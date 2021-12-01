CLI for interacting with Cloudflare

Installation

You can install using NPM or using Docker

Install via npm

npm install -g cloudflare-cli

Install from Dockerhub

docker pull dpig/cloudflare-cli:latest docker run --rm -it dpig/cloudflare-cli -h

Build Dockerfile locally

git clone https://github.com/danielpigott/cloudflare-cli.git\ docker build -t cloudflare-cli . docker run --rm -it cloudflare-cli -h

Setup

You can setup a yaml config file with default parameters e.g. token and email. By default cfcli will look for ".cfcli.yml" in your home directory (you can also pass in a config file with -c)

Cloudflare API Keys and Tokens

Cloudflare has two API client methods: API Tokens and API Keys (Legacy) (See below screenshot)

API Tokens can be setup with specific permissions and do not use an email address. Recommended by Cloudflare

can be setup with specific permissions and do not use an email address. Recommended by Cloudflare API Keys are the legacy method, do not have specific permissions and require the corresponding user's email address to be provided.

In the cfcli setup, if you exclude an email address, then the cfcli tool will assume you are using an API Token instead of an API Key.

Configuration Example

If you have only one cloudflare account you can set it up as below:

defaults: token: <cloudflare-token> email: <you@domain.com> domain: <default-cloudflare-domain>

If you have multiple cloudflare accounts, and you can set up accounts as below:

defaults: account: work accounts: work: token: <cloudflare-token> email: <you@domain.com> domain: <default-cloudflare-domain> play: token: <cloudflare-token> email: <you@domain.com> domain: <default-cloudflare-domain> adventure: token: <cloudflare-token> domain: <default-cloudflare-domain>

You can then use -u play to interact with the second cloudflare account.

If the email option is excluded, then the request will be made using what is assumed to be an API Token vs. an API Key.

defaults: account: adventure accounts: adventure: token: <cloudflare-token> domain: <default-cloudflare-domain>

Environment Variables

Environment variables take precedence over the configuration file.

If the CF_API_EMAIL variable is excluded, then the request will be made using what is assumed to be an API Token vs. an API Key.

CF_API_KEY CF_API_EMAIL CF_API_DOMAIN

Usage

NAME cfcli - Interact with cloudflare from the command line SYNOPSIS cfcli [options] command [parameters] OPTIONS : -c --config Path to yml file with config defaults (defaults to ~/.cfcli.yml -e --email Email of your cloudflare account -k --token Token for your cloudflare account -u --account Choose one of your named cloudflare accounts from .cfcli.yml -d --domain Domain to operate on -a --activate Activate cloudflare after creating record ( for addrecord) -f --format Format when printing records (csv,json or table) -t -- type Type of record ( for dns record functions) -p --priority Set priority when adding a record ( MX or SRV ) -q --query Comma separated filters to use when finding a record -l --ttl Set ttl on add or edit ( 120 - 86400 seconds, or 1 for auto) -h --help Display help COMMANDS : add <name> <content> Add a DNS record. Use -a to activate cf after creation always-use-https on|off Toggle Always Use HTTPS mode on/off devmode on|off Toggle development mode on/off disable <name> [content] Disable cloudflare caching for given record and optionally specific value edit <name> <content> Edit a DNS record. enable <name> [content] Enable cloudflare caching for given record and optionally specific value find <name> [content] Find a record with given name and optionally specific value ls List dns records for the domain purge [urls] Purge file at given urls (space separated) or all files if no url given rm <name> [content] Remove record with given name and optionally specific value zone-add <name> Add a zone for given name zones List domains in your cloudflare account

Examples

Add a new A record (mail) and activate cloudflare (-a)

cfcli -a -t A add mail 8 .8 .8 .8

Edit a record (mail) and set the TTL

cfcli --ttl 120 edit mail 8.8 .8 .8

Add an SRV record (then 3 numbers are priority, weight and port respectively)

cfcli -t SRV add _ sip ._tcp .example .com 1 1 1 example .com

Find all records matching the content value test.com

cfcli find -q content :test.com

Remove all records with the name test

cfcli rm test

Remove record with name test, type of A and value 1.1.1.1

cfcli rm test -q content:1.1.1.1, type :A

Enable cloudflare for any records that match test

cfcli enable test

Enable cloudflare for a record test with the value test.com

cfcli enable test test.com

Export domain records for test.com to csv

cfcli -d test .com -f csv listrecords > test .csv

Purge a given files from cache

cfcli -d test.com purge http://test.com/script.js http://test.com/styles.css

Enable dev mode for test.com domain

cfcli -d test.com devmode on

Add the zone test.com

cfcli zone - add test.com

Testing

In order to run the tests you will need to set valid values for the CF_API_EMAIL and CF_API_KEY environment variables.

Running the tests will add a zone (cloudflaretest.com), add and remove records against that domain and then remove the zone.

The tests can be run with the following command