||2 years ago|
|LICENSE||3 years ago|
|README.md||2 years ago|
|agent.py||3 years ago|
|worker.js||3 years ago|
This repository provides two simple scripts that together will allow you to build a simple and efficient DDNS system using Cloudflare Workers and DNS.
Example use case: You have a machine where the IP address is dynamically assigned and changes frequently.
agent.py will regularly contact the CF worker running the
that will in turn use the cloudflare API to update the DNS record in question
with the new IP address.
Why use Workers
Because we don't want to signup to an extra external service, we want to apply the principle of the least privilege and the name should belong to a domain we control.
Since Cloudflare API Token permissions aren't granular enough to limit the token access to a single DNS record, we place a worker in front of it (this way the token with extra priviledges never leaves cloudflare's servers).
Both scripts (
agent.py) don't require any extra dependencies,
so they can be copied right out of the repository tothe destination without any
Before starting, you need to create a new API Token on your Cloudflare's profile page with permissions to edit the DNS records of one of your domains (Zone).
The next step is to create a new worker and then set
worker.js as its content.
This can be easily done using the "Quick Edit" button on the worker's detail page.
Add the following environment variables on the worker settings tab:
CF_API_TOKEN- The token you just created. You just also click on the "encrypt" button.
SHARED_KEY- Generate a long and random string and put it here. Click encrypt.
DNS_RECORD- the DNS record that should be updated. Something like
ZONE- The zone_id of your domain. You can find it on the sidebar of the domain overview page.
Then deploy the worker.
agent.py file to the machine you want your subdomain/domain
Set the following environment variables:
SHARED_KEY- The same long and random string you generated for the worker.
WORKER_URL- The URL of your worker.
Then execute the script:
In the most common scenario you will want to run it periodically. So you will need to
use a scheduler like
cron or a
systemd timer unit. Below is a simple example
that can be inserted after running
SHARED_KEY=<your-generated-key> WORKER_URL=<cf-worker-url> */5 * * * * /path/to/agent.py