Categorygithub.com/axatol/external-dns-cloudflare-tunnel-webhook
modulepackage
0.0.0-20241024150312-80131f265489
Repository: https://github.com/axatol/external-dns-cloudflare-tunnel-webhook.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
13
Dependents
0
Files
96 SLOC

# README

external-dns-cloudflare-tunnel-webhook

Read about how I implemented this here.

[!WARNING] This provider is experimental

This is a provider for use with external-dns via the webhook mechanism. It provides the ability to create public hostnames and backing DNS records for Cloudflare Tunnels.

[!NOTE] Due to limitations of the external-dns webhook mechanism and my lack of brainpower, this provider only supports backing a single tunnel. To support more tunnels, deploy more instances of this provider.

Deploying

You will need:

  • A Kubernetes cluster
  • Helm CLI installed
  • A Cloudflare account with some form of authorization with scopes
    • All accounts - Cloudflare Tunnel:Edit
    • All zones - DNS:Edit

Ensure you have a secret with your Cloudflare credentials.

kubectl create secret generic cloudflare-credentials --from-literal=CLOUDFLARE_API_TOKEN=blah

Create a values file, see below for a minimum config.

cat <<EOF > ./values.yaml
logLevel: info
logFormat: json
interval: 1h
provider:
  name: webhook
  webhook:
    image:
      repository: docker.io/axatol/external-dns-cloudflare-tunnel-webhook
      tag: latest
    env:
      - name: CLOUDFLARE_API_TOKEN
        valueFrom:
          secretKeyRef:
            name: cloudflare-credentials
            key: CLOUDFLARE_API_TOKEN
EOF

Install the external-dns chart.

helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
helm repo update
helm upgrade external-dns-cloudflare-tunnel external-dns/external-dns \
  --install \
  --atomic \
  --create-namespace \
  --namespace external-dns \
  --values ./values.yaml

Configuration

Kubernetes annotations

Environment variableFlagTypeDefaultNotes
LOG_LEVEL-log-levelenum"info"^4
LOG_FORMAT-log-formatenum"json"^5
CLOUDFLARE_API_KEY-cloudflare-api-keystring""^1
CLOUDFLARE_API_EMAIL-cloudflare-api-emailstring""^1
CLOUDFLARE_API_TOKEN-cloudflare-api-tokenstring""^1
CLOUDFLARE_ACCOUNT_ID-cloudflare-account-idstring^2
CLOUDFLARE_TUNNEL_ID-cloudflare-tunnel-idstring^2
PORT-portint64"8888"
READ_TIMEOUT-read-timeouttime.Duration"5s"
WRITE_TIMEOUT-write-timeouttime.Duration"10s"
DRY_RUN-dry-runbool"false"
DOMAIN_FILTER-domain-filter[]string"" delimiter:","^3
  1. Must specify:
    • both CLOUDFLARE_API_KEY and CLOUDFLARE_API_EMAIL
    • or CLOUDFLARE_API_TOKEN
  2. Required field
  3. Specify multiple by delimiting with ,
  4. One of trace, debug, info, warn, error, fatal
  5. One of text, json

# Packages

No description provided by the author