dnscontrol/docs/_providers/cloudflare.md

---
name: Cloudflare
layout: default
jsId: CLOUDFLAREAPI
---
# Cloudflare Provider

## Configuration

In your providers config json file you must provide your cloudflare.com api
username and access token:

{% highlight json %}
{
  "cloudflare.com":{
    "apikey": "your-cloudflare-api-key",
    "apiuser": "your-cloudflare-email-address"
  }
}
{% endhighlight %}

## Metadata

Record level metadata availible:
   * `cloudflare_proxy` ("on", "off", or "full")

Domain level metadata availible:
   * `cloudflare_proxy_default` ("on", "off", or "full")

Provider level metadata availible:
   * `ip_conversions`
   * `manage_redirects`: set to `true` to manage page-rule based redirects

What does on/off/full mean?

   * "off" disables the Cloudflare proxy
   * "on" enables the Cloudflare proxy (turns on the "orange cloud")
   * "full" is the same as "on" but also enables Railgun.  DNSControl will prevent you from accidentally enabling "full" on a CNAME that points to an A record that is set to "off", as this is generally not desired.

**Aliases:**

To make configuration files more readable and less prone to typos,
the following aliases are pre-defined:

{% highlight json %}
// Meta settings for individual records.
var CF_PROXY_OFF = {'cloudflare_proxy': 'off'};     // Proxy disabled.
var CF_PROXY_ON = {'cloudflare_proxy': 'on'};       // Proxy enabled.
var CF_PROXY_FULL = {'cloudflare_proxy': 'full'};   // Proxy+Railgun enabled.
// Per-domain meta settings:
// Proxy default off for entire domain (the default):
var CF_PROXY_DEFAULT_OFF = {'cloudflare_proxy_default': 'off'};
// Proxy default on for entire domain:
var CF_PROXY_DEFAULT_ON = {'cloudflare_proxy_default': 'on'};
{% endhighlight %}

The following example shows how to set meta variables with and without aliases:

{% highlight json %}
D('example.tld', REG_NAMECOM, DnsProvider(CFLARE),
    A('www1','1.2.3.11', CF_PROXY_ON),       // turn proxy ON.
    A('www2','1.2.3.12', CF_PROXY_OFF),      // default is OFF, this is a no-op.
    A('www3','1.2.3.13', {'cloudflare_proxy': 'on'}) // why would anyone do this?
);
{% endhighlight %}

## Usage

Example javascript:

{% highlight js %}
var REG_NAMECOM = NewRegistrar('name.com','NAMEDOTCOM');
var CFLARE = NewDnsProvider('cloudflare.com','CLOUDFLAREAPI');

// Example domain where the CF proxy abides by the default (off).
D('example.tld', REG_NAMECOM, DnsProvider(CFLARE),
    A('proxied','1.2.3.4', CF_PROXY_ON),
    A('notproxied','1.2.3.5'),
    A('another','1.2.3.6', CF_PROXY_ON),
    ALIAS('@','www.example.tld.', CF_PROXY_ON),
    CNAME('myalias','www.example.tld.', CF_PROXY_ON)
);

// Example domain where the CF proxy default is set to "on":
D('example2.tld', REG_NAMECOM, DnsProvider(CFLARE),
    CF_PROXY_DEFAULT_ON, // Enable CF proxy for all items unless otherwise noted.
    A('proxied','1.2.3.4'),
    A('notproxied','1.2.3.5', CF_PROXY_OFF),
    A('another','1.2.3.6'),
    ALIAS('@','www.example2.tld.'),
    CNAME('myalias','www.example2.tld.')
);
{%endhighlight%}

## Activation

DNSControl depends on a Cloudflare Global API Key that's available under "My Settings".

## New domains

If a domain does not exist in your CloudFlare account, DNSControl
will *not* automatically add it. You'll need to do that via the
control panel manually or via the `dnscontrol create-domains` command.

## Redirects

The cloudflare provider can manage Page-Rule based redirects for your domains. Simply use the `CF_REDIRECT` and `CF_TEMP_REDIRECT` functions to make redirects:

{% highlight js %}

// chiphacker.com is an alias for electronics.stackexchange.com

var CFLARE = NewDnsProvider('cloudflare.com','CLOUDFLAREAPI', {"manage_redirects": true}); // enable manage_redirects

D("chiphacker.com", REG_NAMECOM, DnsProvider(CFLARE),
    // must have A records with orange cloud on. Otherwise page rule will never run.
    A("@","1.2.3.4", CF_PROXY_ON),
    A("www", "1.2.3.4", CF_PROXY_ON)
    A("meta", "1.2.3.4", CF_PROXY_ON),

    // 302 for meta subdomain
    CF_TEMP_REDIRECT("meta.chiphacker.com/*", "https://electronics.meta.stackexchange.com/$1"),

    // 301 all subdomains and preserve path
    CF_REDIRECT("*chiphacker.com/*", "https://electronics.stackexchange.com/$2"),
);
{%endhighlight%}

Notice a few details:

1. We need an A record with cloudflare proxy on, or the page rule will never run.
2. The IP address in those A records may be mostly irrelevant, as cloudflare should handle all requests (assuming some page rule matches).
3. Ordering matters for priority. CF_REDIRECT records will be added in the order they appear in your js. So put catch-alls at the bottom.
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00			`---`
			`name: Cloudflare`
			`layout: default`
			`jsId: CLOUDFLAREAPI`
			`---`
			`# Cloudflare Provider`

			`## Configuration`

			`In your providers config json file you must provide your cloudflare.com api`
			`username and access token:`

			`{% highlight json %}`
			`{`
			`"cloudflare.com":{`
			`"apikey": "your-cloudflare-api-key",`
Docs fixes (#85) * Clarify what "apiuser" is in Cloudflare docs Confusingly it is the email address associated with the account, not the username. * Remove Gandi registrar from docs Because it doesn't actually exist. 2017-04-20 00:41:12 +08:00			`"apiuser": "your-cloudflare-email-address"`
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00			`}`
			`}`
			`{% endhighlight %}`

			`## Metadata`

			`Record level metadata availible:`
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00			* `cloudflare_proxy` ("on", "off", or "full")
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00
			`Domain level metadata availible:`
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00			* `cloudflare_proxy_default` ("on", "off", or "full")
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00
			`Provider level metadata availible:`
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00			* `ip_conversions`
			* `manage_redirects`: set to `true` to manage page-rule based redirects
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`What does on/off/full mean?`
Add CF aliases 2017-05-11 13:02:57 +08:00
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`* "off" disables the Cloudflare proxy`
			`* "on" enables the Cloudflare proxy (turns on the "orange cloud")`
			`* "full" is the same as "on" but also enables Railgun. DNSControl will prevent you from accidentally enabling "full" on a CNAME that points to an A record that is set to "off", as this is generally not desired.`

			`Aliases:`
Add CF aliases 2017-05-11 13:02:57 +08:00
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`To make configuration files more readable and less prone to typos,`
			`the following aliases are pre-defined:`
Add CF aliases 2017-05-11 13:02:57 +08:00
			`{% highlight json %}`
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`// Meta settings for individual records.`
			`var CF_PROXY_OFF = {'cloudflare_proxy': 'off'}; // Proxy disabled.`
			`var CF_PROXY_ON = {'cloudflare_proxy': 'on'}; // Proxy enabled.`
			`var CF_PROXY_FULL = {'cloudflare_proxy': 'full'}; // Proxy+Railgun enabled.`
			`// Per-domain meta settings:`
			`// Proxy default off for entire domain (the default):`
			`var CF_PROXY_DEFAULT_OFF = {'cloudflare_proxy_default': 'off'};`
			`// Proxy default on for entire domain:`
			`var CF_PROXY_DEFAULT_ON = {'cloudflare_proxy_default': 'on'};`
Add CF aliases 2017-05-11 13:02:57 +08:00			`{% endhighlight %}`

Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`The following example shows how to set meta variables with and without aliases:`
Add CF aliases 2017-05-11 13:02:57 +08:00
			`{% highlight json %}`
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`D('example.tld', REG_NAMECOM, DnsProvider(CFLARE),`
			`A('www1','1.2.3.11', CF_PROXY_ON), // turn proxy ON.`
			`A('www2','1.2.3.12', CF_PROXY_OFF), // default is OFF, this is a no-op.`
			`A('www3','1.2.3.13', {'cloudflare_proxy': 'on'}) // why would anyone do this?`
Add CF aliases 2017-05-11 13:02:57 +08:00			`);`
			`{% endhighlight %}`

Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00			`## Usage`

			`Example javascript:`

			`{% highlight js %}`
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`var REG_NAMECOM = NewRegistrar('name.com','NAMEDOTCOM');`
			`var CFLARE = NewDnsProvider('cloudflare.com','CLOUDFLAREAPI');`

			`// Example domain where the CF proxy abides by the default (off).`
			`D('example.tld', REG_NAMECOM, DnsProvider(CFLARE),`
			`A('proxied','1.2.3.4', CF_PROXY_ON),`
			`A('notproxied','1.2.3.5'),`
			`A('another','1.2.3.6', CF_PROXY_ON),`
			`ALIAS('@','www.example.tld.', CF_PROXY_ON),`
			`CNAME('myalias','www.example.tld.', CF_PROXY_ON)`
			`);`
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			`// Example domain where the CF proxy default is set to "on":`
			`D('example2.tld', REG_NAMECOM, DnsProvider(CFLARE),`
			`CF_PROXY_DEFAULT_ON, // Enable CF proxy for all items unless otherwise noted.`
			`A('proxied','1.2.3.4'),`
			`A('notproxied','1.2.3.5', CF_PROXY_OFF),`
			`A('another','1.2.3.6'),`
			`ALIAS('@','www.example2.tld.'),`
			`CNAME('myalias','www.example2.tld.')`
Added docs for Cloudflare DNS provider (#65) 2017-04-01 21:44:35 +08:00			`);`
			`{%endhighlight%}`

			`## Activation`

			`DNSControl depends on a Cloudflare Global API Key that's available under "My Settings".`
Document that providers don't (or do) add domains to your account automatically. 2017-05-03 21:32:47 +08:00
			`## New domains`

			`If a domain does not exist in your CloudFlare account, DNSControl`
			`will not automatically add it. You'll need to do that via the`
Update alias examples in cloudflare doc 2017-05-17 03:55:51 +08:00			control panel manually or via the `dnscontrol create-domains` command.
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00
			`## Redirects`

			The cloudflare provider can manage Page-Rule based redirects for your domains. Simply use the `CF_REDIRECT` and `CF_TEMP_REDIRECT` functions to make redirects:

			`{% highlight js %}`

			`// chiphacker.com is an alias for electronics.stackexchange.com`

Cloudflare documentation update (#167) * Fix syntax errors in documentation * Add example on how to enable manage_redirects 2017-08-03 01:51:13 +08:00			`var CFLARE = NewDnsProvider('cloudflare.com','CLOUDFLAREAPI', {"manage_redirects": true}); // enable manage_redirects`

Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00			`D("chiphacker.com", REG_NAMECOM, DnsProvider(CFLARE),`
			`// must have A records with orange cloud on. Otherwise page rule will never run.`
			`A("@","1.2.3.4", CF_PROXY_ON),`
			`A("www", "1.2.3.4", CF_PROXY_ON)`
			`A("meta", "1.2.3.4", CF_PROXY_ON),`

			`// 302 for meta subdomain`
Cloudflare documentation update (#167) * Fix syntax errors in documentation * Add example on how to enable manage_redirects 2017-08-03 01:51:13 +08:00			`CF_TEMP_REDIRECT("meta.chiphacker.com/*", "https://electronics.meta.stackexchange.com/$1"),`
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00
			`// 301 all subdomains and preserve path`
Cloudflare documentation update (#167) * Fix syntax errors in documentation * Add example on how to enable manage_redirects 2017-08-03 01:51:13 +08:00			`CF_REDIRECT("chiphacker.com/", "https://electronics.stackexchange.com/$2"),`
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00			`);`
			`{%endhighlight%}`

			`Notice a few details:`

docs/ Remove whitespace at EOL 2017-08-30 01:49:39 +08:00			`1. We need an A record with cloudflare proxy on, or the page rule will never run.`
Cloudflare Redirects (#119) * function sig * sig * some custom record infrastructure * CLOUDFLARE REDIRECTS! * comments out * guarding redirects behind provider metadata to manage * catch commas in js to ensure proper encoding. * gen * small fix * revendor otto * docs 2017-05-20 02:15:57 +08:00			`2. The IP address in those A records may be mostly irrelevant, as cloudflare should handle all requests (assuming some page rule matches).`
Merge branch 'master' into tlim_cfaliases 2017-05-26 08:38:48 +08:00			`3. Ordering matters for priority. CF_REDIRECT records will be added in the order they appear in your js. So put catch-alls at the bottom.`