Skip to content

Instantly share code, notes, and snippets.

@HackingGate

HackingGate/cf-ddns.sh

Forked from benkulbertis/cloudflare-update-record.sh
Last active December 28, 2019 04:46
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save HackingGate/2276b69d52839fef1603132b4de941f0 to your computer and use it in GitHub Desktop.
Save HackingGate/2276b69d52839fef1603132b4de941f0 to your computer and use it in GitHub Desktop.
Download ZIP
Cloudflare API v4 Dynamic DNS Update for both IPv4 and IPv6 in Bash
Raw
cf-ddns.sh
#!/bin/bash
LOGTIME=$(date "+%Y-%m-%d %H:%M:%S")
# CHANGE THESE
auth_email="user@example.com"
auth_key="c2547eb745079dac9320b638f5e225cf483cc5cfdda41" # find in cloudflare account settings
record_name="www.example.com"
zone_identifier="023e105f4ecef8ad9ca31a8372d0c353" # get zone ID via API and store it here
record_identifier_ipv4="372e67954025e0ba6aaa6d586b9e0b59" # use List DNS Records api to get record id, link below ↓
record_identifier_ipv6="372e67954025e0ba6aaa6d586b9e0b5a" # https://api.cloudflare.com/#dns-records-for-a-zone-list-dns-records
# Get zone ID
#domain_name=example.com
#zone=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=${domain_name}&status=active&page=1&per_page=20&order=status&direction=desc&match=all" \
# -H "X-Auth-Email: ${auth_email}" \
# -H "X-Auth-Key: ${auth_key}" \
# -H "Content-Type: application/json")
#zone_identifier=${zone:18:32}
#echo $zone_identifier
# List DNS Records
#records=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/${zone_identifier}/dns_records" \
# -H "X-Auth-Email: ${auth_email}" \
# -H "X-Auth-Key: ${auth_key}" \
# -H "Content-Type: application/json")
#echo $records | jq
# MAYBE CHANGE THESE
ipv4=$(curl -s https://ipv4.icanhazip.com)
# ipv6=$(curl -s https://ipv6.icanhazip.com)
ipv6=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^f | head -1)
# /sbin/ip -6 addr show eth0 (to specify eth0)
# SCRIPT START
update_ipv4=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier_ipv4" \
-H "X-Auth-Email: $auth_email" \
-H "X-Auth-Key: $auth_key" \
-H "Content-Type: application/json" \
--data "{\"id\":\"$zone_identifier\",\"type\":\"A\",\"name\":\"$record_name\",\"content\":\"$ipv4\"}")
update_ipv6=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier_ipv6" \
-H "X-Auth-Email: $auth_email" \
-H "X-Auth-Key: $auth_key" \
-H "Content-Type: application/json" \
--data "{\"id\":\"$zone_identifier\",\"type\":\"AAAA\",\"name\":\"$record_name\",\"content\":\"$ipv6\"}")
if [[ $update_ipv4 == *"\"success\":false"* ]]; then
message="API UPDATE A RECORD FAILED. DUMPING RESULTS:\n$update_ipv4"
echo -e "['$LOGTIME'] $message"
exit 1
else
message="A record updated to: $ipv4"
echo "['$LOGTIME'] $message"
fi
if [[ $update_ipv6 == *"\"success\":false"* ]]; then
message="API UPDATE AAAA RECORD FAILED. DUMPING RESULTS:\n$update_ipv6"
echo -e "['$LOGTIME'] $message"
exit 1
else
message="AAAA record updated to: $ipv6"
echo "['$LOGTIME'] $message"
fi
@HackingGate
Copy link
Author

HackingGate commented May 13, 2018
edited

crontab example

# run every 10 minutes
*/10 * * * * /home/pi/ddns/cf-ddns.sh >> /home/pi/ddns/cf-ddns.log 2>&1

@HackingGate
Copy link
Author

HackingGate commented Dec 24, 2018
edited

If you need to specify interface for example

curl --interface eth0

Force my Raspberry Pi to use Wired Ethernet not Wi-Fi

# MAYBE CHANGE THESE
ipv4=$(curl --interface eth0 -s https://ipv4.icanhazip.com)
ipv6=$(curl --interface eth0 -s https://ipv6.icanhazip.com)

@yashodhank
Copy link

yashodhank commented Jun 7, 2019
edited 

you need jq and curl installed to run following:
sudo apt install jq curl -y

Fetch Zones

curl -s -X GET "https://api.cloudflare.com/client/v4/zones/?per_page=100" -H "X-Auth-Email: myemail@company.ext" -H "X-Auth-Key: a123344555566789cc886c1c12347cf9ee53c" -H "Content-Type: application/json"| jq -r '.result[] | "\(.id) \(.name)"'
# Example Output:
# f123456789cfcb7adb712345638102ca domain1.ext

Then find Record ID for A OR AAAA using zone id obtained in previous curl call:

# FOR IPv4 i.e. A Record
curl -s -X GET "https://api.cloudflare.com/client/v4/zones/<replace-with-zone-id-from-previouscommand>/dns_records?type=A&name=domain1.ext&content=<replace-with-ipv4-from-cloudflare-dashboard>&page=1&per_page=20&order=type&direction=desc&match=all" -H "X-Auth-Email: myemail@company.ext" -H "X-Auth-Key: a123344555566789cc886c1c12347cf9ee53c" -H "Content-Type: application/json"| jq -r '.result[] | "\(.id) \(.name)"'
# Example Output: Record ID & Name


# For IPv6 i.e. AAAA Record
curl -s -X GET "https://api.cloudflare.com/client/v4/zones/<replace-with-zone-id-from-previouscommand>/dns_records?type=AAAA&name=domain1.ext&content=<replace-with-ipv6-from-cloudflare-dashboard>&page=1&per_page=20&order=type&direction=desc&match=all" -H "X-Auth-Email: myemail@company.ext" -H "X-Auth-Key: a123344555566789cc886c1c12347cf9ee53c" -H "Content-Type: application/json"| jq -r '.result[] | "\(.id) \(.name)"'
# Example Output: Record ID & Name

@yashodhank
Copy link

https://gist.github.com/HackingGate/2276b69d52839fef1603132b4de941f0#file-cf-ddns-sh-L40
Make sure to correct $update_ipv4 to $update_ipv6 to see correct error if there is any when IPv6 fails to update.

@HackingGate
Copy link
Author

https://gist.github.com/HackingGate/2276b69d52839fef1603132b4de941f0#file-cf-ddns-sh-L40
Make sure to correct $update_ipv4 to $update_ipv6 to see correct error if there is any when IPv6 fails to update.

Thanks for noticing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment