lain/cloudflare
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Import the new version

Browse source
This commit is contained in:
Lain Iwakura 2025-01-03 10:58:38 -03:00
commit d5dce5216c
Signed by: lain
GPG key ID: 89686F4239E80508
3 changed files with 212 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
.idea
config.ini

28
LICENSE Normal file
View file

@ -0,0 +1,28 @@
Lain Iwakura <lain@serialexperiments.club> 2019 ~ 2025
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the “Software”),
to deal in the Software without restriction, including without limitation
the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following conditions:
1. The above Name and Email shall be included in all copies or
substantial portions of the Software. Additionally, this license
file shall be included with the software files on top directory
with no changes on the file name or its contents.
2. In the case of selling copies of this software, you must direct a
portion of the income obtained to my address in the form of sweets,
cookies and milk. These may be replaced by technological gadgets, such as
full-sized robots, AI-controlled devices, tiny portable synthesizers,
and/or at your discretion sex devices remotely controlled via the internet.
3. In case you are making a lot of money with my software, you should send
a monthly email to the address at the top of this file with the subject
"I will feel only love" and in the content "I love you Lain". You are
also allowed to write whatever you want after this sentence.
3. You acknowledge that this software is not designed, licensed or
intended for use in the design, construction, operation or
maintenance of any nuclear facility.

182
cloudflare.py Executable file
View file

@ -0,0 +1,182 @@
#!/usr/bin/env python
# Lain Iwakura <lain@serialexperiments.club> 2019 ~ 2025
import argparse
import configparser
import json
import logging
import os
import socket
import subprocess
from typing import Any, Dict, List, Tuple, Sequence
import ifaddr
import miniupnpc
import requests
script_dir = os.path.abspath(os.path.dirname(__file__))
config = configparser.RawConfigParser()
logger = logging.getLogger(__name__)
class Cloudflare:
def __init__(self, host: str, mail: str, key: str, api_server: str = 'https://api.cloudflare.com') -> None:
self.api_server = api_server
self.mail = mail
self.key = key
self.host = host
def list_dns(self, zone_id: str, type_: str) -> Dict[str, Any]:
headers = {
'X-Auth-Email': self.mail,
'X-Auth-Key': self.key,
}
with requests.get(
f'{self.api_server}/client/v4/zones/{zone_id}/dns_records?type={type_}',
headers=headers
) as response_:
return response_.json()
def update_dns(
self,
domain: str,
zone_id: str,
record_id: str,
record_type: str,
address: str,
proxied: bool = True,
) -> requests.Response:
headers = {
'X-Auth-Email': self.mail,
'X-Auth-Key': self.key,
'Content-Type': 'application/json',
}
payload = {
'type': record_type,
'name': domain,
'proxied': proxied,
'content': address,
}
with requests.put(
f"{self.api_server}/client/v4/zones/{zone_id}/dns_records/{record_id}",
headers=headers,
data=json.dumps(payload),
) as response:
return response
def get_remote_address(self, zone_id: str, type_: str):
dns_list = self.list_dns(zone_id, type_)
return dns_list['result'][0]['content']
def issue_cert(self, ssl_home: str, acme_directory: str, domains: List[str]) -> None:
env = {
'HOME': ssl_home,
'CF_Key': self.key,
'CF_Email': self.mail,
}
acme = os.path.join(script_dir, acme_directory, 'acme.sh')
kwargs = [acme, '--issue', '--dns', 'dns_cf', '-d', self.host]
for domain in domains:
kwargs.extend(['-d', f"{domain}.{self.host}"])
try:
subprocess.check_call(kwargs, env=env)
except subprocess.CalledProcessError as exception:
if exception.returncode != 2 and exception.returncode != 0:
raise exception
class CloudflareAction(argparse.Action):
def __init__(self, **kwargs) -> None:
super().__init__(**kwargs)
mail = config.get('Cloudflare', 'mail')
key = config.get('Cloudflare', 'api_key')
self.zone_id = config.get('Cloudflare', 'zone_id')
self.domain = config.get('General', 'domain')
self.cloudflare = Cloudflare(self.domain, mail, key)
def __call__(
self,
parser: argparse.ArgumentParser,
namespace: argparse.Namespace,
values: str | Sequence[Any] | None,
option_string: str | None = None,
) -> None:
if option_string == '--list-dns':
assert isinstance(values, list), "Wrong params"
dns_list = self.cloudflare.list_dns(self.zone_id, values[0])
print(json.dumps(dns_list, indent=4))
if option_string == '--update-dns':
aaaa_record_id = config.get('Cloudflare', 'aaaa_record_id')
a_record_id = config.get('Cloudflare', 'a_record_id')
aaaa_proxied = config.getboolean('Cloudflare', 'aaaa_proxied')
a_proxied = config.getboolean('Cloudflare', 'a_proxied')
device = config.get('General', 'device')
local_a_address = get_local_address(device, (socket.AF_INET, 0))
local_aaaa_address = get_local_address(device, (socket.AF_INET6, 1))
remote_a_address = self.cloudflare.get_remote_address(self.zone_id, 'A')
remote_aaaa_address = self.cloudflare.get_remote_address(self.zone_id, 'AAAA')
if local_a_address != remote_a_address:
response = self.cloudflare.update_dns(
self.domain, self.zone_id, a_record_id, 'A', local_a_address, a_proxied,
)
print(f'A record: {response.status_code}', end='')
else:
print(f'A record: Already updated', end='')
print(f' [{local_a_address}]')
if local_aaaa_address != remote_aaaa_address:
response = self.cloudflare.update_dns(
self.domain, self.zone_id, aaaa_record_id, 'AAAA', local_aaaa_address, aaaa_proxied,
)
print(f'AAAA record: {response.status_code}', end='')
else:
print(f'AAAA record: Already updated', end='')
print(f' [{local_aaaa_address}]')
if option_string == '--issue-cert':
ssl_home = config.get('ssl', 'ssl_home')
acme_directory = config.get('ssl', 'acme_directory')
subdomains = config.get('General', 'subdomains').replace(' ', '').split(',')
self.cloudflare.issue_cert(ssl_home, acme_directory, subdomains)
def get_local_address(interface: str, type_: Tuple[socket.AddressFamily, int]):
if type_[0] == socket.AF_INET:
upnp = miniupnpc.UPnP()
upnp.discoverdelay = 200
upnp.discover()
upnp.selectigd()
return upnp.externalipaddress()
for adapter in ifaddr.get_adapters():
if adapter.name == interface:
for entry in adapter.ips:
if entry.is_IPv4:
continue
return entry.ip[0]
if __name__ == '__main__':
logging.basicConfig(level=logging.INFO)
config.read(os.path.join(script_dir, 'config.ini'))
command_parser = argparse.ArgumentParser()
command_parser.add_argument('--list-dns', action=CloudflareAction, nargs=1)
command_parser.add_argument('--update-dns', action=CloudflareAction, nargs=0)
command_parser.add_argument('--issue-cert', action=CloudflareAction, nargs=0)
command_parser.parse_args()