mirror of
https://github.com/StackExchange/dnscontrol.git
synced 2024-09-20 06:46:19 +08:00
CLOUDFLAREAPI: Enable DNSKEY, HTTPS, SVCB record types (#3000)
This commit is contained in:
parent
94ce7e2a5d
commit
68b0b300d6
|
@ -21,7 +21,7 @@ If a feature is definitively not supported for whatever reason, we would also li
|
|||
| [`AZURE_PRIVATE_DNS`](provider/azure_private_dns.md) | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❔ | ❔ | ❌ | ❌ | ✅ | ❔ | ✅ | ❌ | ❔ | ❌ | ❔ | ❔ | ❔ | ❔ | ✅ | ✅ | ✅ |
|
||||
| [`BIND`](provider/bind.md) | ✅ | ✅ | ❌ | ❌ | ❔ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
||||
| [`BUNNY_DNS`](provider/bunny_dns.md) | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❔ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | ❔ | ❌ | ❌ | ❌ | ❔ | ❔ | ❌ | ✅ | ✅ |
|
||||
| [`CLOUDFLAREAPI`](provider/cloudflareapi.md) | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❔ | ❔ | ❌ | ✅ | ✅ | ❔ | ✅ | ✅ | ❔ | ✅ | ❔ | ❔ | ❔ | ❔ | ❌ | ✅ | ✅ |
|
||||
| [`CLOUDFLAREAPI`](provider/cloudflareapi.md) | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❔ | ✅ | ❌ | ✅ | ✅ | ❔ | ✅ | ✅ | ✅ | ✅ | ❔ | ❔ | ❔ | ✅ | ❌ | ✅ | ✅ |
|
||||
| [`CLOUDNS`](provider/cloudns.md) | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❔ | ❔ | ❌ | ❔ | ✅ | ❔ | ✅ | ✅ | ❔ | ✅ | ❔ | ❔ | ✅ | ❔ | ❔ | ✅ | ✅ |
|
||||
| [`CSCGLOBAL`](provider/cscglobal.md) | ✅ | ✅ | ✅ | ✅ | ❔ | ✅ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ✅ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❔ | ❌ | ✅ |
|
||||
| [`DESEC`](provider/desec.md) | ❌ | ✅ | ❌ | ❌ | ❔ | ✅ | ✅ | ✅ | ❔ | ✅ | ✅ | ❔ | ✅ | ✅ | ✅ | ✅ | ✅ | ❔ | ❔ | ✅ | ❔ | ✅ | ✅ |
|
||||
|
|
|
@ -47,12 +47,15 @@ var features = providers.DocumentationNotes{
|
|||
providers.CanConcur: providers.Can(),
|
||||
providers.CanUseAlias: providers.Can("CF automatically flattens CNAME records into A records dynamically"),
|
||||
providers.CanUseCAA: providers.Can(),
|
||||
providers.CanUseDNSKEY: providers.Can(),
|
||||
providers.CanUseDSForChildren: providers.Can(),
|
||||
providers.CanUseHTTPS: providers.Can(),
|
||||
providers.CanUseLOC: providers.Cannot(),
|
||||
providers.CanUseNAPTR: providers.Can(),
|
||||
providers.CanUsePTR: providers.Can(),
|
||||
providers.CanUseSRV: providers.Can(),
|
||||
providers.CanUseSSHFP: providers.Can(),
|
||||
providers.CanUseSVCB: providers.Can(),
|
||||
providers.CanUseTLSA: providers.Can(),
|
||||
providers.DocCreateDomains: providers.Can(),
|
||||
providers.DocDualHost: providers.Cannot("Cloudflare will not work well in situations where it is not the only DNS server"),
|
||||
|
@ -642,15 +645,17 @@ type cfRecData struct {
|
|||
Weight uint16 `json:"weight"` // SRV
|
||||
Port uint16 `json:"port"` // SRV
|
||||
Tag string `json:"tag"` // CAA
|
||||
Flags uint8 `json:"flags"` // CAA
|
||||
Flags uint16 `json:"flags"` // CAA/DNSKEY
|
||||
Value string `json:"value"` // CAA
|
||||
Usage uint8 `json:"usage"` // TLSA
|
||||
Selector uint8 `json:"selector"` // TLSA
|
||||
MatchingType uint8 `json:"matching_type"` // TLSA
|
||||
Certificate string `json:"certificate"` // TLSA
|
||||
Algorithm uint8 `json:"algorithm"` // SSHFP/DS
|
||||
Algorithm uint8 `json:"algorithm"` // SSHFP/DNSKEY/DS
|
||||
HashType uint8 `json:"type"` // SSHFP
|
||||
Fingerprint string `json:"fingerprint"` // SSHFP
|
||||
Protocol uint8 `json:"protocol"` // DNSKEY
|
||||
PublicKey string `json:"public_key"` // DNSKEY
|
||||
KeyTag uint16 `json:"key_tag"` // DS
|
||||
DigestType uint8 `json:"digest_type"` // DS
|
||||
Digest string `json:"digest"` // DS
|
||||
|
|
|
@ -71,6 +71,15 @@ func (c *cloudflareProvider) createZone(domainName string) (string, error) {
|
|||
return zone.ID, err
|
||||
}
|
||||
|
||||
func cfDnskeyData(rec *models.RecordConfig) *cfRecData {
|
||||
return &cfRecData{
|
||||
Algorithm: rec.DnskeyAlgorithm,
|
||||
Flags: rec.DnskeyFlags,
|
||||
Protocol: rec.DnskeyProtocol,
|
||||
PublicKey: rec.DnskeyPublicKey,
|
||||
}
|
||||
}
|
||||
|
||||
func cfDSData(rec *models.RecordConfig) *cfRecData {
|
||||
return &cfRecData{
|
||||
KeyTag: rec.DsKeyTag,
|
||||
|
@ -97,7 +106,7 @@ func cfSrvData(rec *models.RecordConfig) *cfRecData {
|
|||
func cfCaaData(rec *models.RecordConfig) *cfRecData {
|
||||
return &cfRecData{
|
||||
Tag: rec.CaaTag,
|
||||
Flags: rec.CaaFlag,
|
||||
Flags: uint16(rec.CaaFlag),
|
||||
Value: rec.GetTargetField(),
|
||||
}
|
||||
}
|
||||
|
@ -119,6 +128,14 @@ func cfSshfpData(rec *models.RecordConfig) *cfRecData {
|
|||
}
|
||||
}
|
||||
|
||||
func cfSvcbData(rec *models.RecordConfig) *cfRecData {
|
||||
return &cfRecData{
|
||||
Priority: rec.SvcPriority,
|
||||
Target: cfTarget(rec.GetTargetField()),
|
||||
Value: rec.SvcParams,
|
||||
}
|
||||
}
|
||||
|
||||
func cfNaptrData(rec *models.RecordConfig) *cfNaptrRecData {
|
||||
return &cfNaptrRecData{
|
||||
Flags: rec.NaptrFlags,
|
||||
|
@ -175,11 +192,15 @@ func (c *cloudflareProvider) createRecDiff2(rec *models.RecordConfig, domainID s
|
|||
} else if rec.Type == "SSHFP" {
|
||||
cf.Data = cfSshfpData(rec)
|
||||
cf.Name = rec.GetLabelFQDN()
|
||||
} else if rec.Type == "DNSKEY" {
|
||||
cf.Data = cfDnskeyData(rec)
|
||||
} else if rec.Type == "DS" {
|
||||
cf.Data = cfDSData(rec)
|
||||
} else if rec.Type == "NAPTR" {
|
||||
cf.Data = cfNaptrData(rec)
|
||||
cf.Name = rec.GetLabelFQDN()
|
||||
} else if rec.Type == "HTTPS" || rec.Type == "SVCB" {
|
||||
cf.Data = cfSvcbData(rec)
|
||||
}
|
||||
resp, err := c.cfClient.CreateDNSRecord(context.Background(), cloudflare.ZoneIdentifier(domainID), cf)
|
||||
if err != nil {
|
||||
|
@ -227,12 +248,17 @@ func (c *cloudflareProvider) modifyRecord(domainID, recID string, proxied bool,
|
|||
} else if rec.Type == "SSHFP" {
|
||||
r.Data = cfSshfpData(rec)
|
||||
r.Name = rec.GetLabelFQDN()
|
||||
} else if rec.Type == "DNSKEY" {
|
||||
r.Data = cfDnskeyData(rec)
|
||||
r.Content = ""
|
||||
} else if rec.Type == "DS" {
|
||||
r.Data = cfDSData(rec)
|
||||
r.Content = ""
|
||||
} else if rec.Type == "NAPTR" {
|
||||
r.Data = cfNaptrData(rec)
|
||||
r.Name = rec.GetLabelFQDN()
|
||||
} else if rec.Type == "HTTPS" || rec.Type == "SVCB" {
|
||||
r.Data = cfSvcbData(rec)
|
||||
}
|
||||
_, err := c.cfClient.UpdateDNSRecord(context.Background(), cloudflare.ZoneIdentifier(domainID), r)
|
||||
return err
|
||||
|
|
Loading…
Reference in a new issue