commit 90449acecc581c2add8de2b469f90de129fc2f93 Author: exkc Date: Fri Aug 12 08:51:02 2022 +0800 update diff --git a/README.md b/README.md new file mode 100644 index 0000000..bc95e2b --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +# openwrt_cloudflare_ddns-exkc + +A fork of openwrt's cloudflare ddns that support sub domain + +# NOTE + +Keep In Mind there r some setting r hardcodeed. diff --git a/update_cloudflare_com_v4.sh b/update_cloudflare_com_v4.sh new file mode 100755 index 0000000..f295b4a --- /dev/null +++ b/update_cloudflare_com_v4.sh @@ -0,0 +1,201 @@ +#!/bin/sh +# +#.Distributed under the terms of the GNU General Public License (GPL) version 2.0 +# +# script for sending updates to cloudflare.com +#.based on Ben Kulbertis cloudflare-update-record.sh found at http://gist.github.com/benkulbertis +#.and on George Johnson's cf-ddns.sh found at https://github.com/gstuartj/cf-ddns.sh +#.2016-2018 Christian Schoenebeck +# CloudFlare API documentation at https://api.cloudflare.com/ +# +# This script is parsed by dynamic_dns_functions.sh inside send_update() function +# +# using following options from /etc/config/ddns +# option username - your cloudflare e-mail +# option password - cloudflare api key, you can get it from cloudflare.com/my-account/ +# option domain - "hostname@yourdomain.TLD" # syntax changed to remove split_FQDN() function and tld_names.dat.gz +# +# The proxy status would not be changed by this script. Please change it in Cloudflare dashboard manually. +# +# variable __IP already defined with the ip-address to use for update +# +# check parameters +[ -z "$CURL" ] && [ -z "$CURL_SSL" ] && write_log 14 "Cloudflare communication require cURL with SSL support. Please install" +[ -z "$password" ] && write_log 14 "Service section not configured correctly! Missing secret as 'password'" +[ $use_https -eq 0 ] && use_https=1 # force HTTPS +username="Bearer" +UWU_ZONE="exkc.hair" +# used variables +local __HOST __DOMAIN __TYPE __URLBASE __PRGBASE __RUNPROG __DATA __IPV6 __ZONEID __RECID __PROXIED +local __URLBASE="https://api.cloudflare.com/client/v4" +local __TTL=120 + +# split __HOST __DOMAIN from $domain +# given data: +# @example.com for "domain record" +# host.sub@example.com for a "host record" +__HOST=$(printf %s "$domain" | cut -d@ -f1) +__DOMAIN=$(printf %s "$domain" | cut -d@ -f2) + +# Cloudflare v4 needs: +# __DOMAIN = the base domain i.e. example.com +# __HOST = the FQDN of record to modify +# i.e. example.com for the "domain record" or host.sub.example.com for "host record" + +# handling domain record then set __HOST = __DOMAIN +[ -z "$__HOST" ] && __HOST=$__DOMAIN +# handling host record then rebuild fqdn host@domain.tld => host.domain.tld +[ "$__HOST" != "$__DOMAIN" ] && __HOST="${__HOST}.${__DOMAIN}" + +# set record type +[ $use_ipv6 -eq 0 ] && __TYPE="A" || __TYPE="AAAA" + +# transfer function to use for godaddy +# all needed variables are set global here +# so we can use them directly +cloudflare_transfer() { + local __CNT=0 + local __ERR + while : ; do + write_log 7 "#> $__RUNPROG" + eval "$__RUNPROG" + __ERR=$? # save communication error + [ $__ERR -eq 0 ] && break # no error break while + + write_log 3 "cURL Error: '$__ERR'" + write_log 7 "$(cat $ERRFILE)" # report error + + [ $VERBOSE_MODE -gt 1 ] && { + # VERBOSE_MODE > 1 then NO retry + write_log 4 "Transfer failed - Verbose Mode: $VERBOSE_MODE - NO retry on error" + break + } + + __CNT=$(( $__CNT + 1 )) # increment error counter + # if error count > retry_count leave here + [ $retry_count -gt 0 -a $__CNT -gt $retry_count ] && \ + write_log 14 "Transfer failed after $retry_count retries" + + write_log 4 "Transfer failed - retry $__CNT/$retry_count in $RETRY_SECONDS seconds" + sleep $RETRY_SECONDS & + PID_SLEEP=$! + wait $PID_SLEEP # enable trap-handler + PID_SLEEP=0 + done + + # check for error + grep -q '"success":\s*true' $DATFILE || { + write_log 4 "CloudFlare reported an error:" + write_log 7 "$(cat $DATFILE)" # report error + return 1 # HTTP-Fehler + } +} + +# Build base command to use +__PRGBASE="$CURL -RsS -o $DATFILE --stderr $ERRFILE" +# force network/interface-device to use for communication +if [ -n "$bind_network" ]; then + local __DEVICE + network_get_physdev __DEVICE $bind_network || \ + write_log 13 "Can not detect local device using 'network_get_physdev $bind_network' - Error: '$?'" + write_log 7 "Force communication via device '$__DEVICE'" + __PRGBASE="$__PRGBASE --interface $__DEVICE" +fi +# force ip version to use +if [ $force_ipversion -eq 1 ]; then + [ $use_ipv6 -eq 0 ] && __PRGBASE="$__PRGBASE -4" || __PRGBASE="$__PRGBASE -6" # force IPv4/IPv6 +fi +# set certificate parameters +if [ "$cacert" = "IGNORE" ]; then # idea from Ticket #15327 to ignore server cert + __PRGBASE="$__PRGBASE --insecure" # but not empty better to use "IGNORE" +elif [ -f "$cacert" ]; then + __PRGBASE="$__PRGBASE --cacert $cacert" +elif [ -d "$cacert" ]; then + __PRGBASE="$__PRGBASE --capath $cacert" +elif [ -n "$cacert" ]; then # it's not a file and not a directory but given + write_log 14 "No valid certificate(s) found at '$cacert' for HTTPS communication" +fi +# disable proxy if not set (there might be .wgetrc or .curlrc or wrong environment set) +# or check if libcurl compiled with proxy support +if [ -z "$proxy" ]; then + __PRGBASE="$__PRGBASE --noproxy '*'" +elif [ -z "$CURL_PROXY" ]; then + # if libcurl has no proxy support and proxy should be used then force ERROR + write_log 13 "cURL: libcurl compiled without Proxy support" +fi +# set headers +if [ "$username" = "Bearer" ]; then + write_log 7 "Found Username 'Bearer' using Password as Bearer Authorization Token" + __PRGBASE="$__PRGBASE --header 'Authorization: Bearer $password' " +else + __PRGBASE="$__PRGBASE --header 'X-Auth-Email: $username' " + __PRGBASE="$__PRGBASE --header 'X-Auth-Key: $password' " +fi +__PRGBASE="$__PRGBASE --header 'Content-Type: application/json' " + +if [ -n "$zone_id" ]; then + __ZONEID="$zone_id" +else + # read zone id for registered domain.TLD + __RUNPROG="$__PRGBASE --request GET '$__URLBASE/zones?name=$UWU_ZONE'" + cloudflare_transfer || return 1 + # extract zone id + __ZONEID=$(grep -o '"id":\s*"[^"]*' $DATFILE | grep -o '[^"]*$' | head -1) + [ -z "$__ZONEID" ] && { + write_log 4 "Could not detect 'zone id' for domain.tld: '$__DOMAIN'" + return 127 + } +fi + +# read record id for A or AAAA record of host.domain.TLD +__RUNPROG="$__PRGBASE --request GET '$__URLBASE/zones/$__ZONEID/dns_records?name=$__HOST&type=$__TYPE'" +cloudflare_transfer || return 1 +# extract record id +__RECID=$(grep -o '"id":\s*"[^"]*' $DATFILE | grep -o '[^"]*$' | head -1) +[ -z "$__RECID" ] && { + write_log 4 "Could not detect 'record id' for host.domain.tld: '$__HOST'" + return 127 +} + +# extract current stored IP +__DATA=$(grep -o '"content":\s*"[^"]*' $DATFILE | grep -o '[^"]*$' | head -1) + +# check data +[ $use_ipv6 -eq 0 ] \ + && __DATA=$(printf "%s" "$__DATA" | grep -m 1 -o "$IPV4_REGEX") \ + || __DATA=$(printf "%s" "$__DATA" | grep -m 1 -o "$IPV6_REGEX") + +# we got data so verify +[ -n "$__DATA" ] && { + # expand IPv6 for compare + if [ $use_ipv6 -eq 1 ]; then + expand_ipv6 $__IP __IPV6 + expand_ipv6 $__DATA __DATA + [ "$__DATA" = "$__IPV6" ] && { # IPv6 no update needed + write_log 7 "IPv6 at CloudFlare.com already up to date" + return 0 + } + else + [ "$__DATA" = "$__IP" ] && { # IPv4 no update needed + write_log 7 "IPv4 at CloudFlare.com already up to date" + return 0 + } + fi +} + +# update is needed +# let's build data to send +# set proxied parameter +__PROXIED=$(grep -o '"proxied":\s*[^",]*' $DATFILE | grep -o '[^:]*$') + +# use file to work around " needed for json +cat > $DATFILE << EOF +{"id":"$__ZONEID","type":"$__TYPE","name":"$__HOST","content":"$__IP","ttl":$__TTL,"proxied":$__PROXIED} +EOF + +# let's complete transfer command +__RUNPROG="$__PRGBASE --request PUT --data @$DATFILE '$__URLBASE/zones/$__ZONEID/dns_records/$__RECID'" +cloudflare_transfer || return 1 + +return 0 +