{"id":50354253,"url":"https://github.com/faserf/ha-cloudflare","last_synced_at":"2026-05-29T22:01:21.480Z","repository":{"id":354462270,"uuid":"1223612725","full_name":"FaserF/ha-cloudflare","owner":"FaserF","description":"Homeassistant Integration to interact with Cloudflare Cloud","archived":false,"fork":false,"pushed_at":"2026-05-12T05:59:24.000Z","size":177,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-12T07:37:28.606Z","etag":null,"topics":["cloudflare","custom-integration","hacs","homeassistant","integration"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FaserF.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-28T13:42:43.000Z","updated_at":"2026-05-12T05:59:00.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/FaserF/ha-cloudflare","commit_stats":null,"previous_names":["faserf/ha-cloudflare"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/FaserF/ha-cloudflare","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FaserF%2Fha-cloudflare","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FaserF%2Fha-cloudflare/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FaserF%2Fha-cloudflare/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FaserF%2Fha-cloudflare/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FaserF","download_url":"https://codeload.github.com/FaserF/ha-cloudflare/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FaserF%2Fha-cloudflare/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33672125,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-29T02:00:06.066Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","custom-integration","hacs","homeassistant","integration"],"created_at":"2026-05-29T22:01:20.373Z","updated_at":"2026-05-29T22:01:21.474Z","avatar_url":"https://github.com/FaserF.png","language":"Python","funding_links":["https://github.com/sponsors/FaserF)","https://paypal.me/FaserF"],"categories":[],"sub_categories":[],"readme":"# Cloudflare Advanced (for Home Assistant)\n\n[![GitHub Release](https://img.shields.io/github/release/FaserF/ha-cloudflare.svg?style=flat-square)](https://github.com/FaserF/ha-cloudflare/releases)\n[![License](https://img.shields.io/github/license/FaserF/ha-cloudflare.svg?style=flat-square)](LICENSE)\n[![hacs](https://img.shields.io/badge/HACS-custom-orange.svg?style=flat-square)](https://hacs.xyz)\n[![Add to Home Assistant](https://my.home-assistant.io/badges/config_flow_start.svg)](https://my.home-assistant.io/redirect/config_flow_start/?domain=cloudflare_advanced)\n[![CI Orchestrator](https://github.com/FaserF/ha-cloudflare/actions/workflows/ci-orchestrator.yml/badge.svg)](https://github.com/FaserF/ha-cloudflare/actions/workflows/ci-orchestrator.yml)\n\nA secure, production-ready Home Assistant integration for Cloudflare. Monitor zone analytics, manage Zero Trust tunnels, control page rules, secure apps, and modify DNS records directly from Home Assistant.\n\n## 🧭 Quick Links\n\n| | | | |\n| :--- | :--- | :--- | :--- |\n| [✨ Features](#-features) | [📦 Installation](#-installation) | [⚙️ Configuration](#️-configuration) | [🛡️ Security](#-security) |\n| [🧱 Services](#-services) | [📖 Automations](#-automation-examples) | [❓ FAQ](#-troubleshooting--faq) | [🧑‍💻 Development](#-development) |\n| [💖 Credits](#-credits--acknowledgements) | [📄 License](#-license) | | |\n\n### Why use this integration?\nWhile generic DNS updates only provide simple IP changes, this integration leverages Cloudflare APIs (REST \u0026 GraphQL) to offer deep administrative control. Manage multiple zones, workers, turnstile widgets, access policies, and Zero Trust tunnels in one cohesive dashboard without accessing complex terminals.\n\n## ✨ Features\n\n- **Zone Analytics**: \n  - **Requests**: Real-time traffic insights.\n  - **Bandwidth**: Data transfer metrics (in Megabytes).\n  - **Threats Blocked**: See how many malicious requests were prevented.\n  - **Unique Visitors**: Track visitor metrics.\n  - **Certificate Expiration**: Monitor edge certificate expiry dates.\n- **Zero Trust \u0026 Tunnels**: \n  - **Tunnel Status**: Monitor status (Connected/Healthy) for Cloudflare Tunnels.\n  - **Details**: Track active connection counts and connector daemon versions.\n  - **Gateway Policies**: Toggle Zero Trust DNS/HTTP policies on or off.\n  - **Load Balancer Pools**: View health diagnostics for origin server distributions.\n  - **Registrar Domains**: Track the expiration date of domains registered via Cloudflare.\n- **Access Applications, Edge Workers \u0026 Pages**: \n  - **Access Apps**: Monitor active statuses for protected assets.\n  - **Workers Deployment**: Get uptime diagnostics for deployed Cloudflare Workers.\n  - **Pages Deployment**: Track the live deployment state of Cloudflare Pages.\n  - **Turnstile Widgets**: Monitor mode configurations.\n  - **Cloudflare Images**: Monitor stored vs allowed capacities.\n- **Configurable Control**:\n  - **Zone Settings**: Toggles for Development Mode, Always Use HTTPS, Automatic HTTPS Rewrites, IPv6 Compatibility, Rocket Loader, WebSockets, Brotli, Hotlink Protection, and Early Hints.\n  - **Security Level**: Dropdown options to force immediate strictness (`off`, `essentially_off`, `low`, `medium`, `high`, `under_attack`).\n  - **Page Rules**: Disable or enable individual URL filters.\n  - **Email Routing**: Toggle custom email forwarding rules on or off.\n  - **WAF Rules**: Toggle specific WAF Custom rules to secure origins.\n  - **Cache Rules**: Toggle specific advanced caching behavior rules.\n  - **Domain Auto-Renew**: Toggle domain registration auto-renewals safely.\n  - **API Quota Monitoring**: Tracks remaining API requests and reset time to prevent rate limiting.\n  - **Security Logs**: Tracks external attack properties (`Country`, `IP Address`, `Rule Triggered`).\n- **Smart Tracking \u0026 Logic**:\n  - **Automated DDNS Updates**: Automatically detects your router's public IP changes using `Home Assistant` networking infrastructure, seamlessly propagating changes onto mapped Zone A-Records (Configurable via Options Flow).\n  - **Cache Management**: Instantly purge your Cloudflare Zone Cache using custom hardware buttons.\n\n## ❤️ Support This Project\n\n\u003e I maintain this integration in my **free time alongside my regular job** — bug hunting, new features, testing. Test environments cost money, and every donation helps me stay independent and dedicate more time to open-source work.\n\u003e\n\u003e **This project is and will always remain 100% free.** There are no \"Premium Upgrades\" or subscriptions.\n\u003e\n\u003e Donations are completely voluntary — but the more support I receive, the less I depend on other income sources. 💪\n\n\u003cdiv align=\"center\"\u003e\n\n[![GitHub Sponsors](https://img.shields.io/badge/Sponsor%20on-GitHub-%23EA4AAA?style=for-the-badge\u0026logo=github-sponsors\u0026logoColor=white)](https://github.com/sponsors/FaserF)\u0026nbsp;\u0026nbsp;\n[![PayPal](https://img.shields.io/badge/Donate%20via-PayPal-%2300457C?style=for-the-badge\u0026logo=paypal\u0026logoColor=white)](https://paypal.me/FaserF)\n\n\u003c/div\u003e\n\n## 📦 Installation\n\n### HACS (Recommended)\n\nThis integration is fully compatible with [HACS](https://hacs.xyz/).\n\n[![Open your Home Assistant instance and open a repository inside the Home Assistant Community Store.](https://my.home-assistant.io/badges/hacs_repository.svg)](https://my.home-assistant.io/redirect/hacs_repository/?owner=FaserF\u0026repository=ha-cloudflare\u0026category=Integration)\n\n1. Open HACS in Home Assistant.\n2. Click the three dots in the top right corner and select **Custom repositories**.\n3. Add `FaserF/ha-cloudflare` with category **Integration**.\n4. Search for \"Cloudflare Advanced\".\n5. Install and restart Home Assistant.\n\n### Manual Installation\n\n1. Download the latest release from the [Releases page](https://github.com/FaserF/ha-cloudflare/releases).\n2. Extract the `custom_components/cloudflare_advanced` folder into your Home Assistant's `custom_components` directory.\n3. Restart Home Assistant.\n\n## ⚙️ Configuration\n\nAdding your Cloudflare account is entirely done via the UI. **No YAML configuration is required.**\n\n1. Navigate to **Settings \u003e Devices \u0026 Services** in Home Assistant.\n2. Click **Add Integration** and search for **Cloudflare Advanced**.\n3. Choose Authentication:\n   - **API Token (Recommended)**: Generate a secure scoped token.\n   - **Legacy Credentials**: E-Mail address + Global API Key.\n4. Select which active domain zones you wish to initialize.\n\n## 🛡️ Security\n\nTo use the recommended API Token method, you must generate a token in your Cloudflare account.\n\nYou can jump directly to the [Cloudflare API Tokens Dashboard](https://dash.cloudflare.com/profile/api-tokens) or follow these steps manually:\n1. Log in to the [Cloudflare Dashboard](https://dash.cloudflare.com/).\n2. In the top right, click on your **Profile Icon** and select **My Profile**.\n3. Go to the **API Tokens** tab.\n4. Click **Create Token** and select **Create Custom Token**.\n\nFor a comprehensive step-by-step tutorial, refer to the official [Cloudflare Token Creation Guide](https://developers.cloudflare.com/fundamentals/api/get-started/create-token/).\n\nEnsure your generated API Token follows the **Principle of Least Privilege**. Grant access solely to the required scopes for your selected domains:\n\n### Required Scopes (Zone-level)\n- `Analytics` (Read) - For traffic \u0026 security metrics.\n- `Zone` (Read) - For zone discovery and metadata.\n- `Zone Settings` (Read/Edit) - For performance and network toggles.\n- `Page Rules` (Read/Edit) - For URL filter management.\n- `DNS` (Read/Edit) - For DDNS updates and record control.\n- `Firewall Services` (Read/Edit) - For custom WAF rule toggles.\n- `Cache Rules` (Read/Edit) - For advanced Cache rules.\n- `Email Routing` (Read/Edit) - For email forwarding rule control.\n- `Cache Purge` (Edit) - For manual cache clearing.\n\n### Optional Scopes (Account-level)\n- `Cloudflare Zero Trust` (Read/Edit) - For Tunnels and Gateway policies.\n- `Workers Scripts` (Read) - For Worker status tracking.\n- `Cloudflare Pages` (Read) - For project deployment status.\n- `Cloudflare Images` (Read) - For storage capacity monitoring.\n- `Load Balancing` (Read) - For health diagnostics of LB pools.\n- `Registrar` (Read/Edit) - For domain management and auto-renew toggles.\n\n\n## 🧱 Services\n\nThe integration provides powerful actions for deployment management.\n\n### `cloudflare_advanced.purge_cache`\nPurges files stored on edge cache layers.\n- **`zone_id`**: (Required) Unique identifier of the domain zone.\n- **`purge_everything`**: (Optional) Clears all cached elements if True (default: `true`).\n- **`files`**: (Optional) Specify exact asset URLs to selectively wipe.\n\n### `cloudflare_advanced.update_dns_record`\nUpdates IP targets.\n- **`zone_id`**: (Required) Target Cloudflare Zone.\n- **`record_id`**: (Required) Cloudflare record reference.\n- **`name`**: (Required) Record name string (e.g. `sub.example.com`).\n- **`type`**: (Required) Protocol format (`A`, `CNAME`, `AAAA`).\n- **`content`**: (Required) Upstream destination.\n\n### `cloudflare_advanced.create_dns_record`\nConstructs completely new entries.\n- **`zone_id`**: (Required) Domain reference.\n- **`name`**: (Required) Title endpoint string.\n- **`type`**: (Required) Schema type.\n- **`content`**: (Required) IP binding.\n\n## 📖 Automation Examples\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e🔄 Auto-Disable Dev Mode After Hours\u003c/strong\u003e\u003c/summary\u003e\n\n```yaml\nalias: \"Cloudflare: Time Dev Mode\"\ntrigger:\n  - platform: state\n    entity_id: switch.example_com_development_mode\n    to: \"on\"\n    for:\n      hours: 4\naction:\n  - target:\n      entity_id: switch.example_com_development_mode\n    action: switch.turn_off\n```\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e🛡️ Respond to Threat Spikes\u003c/strong\u003e\u003c/summary\u003e\n\n```yaml\nalias: \"Cloudflare: Under Attack State\"\ntrigger:\n  - platform: numeric_state\n    entity_id: sensor.example_com_threats_blocked\n    above: 25\naction:\n  - target:\n      entity_id: select.example_com_security_level\n    action: select.select_option\n    data:\n      option: \"under_attack\"\n```\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003e🚨 Push Alerts on VPN Tunnel Failures\u003c/strong\u003e\u003c/summary\u003e\n\n```yaml\nalias: \"Cloudflare: Tunnel Status Notification\"\ntrigger:\n  - platform: state\n    entity_id: binary_sensor.tunnel_main_gateway\n    to: \"off\"\naction:\n  - action: notify.notify\n    data:\n      title: \"Tunnel Error\"\n      message: \"Gateway link dropped.\"\n```\n\u003c/details\u003e\n\n## ❓ Troubleshooting \u0026 FAQ\n\n### \"Invalid Auth\" during setup\nCheck token permissions. Tokens restricted from accessing general lists fail verification. Verify Zone read privileges.\n\n### Why are some controls missing?\nSpecific operations rely upon the Tier setup in Cloudflare profiles. Free profiles lack some complex variables.\n\n## 🧑‍💻 Development\n\nUses:\n- `ruff` linting\n- `pytest` frameworks\n- `mypy` validation\n\n## 💖 Credits \u0026 Acknowledgements\n\nBuilt from the ground up to provide a complete replacement for basic dynamic IP workflows.\n\n## 📄 License\n\nMIT License - see the [LICENSE](LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaserf%2Fha-cloudflare","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffaserf%2Fha-cloudflare","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaserf%2Fha-cloudflare/lists"}