From cc1e47981eb2a654436edfe9deee8643870aeadb Mon Sep 17 00:00:00 2001 From: Phil Date: Sun, 5 Oct 2025 21:58:55 +0100 Subject: [PATCH] Updated script so it uses a zone API key now instead of the Global API key and Email address. --- .../update_cloudflare_ip.sh | 61 +++++++++++++------ .../zones/subdomain.domain.com.env | 1 - 2 files changed, 44 insertions(+), 18 deletions(-) diff --git a/Dynamic_DNS/Dynamic_DNS_Cloudflare/update_cloudflare_ip.sh b/Dynamic_DNS/Dynamic_DNS_Cloudflare/update_cloudflare_ip.sh index 54bfad9..e5217fe 100644 --- a/Dynamic_DNS/Dynamic_DNS_Cloudflare/update_cloudflare_ip.sh +++ b/Dynamic_DNS/Dynamic_DNS_Cloudflare/update_cloudflare_ip.sh @@ -27,7 +27,10 @@ done # --- Fetch current IP from Mullvad --- log "[*] Fetching IP from Mullvad..." -IP_INFO=$(curl -sf https://ipv4.am.i.mullvad.net/json) +IP_INFO=$(curl -sf https://ipv4.am.i.mullvad.net/json) || { + log "[!] Failed to fetch IP from Mullvad" + exit 1 +} if ! echo "$IP_INFO" | jq -e '.ip' >/dev/null; then log "[!] Invalid Mullvad response or missing IP." @@ -61,7 +64,6 @@ for ENV_FILE in "${ENV_FILES[@]}"; do missing_vars=() [[ -z "${ZONE_ID:-}" ]] && missing_vars+=("ZONE_ID") [[ -z "${DNS_NAME:-}" ]] && missing_vars+=("DNS_NAME") - [[ -z "${CLOUDFLARE_EMAIL:-}" ]] && missing_vars+=("CLOUDFLARE_EMAIL") [[ -z "${CLOUDFLARE_API_KEY:-}" ]] && missing_vars+=("CLOUDFLARE_API_KEY") if (( ${#missing_vars[@]} )); then @@ -70,31 +72,47 @@ for ENV_FILE in "${ENV_FILES[@]}"; do continue fi - # --- Fetch DNS records for the zone --- + # --- Check if DNS record exists --- log "[*] Checking DNS record for $DNS_NAME..." DNS_LOOKUP=$(curl -sf -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?type=A&name=$DNS_NAME" \ - -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \ - -H "X-Auth-Key: $CLOUDFLARE_API_KEY" \ + -H "Authorization: Bearer $CLOUDFLARE_API_KEY" \ -H "Content-Type: application/json") + CURL_EXIT_CODE=$? + + if [[ $CURL_EXIT_CODE -ne 0 ]]; then + log "[!] Failed to query DNS record for $DNS_NAME (curl exit code $CURL_EXIT_CODE)" + log "$DNS_LOOKUP" + log "" + continue + fi RECORD_ID=$(echo "$DNS_LOOKUP" | jq -r '.result[0].id // empty') EXISTING_IP=$(echo "$DNS_LOOKUP" | jq -r '.result[0].content // empty') if [[ -z "$RECORD_ID" ]]; then log "[!] No existing record found. Creating new A record for $DNS_NAME..." + CREATE_RESPONSE=$(curl -sf -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records" \ - -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \ - -H "X-Auth-Key: $CLOUDFLARE_API_KEY" \ -H "Content-Type: application/json" \ + -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \ + -H "Authorization: Bearer $CLOUDFLARE_API_KEY" \ -d "{ - \"type\": \"A\", \"name\": \"$DNS_NAME\", - \"content\": \"$CURRENT_IP\", \"ttl\": 3600, - \"proxied\": true, - \"comment\": \"Created via script\" + \"type\": \"A\", + \"comment\": \"Domain verification record\", + \"content\": \"$CURRENT_IP\", + \"proxied\": true }") + CURL_EXIT_CODE=$? + + if [[ $CURL_EXIT_CODE -ne 0 ]]; then + log "[!] curl failed creating DNS record (exit code $CURL_EXIT_CODE)" + log "$CREATE_RESPONSE" + log "" + continue + fi if [[ $(echo "$CREATE_RESPONSE" | jq -r '.success') == "true" ]]; then log "[+] Successfully created DNS record for $DNS_NAME → $CURRENT_IP" @@ -102,6 +120,7 @@ for ENV_FILE in "${ENV_FILES[@]}"; do log "[!] Failed to create DNS record for $DNS_NAME" echo "$CREATE_RESPONSE" | tee -a "$LOG_FILE" fi + log "" continue fi @@ -118,17 +137,25 @@ for ENV_FILE in "${ENV_FILES[@]}"; do log "[*] Updating existing DNS record via PATCH..." UPDATE_RESPONSE=$(curl -sf -X PATCH "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$RECORD_ID" \ - -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \ - -H "X-Auth-Key: $CLOUDFLARE_API_KEY" \ -H "Content-Type: application/json" \ + -H "X-Auth-Email: $CLOUDFLARE_EMAIL" \ + -H "Authorization: Bearer $CLOUDFLARE_API_KEY" \ -d "{ - \"type\": \"A\", \"name\": \"$DNS_NAME\", - \"content\": \"$CURRENT_IP\", \"ttl\": 3600, - \"proxied\": true, - \"comment\": \"Updated via script\" + \"type\": \"A\", + \"comment\": \"Domain verification record\", + \"content\": \"$CURRENT_IP\", + \"proxied\": true }") + CURL_EXIT_CODE=$? + + if [[ $CURL_EXIT_CODE -ne 0 ]]; then + log "[!] curl failed updating DNS record (exit code $CURL_EXIT_CODE)" + log "$UPDATE_RESPONSE" + log "" + continue + fi if [[ $(echo "$UPDATE_RESPONSE" | jq -r '.success') == "true" ]]; then log "[+] Successfully updated $DNS_NAME to $CURRENT_IP" diff --git a/Dynamic_DNS/Dynamic_DNS_Cloudflare/zones/subdomain.domain.com.env b/Dynamic_DNS/Dynamic_DNS_Cloudflare/zones/subdomain.domain.com.env index 50cc3f0..024335c 100644 --- a/Dynamic_DNS/Dynamic_DNS_Cloudflare/zones/subdomain.domain.com.env +++ b/Dynamic_DNS/Dynamic_DNS_Cloudflare/zones/subdomain.domain.com.env @@ -1,5 +1,4 @@ ZONE_ID="abc123zoneid" DNS_NAME="subdomain.example.com" -CLOUDFLARE_EMAIL="you@example.com" CLOUDFLARE_API_KEY="your_api_key_here"