forked from spf-tools/spf-tools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloudflare.sh
executable file
·93 lines (77 loc) · 2.65 KB
/
cloudflare.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#!/bin/sh
##############################################################################
#
# Copyright 2015 spf-tools team (see AUTHORS)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
##############################################################################
#
# Script to update pre-existing TXT SPF records for
# a domain according to the input in DNS zone format.
#
# Requires jq(1) from http://stedolan.github.io/jq/
#
# Usage: ./despf.sh | ./simplify.sh | mkblocks.sh | \
# mkzoneent.sh | ./cloudflare.sh <domain>
# E.g.: ... | ./cloudflare.sh spf-tools.eu.org
test -n "$DEBUG" && set -x
for cmd in jq awk sed grep
do
type $cmd >&2 || exit 1
done
a="/$0"; a=${a%/*}; a=${a:-.}; a=${a#/}/; BINDIR=$(cd $a; pwd)
. $BINDIR/include/global.inc.sh
DOMAIN=${1:-'spf-tools.eu.org'}
APIURL="https://api.cloudflare.com/client/v4"
apicmd() {
CMD=${1:-'GET'}
test -n "$1" && shift
REST=${1:-'/zones'}
test -n "$1" && shift
curl -X $CMD ${APIURL}${REST} \
-s \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type:application/json" \
"$@"
}
# Read TOKEN
test -r $SPFTRC && . $SPFTRC
test -n "$TOKEN" || { echo "TOKEN not set! Exiting." >&2; exit 1; }
test "$1" = "verify" && {
apicmd GET "/user/tokens/verify"
exit
}
idsfile=$(mktemp /tmp/cloudflare-ids-XXXXXX)
zonefile=$(mktemp /tmp/cloudflare-zone-XXXX)
cat > $zonefile
trap "rm -f $idsfile $zonefile $zonefile-data" EXIT
DOMAIN_ID=$(apicmd GET /zones | jq -r '.result | .[] | .name + ":" + .id' \
| grep "$ROOT_DOMAIN:") \
|| exit 1
DOMAIN_ID=$(echo $DOMAIN_ID | cut -d: -f2)
apicmd GET "/zones/$DOMAIN_ID/dns_records?type=TXT" \
| jq -r '.result | .[] | .name + ":" + .id' > $idsfile
while read line
do
name=$(echo $line | cut -d" " -f1)
content=$(echo $line | cut -d \" -f2 | tr -d \")
id_to_change=$(grep "^$name" $idsfile | cut -d: -f2)
echo -n "Changing $name with id $id_to_change... "
cat > $zonefile-data <<EOF
{"type":"TXT","name":"$name","content":"$content"}
EOF
apicmd PUT "/zones/$DOMAIN_ID/dns_records/$id_to_change" \
--data "@${zonefile}-data" | jq .success | grep -q true \
&& echo OK || echo error
done < $zonefile