Migrated Export_DNS from https://git.ncltech.co.uk/phil/Export_DNS

2025-10-05 19:22:20 +01:00
parent 2f9497db87
commit 2fc53e72b5
6 changed files with 393 additions and 1 deletions
@@ -0,0 +1,115 @@
+# Cloudflare DNS Export Script
+
+This script automates exporting DNS records for all zones in a Cloudflare account.  
+It uses the Cloudflare **API Token** authentication method (recommended for security).  
+
+Each run saves the DNS export of every zone into an `export/` folder, with filenames containing the zone name and a timestamp.
+
+---
+
+## 📦 Requirements
+
+- **bash** (any modern Linux/macOS environment will work)
+- **curl**
+- **jq** (for parsing JSON)
+
+Install `jq` if you don’t already have it:
+
+```bash
+# Ubuntu/Debian
+sudo apt install jq -y
+
+# macOS (Homebrew)
+brew install jq
+```
+
+---
+
+## ⚙️ Setup
+
+1. Clone or copy these files:
+   - `export_dns_cloudflare.sh`  
+   - `config.conf`  
+
+2. Edit the `config.conf` file and add your **Cloudflare API Token**:
+
+```bash
+# config.conf
+CLOUDFLARE_API_TOKEN=your_api_token_here
+```
+
+> 🔑 When creating your API Token in Cloudflare Dashboard, give it at least:
+> - **Zone: Read**  
+> - **DNS: Read**  
+
+---
+
+## ▶️ Usage
+
+Make the script executable:
+
+```bash
+chmod +x export_dns_cloudflare.sh
+```
+
+Run the script:
+
+```bash
+./export_dns_cloudflare.sh
+```
+
+---
+
+## 📂 Output
+
+- All exports are saved into the `export/` folder.  
+- Each export is a plain text file containing the zone’s DNS records in BIND format.  
+- Filenames follow the format:
+
+```
+export/<zone_name>_<YYYYMMDD>_<HHMMSS>.txt
+```
+
+Example:
+
+```
+export/example.com_20250825_153012.txt
+export/testdomain.net_20250825_153015.txt
+```
+
+---
+
+## 🔒 Security Notes
+
+- Never commit `config.conf` (it contains your API token).  
+- Limit API token permissions to the minimum required (Zone:Read, DNS:Read).  
+- Rotate API tokens periodically for best security practices.  
+
+---
+
+## ✅ Example Workflow
+
+```bash
+# 1. Configure your token
+echo 'CLOUDFLARE_API_TOKEN=abc123xyz...' > config.conf
+
+# 2. Run the export
+./export_dns_cloudflare.sh
+
+# 3. Check the export folder
+ls export/
+```
+
+---
+
+## 🛠 Troubleshooting
+
+- **Empty export files?**  
+  Ensure your API Token has the correct permissions (Zone:Read, DNS:Read).  
+
+- **Script fails with `jq: command not found`?**  
+  Install `jq` as shown above.  
+
+- **Only some zones exported?**  
+  Check the API Token’s scope. If it was created for a specific zone, it won’t return all zones.  
+  Create a token scoped for “All zones - Read” to export everything.
@@ -0,0 +1,2 @@
+# Cloudflare API Token (must have Zone:Read + DNS:Read permissions)
+CLOUDFLARE_API_TOKEN=your_api_token_here
@@ -0,0 +1,38 @@
+#!/bin/bash
+set -euo pipefail
+
+# Load config
+source config.conf
+
+EXPORT_FOLDER="export"
+mkdir -p "$EXPORT_FOLDER"
+
+# Step 1: Fetch all zones from Cloudflare
+echo "Fetching zone list from Cloudflare..."
+zones_json=$(curl -s https://api.cloudflare.com/client/v4/zones \
+    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+    -H "Content-Type: application/json")
+
+# Step 2: Parse zones (needs jq)
+zone_count=$(echo "$zones_json" | jq '.result | length')
+echo "Found $zone_count zones."
+
+# Step 3: Loop through zones
+for ((i=0; i<zone_count; i++)); do
+    ZONE_ID=$(echo "$zones_json" | jq -r ".result[$i].id")
+    SITE_NAME=$(echo "$zones_json" | jq -r ".result[$i].name")
+
+    TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
+    OUTPUT_FILE="$EXPORT_FOLDER/${SITE_NAME}_$TIMESTAMP.txt"
+
+    echo "Exporting DNS records for $SITE_NAME..."
+
+    curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/export" \
+        -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
+        -H "Content-Type: application/json" | tee "$OUTPUT_FILE"
+
+    echo " -> Saved to $OUTPUT_FILE"
+done
+
+echo "✅ All exports complete. Files are in the '$EXPORT_FOLDER' folder."
+