brunnels/cf-ddns-cron.yaml

## cf-ddns-cron.yaml
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: cf-ddns-updater
  namespace: kube-system
  labels:
    app.kubernetes.io/name: cf-ddns-updater
    app.kubernetes.io/instance: cf-ddns-updater
data:
  cf-ddns-updater.sh: |
    #!/bin/bash

    declare -a _RECORD_NAMES=($(echo $RECORD_NAMES | tr ", " " "));
    IP_FILE="/tmp/CloudFlare_IP";
    PROXIED=true;

    if [ "$AUTH_KEY" = "" ]; then
      echo "Missing AUTH_KEY";
      exit 2;
    fi;

    if [ "$AUTH_EMAIL" = "" ]; then
      echo "Missing AUTH_EMAIL";
      exit 2;
    fi;

    if [ "$ZONE_NAME" = "" ]; then
      echo "Missing ZONE_NAME";
      exit 2;
    fi;

    if [ ${#_RECORD_NAMES[@]} = 0 ] ; then
      echo "Missing hostname, you must provide at least one RECORD_NAMES.";
      exit 2;
    fi;

    RESPONSE=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=$ZONE_NAME" -H "X-Auth-Email: $AUTH_EMAIL" -H "X-Auth-Key: $AUTH_KEY" -H "Content-Type: application/json");
    ZONE_ID=$(echo $RESPONSE | grep -o '"id": *"[^"]*' | grep -o '[^"]*$' | head -1);

    if [ "$ZONE_ID" = "" ]; then
      echo "Something went wrong";
      echo "Response: $RESPONSE";
      exit 2;
    fi;

    if [ -f $IP_FILE ]; then
      IP_FROM_FILE=$(cat $IP_FILE);
    else
      IP_FROM_FILE="";
    fi;

    ACTUAL_IP=$(curl --silent https://api.ipify.org) || exit 1;

    if [ "$ACTUAL_IP" = "$IP_FROM_FILE" ]; then
      echo "IP didn't change";
      exit 0;
    fi;

    for i in ${!_RECORD_NAMES[@]}; do
      NAME_OF_RECORD=${_RECORD_NAMES[$i]};
      ID=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?name=$NAME_OF_RECORD" -H "X-Auth-Email: $AUTH_EMAIL" -H "X-Auth-Key: $AUTH_KEY" -H "Content-Type: application/json" | grep -o '"id": *"[^"]*' | grep -o '[^"]*$' | head -1);

      RECORD='{"type": "A", "name": "'"$NAME_OF_RECORD"'", "content": "'"$ACTUAL_IP"'", "ttl": 180, "proxied": '"$PROXIED"'}';

      RESPONSE=$(curl --silent "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$ID" \
        -X PUT \
        -H "Content-Type: application/json" \
        -H "X-Auth-Email: $AUTH_EMAIL" \
        -H "X-Auth-Key: $AUTH_KEY" \
        -d "$RECORD"
      );

      if [ "$(echo $RESPONSE | grep "\"success\":true")" != "" ]; then
        echo $ACTUAL_IP >$IP_FILE;
        echo "$NAME_OF_RECORD IP address updated successful";
      else
        echo "Something went wrong";
        echo "Response: $RESPONSE";
        exit 2;
      fi;
    done || exit 1;
---
apiVersion: v1
kind: Secret
metadata:
  name: cf-ddns-updater-values
  namespace: kube-system
type: Opaque
stringData:
  AUTH_EMAIL: "email unencoded"
  AUTH_KEY: "auth key string unencoded"
  RECORD_NAMES: "record names to update"
  # don't include wildcards
  ZONE_NAME: "domain.org, domain2.org"
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
  namespace: kube-system
  name: cf-ddns-updater
spec:
  schedule: "0 * * * *"
  failedJobsHistoryLimit: 1
  successfulJobsHistoryLimit: 3
  concurrencyPolicy: Forbid
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: Never
          containers:
            - name: cf-ddns-updater
              image: ellerbrock/alpine-bash-curl-ssl:0.3.0
              imagePullPolicy: IfNotPresent
              envFrom:
                - secretRef:
                    name: cf-ddns-updater-values
              command:
                - "/bin/sh"
                - "-ec"
                - "/app/cf-ddns-updater.sh"
              volumeMounts:
              - name: cf-ddns-updater
                mountPath: /app/cf-ddns-updater.sh
                subPath: cf-ddns-updater.sh
                readOnly: true
          volumes:
            - name: cf-ddns-updater
              projected:
                defaultMode: 0775
                sources:
                - configMap:
                    name: cf-ddns-updater
                    items:
                    - key: cf-ddns-updater.sh
                      path: cf-ddns-updater.sh
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: cf-ddns-updater
	namespace: kube-system
	labels:
	app.kubernetes.io/name: cf-ddns-updater
	app.kubernetes.io/instance: cf-ddns-updater
	data:
	cf-ddns-updater.sh: \|
	#!/bin/bash

	declare -a _RECORD_NAMES=($(echo $RECORD_NAMES \| tr ", " " "));
	IP_FILE="/tmp/CloudFlare_IP";
	PROXIED=true;

	if [ "$AUTH_KEY" = "" ]; then
	echo "Missing AUTH_KEY";
	exit 2;
	fi;

	if [ "$AUTH_EMAIL" = "" ]; then
	echo "Missing AUTH_EMAIL";
	exit 2;
	fi;

	if [ "$ZONE_NAME" = "" ]; then
	echo "Missing ZONE_NAME";
	exit 2;
	fi;

	if [ ${#_RECORD_NAMES[@]} = 0 ] ; then
	echo "Missing hostname, you must provide at least one RECORD_NAMES.";
	exit 2;
	fi;

	RESPONSE=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=$ZONE_NAME" -H "X-Auth-Email: $AUTH_EMAIL" -H "X-Auth-Key: $AUTH_KEY" -H "Content-Type: application/json");
	ZONE_ID=$(echo $RESPONSE \| grep -o '"id": "[^"]' \| grep -o '[^"]*$' \| head -1);

	if [ "$ZONE_ID" = "" ]; then
	echo "Something went wrong";
	echo "Response: $RESPONSE";
	exit 2;
	fi;

	if [ -f $IP_FILE ]; then
	IP_FROM_FILE=$(cat $IP_FILE);
	else
	IP_FROM_FILE="";
	fi;

	ACTUAL_IP=$(curl --silent https://api.ipify.org) \|\| exit 1;

	if [ "$ACTUAL_IP" = "$IP_FROM_FILE" ]; then
	echo "IP didn't change";
	exit 0;
	fi;

	for i in ${!_RECORD_NAMES[@]}; do
	NAME_OF_RECORD=${_RECORD_NAMES[$i]};
	ID=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?name=$NAME_OF_RECORD" -H "X-Auth-Email: $AUTH_EMAIL" -H "X-Auth-Key: $AUTH_KEY" -H "Content-Type: application/json" \| grep -o '"id": "[^"]' \| grep -o '[^"]*$' \| head -1);

	RECORD='{"type": "A", "name": "'"$NAME_OF_RECORD"'", "content": "'"$ACTUAL_IP"'", "ttl": 180, "proxied": '"$PROXIED"'}';

	RESPONSE=$(curl --silent "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$ID" \
	-X PUT \
	-H "Content-Type: application/json" \
	-H "X-Auth-Email: $AUTH_EMAIL" \
	-H "X-Auth-Key: $AUTH_KEY" \
	-d "$RECORD"
	);

	if [ "$(echo $RESPONSE \| grep "\"success\":true")" != "" ]; then
	echo $ACTUAL_IP >$IP_FILE;
	echo "$NAME_OF_RECORD IP address updated successful";
	else
	echo "Something went wrong";
	echo "Response: $RESPONSE";
	exit 2;
	fi;
	done \|\| exit 1;
	---
	apiVersion: v1
	kind: Secret
	metadata:
	name: cf-ddns-updater-values
	namespace: kube-system
	type: Opaque
	stringData:
	AUTH_EMAIL: "email unencoded"
	AUTH_KEY: "auth key string unencoded"
	RECORD_NAMES: "record names to update"
	# don't include wildcards
	ZONE_NAME: "domain.org, domain2.org"
	---
	apiVersion: batch/v1beta1
	kind: CronJob
	metadata:
	namespace: kube-system
	name: cf-ddns-updater
	spec:
	schedule: "0 * * * *"
	failedJobsHistoryLimit: 1
	successfulJobsHistoryLimit: 3
	concurrencyPolicy: Forbid
	jobTemplate:
	spec:
	template:
	spec:
	restartPolicy: Never
	containers:
	- name: cf-ddns-updater
	image: ellerbrock/alpine-bash-curl-ssl:0.3.0
	imagePullPolicy: IfNotPresent
	envFrom:
	- secretRef:
	name: cf-ddns-updater-values
	command:
	- "/bin/sh"
	- "-ec"
	- "/app/cf-ddns-updater.sh"
	volumeMounts:
	- name: cf-ddns-updater
	mountPath: /app/cf-ddns-updater.sh
	subPath: cf-ddns-updater.sh
	readOnly: true
	volumes:
	- name: cf-ddns-updater
	projected:
	defaultMode: 0775
	sources:
	- configMap:
	name: cf-ddns-updater
	items:
	- key: cf-ddns-updater.sh
	path: cf-ddns-updater.sh