record_name" \ @@ -99,6 +102,7 @@ check_if_a_record_exists(){ fi } +# get_current_ip_from_cloudflare function: Retrieves the current IP address from Cloudflare. get_current_ip_from_cloudflare(){ old_ip=$(logger "$record" | sed -E 's/.*"content":"(([0-9]{1,3}\.){3}[0-9]{1,3})".*/\1/') # Compare if they're the same @@ -108,10 +112,10 @@ get_current_ip_from_cloudflare(){ fi } +# update_ip_on_cloudflare function: Updates the IP address on Cloudflare. update_ip_on_cloudflare(){ record_identifier=$(logger "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') - update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \ -H "X-Auth-Email: $auth_email" \ -H "$auth_header $auth_key" \ @@ -119,6 +123,7 @@ update_ip_on_cloudflare(){ --data "{\"type\":\"A\",\"name\":\"$record_name\",\"content\":\"$ip\",\"ttl\":\"$ttl\",\"proxied\":${proxy}}") } +# send_webhooks function: Sends webhooks to Slack and Discord. send_webhooks(){ case "$update" in *"\"success\":false"*) @@ -156,6 +161,7 @@ send_webhooks(){ esac } +# main function: Entry point of the script. main(){ validate_variables check_ipv4_is_available From 9bbfed09aa91d0bd796a3db4f93699adddb6ffcd Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:48:59 +0000 Subject: [PATCH 06/12] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index f24a50d..b369e74 100644 --- a/README.md +++ b/README.md @@ -107,6 +107,8 @@ You selected this USER-ID: Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O ``` +**Note**: If you set a passphrase this will asks you that passphrase time to time, you want to avoid that leave it empty. + List secret keys: ```bash From 7973582e4acfeef5142bf005d161da0eefb27bd5 Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:49:17 +0000 Subject: [PATCH 07/12] Config templates --- config4.ini | 11 +++++++++++ config6.ini | 43 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 config4.ini create mode 100644 config6.ini diff --git a/config4.ini b/config4.ini new file mode 100644 index 0000000..c780a6e --- /dev/null +++ b/config4.ini @@ -0,0 +1,11 @@ +auth_email="" # The email used to login 'https://dash.cloudflare.com' +auth_method="" # Set to "global" for Global API Key or "token" for Scoped API Token +auth_key="" # Your API Token or Global API Key +zone_identifier="" # Can be found in the "Overview" tab of your domain +record_name="" # Which record you want to be synced +ttl="3600" # Set the DNS TTL (seconds) +proxy="false" # Set the proxy to true or false +sitename="" # Title of site "Example Site" +slackchannel="" # Slack Channel #example +slackuri="" # URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" +discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" \ No newline at end of file diff --git a/config6.ini b/config6.ini new file mode 100644 index 0000000..612f21b --- /dev/null +++ b/config6.ini @@ -0,0 +1,43 @@ +############## CLOUDFLARE CREDENTIALS ############## +# @auth_email - The email used to login 'https://dash.cloudflare.com' +# @auth_method - Set to "global" for Global API Key or "token" for Scoped API Token +# @auth_key - Your API Token or Global API Key +# @zone_identifier - Can be found in the "Overview" tab of your domain +# -------------------------------------------------- # +auth_email="" +auth_method="token" +auth_key="" +zone_identifier="" + +############# DNS RECORD CONFIGURATION ############# +# @record_name - Which record you want to be synced +# @ttl - DNS TTL (seconds), can be set between (30 if enterprise) 60 and 86400 seconds, or 1 for Automatic +# @proxy - Set the proxy to true or false +# -------------------------------------------------- # +record_name="" +ttl="3600" +proxy="false" + +############### SCRIPT CONFIGURATION ############### +# @static_IPv6_mode - Useful if you are using EUI-64 IPv6 address with SLAAC IPv6 suffix token. (Privacy Extensions) +# + Or some kind of static IPv6 assignment from DHCP server configuration, etc +# + If set to false, the IPv6 address will be acquired from external services +# @last_notable_hexes - Used with `static_IPv6_mode`. Configure this to target what specific IPv6 address to search for +# + E.g. Your global primary IPv6 address is 2404:6800:4001:80e::59ec:ab12:34cd, then +# + You can put values (i.e. static suffixes) such as "34cd", "ab12:34cd" and etc +# @log_header_name - Header name used for logs +# -------------------------------------------------- # +static_IPv6_mode="false" +last_notable_hexes="ffff:ffff" +log_header_name="DDNS Updater_v6" + +############# WEBHOOKS CONFIGURATION ############### +# @sitename - Title of site "Example Site" +# @slackchannel - Slack Channel #example +# @slackuri - URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" +# @discorduri - URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" +# -------------------------------------------------- # +sitename="" +slackchannel="" +slackuri="" +discorduri="" \ No newline at end of file From 0bf2c0ae66ab0c898d6498f299ba787b58de087d Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:49:44 +0000 Subject: [PATCH 08/12] Update ipv4 parse --- cloudflare-template.sh | 37 ++++++++++++++----------------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/cloudflare-template.sh b/cloudflare-template.sh index b9451d6..d49f81a 100644 --- a/cloudflare-template.sh +++ b/cloudflare-template.sh @@ -28,7 +28,7 @@ load_variables(){ ;; "file") # Load variables from file - CONFIG_FILE="$HOME/.cloudflare/config.ini" + CONFIG_FILE="$HOME/.cloudflare/config4.ini" # Check if the configuration file exists if [ -f "$CONFIG_FILE" ]; then @@ -63,19 +63,17 @@ validate_variables(){ check_ipv4_is_available(){ ipv4_regex='([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])' - ip=$(curl -s -4 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip'); ret=$? - if [[ ! $ret == 0 ]]; then # In the case that cloudflare failed to return an ip. - # Attempt to get the ip from other websites. - ip=$(curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com) - else - # Extract just the ip from the ip line from cloudflare. - ip=$(logger $ip | sed -E "s/^ip=($ipv4_regex)$/\1/") - fi + ip=$(curl -s -4 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip=' | cut -d '=' -f 2) - # Use regex to check for proper IPv4 format. - if [[ ! $ip =~ ^$ipv4_regex$ ]]; then - logger -s "DDNS Updater: Failed to find a valid IP." - exit 2 + if [[ -z $ip ]]; then + # Cloudflare did not return an IP, try other sources. + ip=$(curl -s https://api.ipify.org || curl -s https://ipv4.icanhazip.com) + else + # Use regex to check for proper IPv4 format. + if [[ ! $ip =~ ^$ipv4_regex$ ]]; then + logger -s "DDNS Updater: Failed to find a valid IP from Cloudflare." + exit 1 + fi fi } @@ -174,19 +172,12 @@ main(){ # switch for environment variables loading case "$1" in - "local") - load_variables "local" - main - ;; - "file") - load_variables "file" - main - ;; - "pass") - load_variables "pass" + "local"|"file"|"pass") + load_variables "$1" main ;; *) display_help + exit 1 ;; esac \ No newline at end of file From e62fbd56cee74cc54410b7caa7f12bef5d39c55e Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:50:08 +0000 Subject: [PATCH 09/12] Remove config.ini --- config.ini | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 config.ini diff --git a/config.ini b/config.ini deleted file mode 100644 index c780a6e..0000000 --- a/config.ini +++ /dev/null @@ -1,11 +0,0 @@ -auth_email="" # The email used to login 'https://dash.cloudflare.com' -auth_method="" # Set to "global" for Global API Key or "token" for Scoped API Token -auth_key="" # Your API Token or Global API Key -zone_identifier="" # Can be found in the "Overview" tab of your domain -record_name="" # Which record you want to be synced -ttl="3600" # Set the DNS TTL (seconds) -proxy="false" # Set the proxy to true or false -sitename="" # Title of site "Example Site" -slackchannel="" # Slack Channel #example -slackuri="" # URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" -discorduri="" # URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" \ No newline at end of file From c726506a1988d98187074fe7a4ce3e3a00ab79c0 Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Mon, 29 Jan 2024 23:51:02 +0000 Subject: [PATCH 10/12] Allow user to load variables from different places --- cloudflare-templatev6.sh | 392 ++++++++++++++++++++++----------------- 1 file changed, 219 insertions(+), 173 deletions(-) diff --git a/cloudflare-templatev6.sh b/cloudflare-templatev6.sh index f393031..e8de638 100644 --- a/cloudflare-templatev6.sh +++ b/cloudflare-templatev6.sh @@ -1,186 +1,232 @@ #!/bin/bash ## change to "bin/sh" when necessary -############## CLOUDFLARE CREDENTIALS ############## -# @auth_email - The email used to login 'https://dash.cloudflare.com' -# @auth_method - Set to "global" for Global API Key or "token" for Scoped API Token -# @auth_key - Your API Token or Global API Key -# @zone_identifier - Can be found in the "Overview" tab of your domain -# -------------------------------------------------- # -auth_email="" -auth_method="token" -auth_key="" -zone_identifier="" - -############# DNS RECORD CONFIGURATION ############# -# @record_name - Which record you want to be synced -# @ttl - DNS TTL (seconds), can be set between (30 if enterprise) 60 and 86400 seconds, or 1 for Automatic -# @proxy - Set the proxy to true or false -# -------------------------------------------------- # -record_name="" -ttl="3600" -proxy="false" - -############### SCRIPT CONFIGURATION ############### -# @static_IPv6_mode - Useful if you are using EUI-64 IPv6 address with SLAAC IPv6 suffix token. (Privacy Extensions) -# + Or some kind of static IPv6 assignment from DHCP server configuration, etc -# + If set to false, the IPv6 address will be acquired from external services -# @last_notable_hexes - Used with `static_IPv6_mode`. Configure this to target what specific IPv6 address to search for -# + E.g. Your global primary IPv6 address is 2404:6800:4001:80e::59ec:ab12:34cd, then -# + You can put values (i.e. static suffixes) such as "34cd", "ab12:34cd" and etc -# @log_header_name - Header name used for logs -# -------------------------------------------------- # -static_IPv6_mode="false" -last_notable_hexes="ffff:ffff" -log_header_name="DDNS Updater_v6" - -############# WEBHOOKS CONFIGURATION ############### -# @sitename - Title of site "Example Site" -# @slackchannel - Slack Channel #example -# @slackuri - URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" -# @discorduri - URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" -# -------------------------------------------------- # -sitename="" -slackchannel="" -slackuri="" -discorduri="" - - - -################################################ -## Make sure we have a valid IPv6 connection -################################################ -if ! { curl -6 -s --head --fail https://ipv6.google.com >/dev/null; }; then - logger -s "$log_header_name: Unable to establish a valid IPv6 connection to a known host." +display_help(){ + logger "Usage: $0 [local|file|pass]" + logger " local - Load variables from this script" + logger " file - Load variables from a file" + logger " pass - Load variables from pass" +} + +load_variables(){ + case "$1" in + "local") + ############## CLOUDFLARE CREDENTIALS ############## + # @auth_email - The email used to login 'https://dash.cloudflare.com' + # @auth_method - Set to "global" for Global API Key or "token" for Scoped API Token + # @auth_key - Your API Token or Global API Key + # @zone_identifier - Can be found in the "Overview" tab of your domain + # -------------------------------------------------- # + auth_email="" + auth_method="token" + auth_key="" + zone_identifier="" + + ############# DNS RECORD CONFIGURATION ############# + # @record_name - Which record you want to be synced + # @ttl - DNS TTL (seconds), can be set between (30 if enterprise) 60 and 86400 seconds, or 1 for Automatic + # @proxy - Set the proxy to true or false + # -------------------------------------------------- # + record_name="" + ttl="3600" + proxy="false" + + ############### SCRIPT CONFIGURATION ############### + # @static_IPv6_mode - Useful if you are using EUI-64 IPv6 address with SLAAC IPv6 suffix token. (Privacy Extensions) + # + Or some kind of static IPv6 assignment from DHCP server configuration, etc + # + If set to false, the IPv6 address will be acquired from external services + # @last_notable_hexes - Used with `static_IPv6_mode`. Configure this to target what specific IPv6 address to search for + # + E.g. Your global primary IPv6 address is 2404:6800:4001:80e::59ec:ab12:34cd, then + # + You can put values (i.e. static suffixes) such as "34cd", "ab12:34cd" and etc + # @log_header_name - Header name used for logs + # -------------------------------------------------- # + static_IPv6_mode="false" + last_notable_hexes="ffff:ffff" + log_header_name="DDNS Updater_v6" + + ############# WEBHOOKS CONFIGURATION ############### + # @sitename - Title of site "Example Site" + # @slackchannel - Slack Channel #example + # @slackuri - URI for Slack WebHook "https://hooks.slack.com/services/xxxxx" + # @discorduri - URI for Discord WebHook "https://discordapp.com/api/webhooks/xxxxx" + # -------------------------------------------------- # + sitename="" + slackchannel="" + slackuri="" + discorduri="" + ;; + "file") + # Load variables from file + CONFIG_FILE="$HOME/.cloudflare/config6.ini" + + # Check if the configuration file exists + if [ -f "$CONFIG_FILE" ]; then + # Load configuration from the file + source "$CONFIG_FILE" + else + logger "Error: Configuration file '$CONFIG_FILE' not found." + exit 1 + fi + ;; + "pass") + # Load variables from pass + source <(pass credentials/cloudflare) + ;; + *) + logger "Invalid load_variables option" + exit 1 + ;; + esac +} + +validate_variables(){ + # Validate required variables + if [[ -z $auth_email || -z $auth_key || -z $zone_identifier || -z $record_name ]]; then + logger "Missing required variables. Please provide values for 'auth_email', 'auth_key', 'zone_identifier', and 'record_name'." exit 1 -fi - -################################################ -## Finding our IPv6 address -################################################ -# Regex credits to https://stackoverflow.com/a/17871737 -ipv6_regex="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))" - -if $static_IPv6_mode; then - # Test whether 'ip' command is available - if { command -v "ip" &>/dev/null; }; then - ip=$(ip -6 -o addr show scope global primary -deprecated | grep -oE "$ipv6_regex" | grep -oE ".*($last_notable_hexes)$") - else - # Fall back to 'ifconfig' command - ip=$(ifconfig | grep -oE "$ipv6_regex" | grep -oE ".*($last_notable_hexes)$") + fi +} + + +check_ipv6_is_available(){ + if ! { curl -6 -s --head --fail https://ipv6.google.com >/dev/null; }; then + logger -s "$log_header_name: Unable to establish a valid IPv6 connection to a known host." + exit 1 fi -else - # Use external services to discover our system's preferred IPv6 address - ip=$(curl -s -6 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip') - ret=$? - if [[ ! $ret == 0 ]]; then # In the case that cloudflare failed to return an ip. - # Attempt to get the ip from other websites. - ip=$(curl -s -6 https://api64.ipify.org || curl -s -6 https://ipv6.icanhazip.com) + + # Regex credits to https://stackoverflow.com/a/17871737 + ipv6_regex="(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))" + + if $static_IPv6_mode; then + # Test whether 'ip' command is available + if { command -v "ip" &>/dev/null; }; then + ip=$(ip -6 -o addr show scope global primary -deprecated | grep -oE "$ipv6_regex" | grep -oE ".*($last_notable_hexes)$") + else + # Fall back to 'ifconfig' command + ip=$(ifconfig | grep -oE "$ipv6_regex" | grep -oE ".*($last_notable_hexes)$") + fi else - # Extract just the ip from the ip line from cloudflare. - ip=$(echo $ip | sed -E "s/^ip=($ipv6_regex)$/\1/") + # Use external services to discover our system's preferred IPv6 address + ip=$(curl -s -6 https://cloudflare.com/cdn-cgi/trace | grep -E '^ip') + ret=$? + if [[ ! $ret == 0 ]]; then # In the case that cloudflare failed to return an ip. + # Attempt to get the ip from other websites. + ip=$(curl -s -6 https://api64.ipify.org || curl -s -6 https://ipv6.icanhazip.com) + else + # Extract just the ip from the ip line from cloudflare. + ip=$(echo $ip | sed -E "s/^ip=($ipv6_regex)$/\1/") + fi fi -fi - -# Check point: Make sure the collected IPv6 address is valid -if [[ ! $ip =~ ^$ipv6_regex$ ]]; then - logger -s "$log_header_name: Failed to find a valid IPv6 address." - exit 1 -fi - -################################################ -## Check and set the proper auth header -################################################ -if [[ "${auth_method}" == "global" ]]; then - auth_header="X-Auth-Key:" -else - auth_header="Authorization: Bearer" -fi - -################################################ -## Seek for the AAAA record -################################################ -logger "$log_header_name: Check Initiated" -record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=AAAA&name=$record_name" \ - -H "X-Auth-Email: $auth_email" \ - -H "$auth_header $auth_key" \ - -H "Content-Type: application/json") - -################################################ -## Check if the domain has an AAAA record -################################################ -if [[ $record == *"\"count\":0"* ]]; then - logger -s "$log_header_name: Record does not exist, perhaps create one first? (${ip} for ${record_name})" - exit 1 -fi -################################################ -## Get existing IP -################################################ -old_ip=$(echo "$record" | sed -E 's/.*"content":"'${ipv6_regex}'".*/\1/') + # Check point: Make sure the collected IPv6 address is valid + if [[ ! $ip =~ ^$ipv6_regex$ ]]; then + logger -s "$log_header_name: Failed to find a valid IPv6 address." + exit 1 + fi +} -# Make sure the extracted IPv6 address is valid -if [[ ! $old_ip =~ ^$ipv6_regex$ ]]; then - logger -s "$log_header_name: Unable to extract existing IPv6 address from DNS record." - exit 1 -fi - -# Compare if they're the same -if [[ $ip == $old_ip ]]; then - logger "$log_header_name: IP ($ip) for ${record_name} has not changed." - exit 0 -fi - -################################################ -## Set the record identifier from result -################################################ -record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') - -################################################ -## Change the IP@Cloudflare using the API -################################################ -update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \ - -H "X-Auth-Email: $auth_email" \ - -H "$auth_header $auth_key" \ - -H "Content-Type: application/json" \ - --data "{\"content\":\"$ip\",\"ttl\":\"$ttl\",\"proxied\":$proxy}") - -################################################ -## Report the status -################################################ -case "$update" in -*"\"success\":false"*) - echo -e "$log_header_name: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s - if [[ $slackuri != "" ]]; then - curl -L -X POST $slackuri \ - --data-raw "{ - \"channel\": \"$slackchannel\", - \"text\": \"$sitename DDNS Update Failed: $record_name: $record_identifier ($ip).\" - }" +set_auth_headers(){ + if [[ "${auth_method}" == "global" ]]; then + auth_header="X-Auth-Key:" + else + auth_header="Authorization: Bearer" fi - if [[ $discorduri != "" ]]; then - curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ - --data-raw "{ - \"content\": \"$sitename DDNS Update Failed: $record_name: $record_identifier ($ip).\" - }" $discorduri +} + +check_if_aaaa_record_exists(){ + logger "$log_header_name: Check Initiated" + record=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records?type=AAAA&name=$record_name" \ + -H "X-Auth-Email: $auth_email" \ + -H "$auth_header $auth_key" \ + -H "Content-Type: application/json") + if [[ $record == *"\"count\":0"* ]]; then + logger -s "$log_header_name: Record does not exist, perhaps create one first? (${ip} for ${record_name})" + exit 1 fi - exit 1 - ;; -*) - logger "$log_header_name: $ip $record_name DDNS updated." - if [[ $slackuri != "" ]]; then - curl -L -X POST $slackuri \ - --data-raw "{ - \"channel\": \"$slackchannel\", - \"text\": \"$sitename Updated: $record_name's new IPv6 Address is $ip\" - }" +} + +get_current_ip_from_cloudflare(){ + old_ip=$(echo "$record" | sed -E 's/.*"content":"'${ipv6_regex}'".*/\1/') + + # Make sure the extracted IPv6 address is valid + if [[ ! $old_ip =~ ^$ipv6_regex$ ]]; then + logger -s "$log_header_name: Unable to extract existing IPv6 address from DNS record." + exit 1 fi - if [[ $discorduri != "" ]]; then - curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ - --data-raw "{ - \"content\": \"$sitename Updated: $record_name's new IPv6 Address is $ip\" - }" $discorduri + + # Compare if they're the same + if [[ $ip == $old_ip ]]; then + logger "$log_header_name: IP ($ip) for ${record_name} has not changed." + exit 0 fi - exit 0 - ;; -esac +} + +update_ip_on_cloudflare(){ + record_identifier=$(echo "$record" | sed -E 's/.*"id":"([A-Za-z0-9_]+)".*/\1/') + update=$(curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" \ + -H "X-Auth-Email: $auth_email" \ + -H "$auth_header $auth_key" \ + -H "Content-Type: application/json" \ + --data "{\"content\":\"$ip\",\"ttl\":\"$ttl\",\"proxied\":$proxy}") +} + +send_webhooks(){ + case "$update" in + *"\"success\":false"*) + echo -e "$log_header_name: $ip $record_name DDNS failed for $record_identifier ($ip). DUMPING RESULTS:\n$update" | logger -s + if [[ $slackuri != "" ]]; then + curl -L -X POST $slackuri \ + --data-raw "{ + \"channel\": \"$slackchannel\", + \"text\": \"$sitename DDNS Update Failed: $record_name: $record_identifier ($ip).\" + }" + fi + if [[ $discorduri != "" ]]; then + curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ + --data-raw "{ + \"content\": \"$sitename DDNS Update Failed: $record_name: $record_identifier ($ip).\" + }" $discorduri + fi + exit 1 + ;; + *) + logger "$log_header_name: $ip $record_name DDNS updated." + if [[ $slackuri != "" ]]; then + curl -L -X POST $slackuri \ + --data-raw "{ + \"channel\": \"$slackchannel\", + \"text\": \"$sitename Updated: $record_name's new IPv6 Address is $ip\" + }" + fi + if [[ $discorduri != "" ]]; then + curl -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST \ + --data-raw "{ + \"content\": \"$sitename Updated: $record_name's new IPv6 Address is $ip\" + }" $discorduri + fi + exit 0 + ;; + esac +} + +main(){ + validate_variables + check_ipv6_is_available + set_auth_headers + check_if_aaaa_record_exists + get_current_ip_from_cloudflare + update_ip_on_cloudflare + send_webhooks +} + +# switch for environment variables loading +case "$1" in + "local"|"file"|"pass") + load_variables "$1" + main + ;; + *) + display_help + exit 1 + ;; +esac \ No newline at end of file From 234b8e97c4f6928b58221e6b8947e695f9b1eb55 Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Tue, 30 Jan 2024 00:04:36 +0000 Subject: [PATCH 11/12] Update README.md --- README.md | 58 +------------------------------------------------------ 1 file changed, 1 insertion(+), 57 deletions(-) diff --git a/README.md b/README.md index b369e74..a67de41 100644 --- a/README.md +++ b/README.md @@ -66,63 +66,7 @@ cp config.ini ~/.cloudflare/config.ini If you want to use [Pass](https://www.passwordstore.org/) you can execute the following commands: ```bash -gpg2 --full-generate-key -``` - -Fll the prompts: -```text -Please select what kind of key you want: - - (1) RSA and RSA (default) - (2) DSA and Elgamal - (3) DSA (sign only) - (4) RSA (sign only) - -Your selection? 1 - -RSA keys may be between 1024 and 4096 bits long. -What keysize do you want? (2048) 4096 -Requested keysize is 4096 bits - -Please specify how long the key should be valid. - - 0 = key does not expire - = key expires in n days - w = key expires in n weeks - m = key expires in n months - y = key expires in n years - -Key is valid for? (0) 2y -Key expires at Sat 18 Mar 2023 15:03:38 CET -Is this correct? (y/N) y - -GnuPG needs to construct a user ID to identify your key. - -Real name: John Doe -Email address: john.doe@example.com -Comment: -You selected this USER-ID: - "John Doe " - -Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O -``` - -**Note**: If you set a passphrase this will asks you that passphrase time to time, you want to avoid that leave it empty. - -List secret keys: - -```bash -gpg2 --list-secret-keys --keyid-format LONG - -sec 4096R/AAAA2222CCCC4444 2021-03-18 [expires: 2023-03-18] uid John Doe -``` - -Init pass: - -```bash -pass init 'AAAA2222CCCC4444' - -mkdir: created directory ‘/home/myhome/.password-store’ Password store initialized for AAAA2222CCCC4444. +gpg --batch --passphrase '' --quick-gen-key USER_ID default default ``` Execute: From b0792f1cff462cfd2a4986544ef3c0df07522289 Mon Sep 17 00:00:00 2001 From: Rui Coelho Date: Tue, 30 Jan 2024 00:08:12 +0000 Subject: [PATCH 12/12] Update README.md --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/README.md b/README.md index a67de41..ada4eb0 100644 --- a/README.md +++ b/README.md @@ -69,6 +69,19 @@ If you want to use [Pass](https://www.passwordstore.org/) you can execute the fo gpg --batch --passphrase '' --quick-gen-key USER_ID default default ``` +Get key: + +```bash +gpg2 --list-secret-keys --keyid-format LONG + +sec 4096R/AAAA2222CCCC4444 2021-03-18 [expires: 2023-03-18] uid John Doe +``` + +Init pass: +```bash +pass init 'AAAA2222CCCC4444' +``` + Execute: ```bash