Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ProfFan/cloudflare-proxy-rs

Proxy for not sharing your Cloudflare private key everywhere on untrusted servers.
https://github.com/ProfFan/cloudflare-proxy-rs

Last synced: about 2 months ago
JSON representation

Proxy for not sharing your Cloudflare private key everywhere on untrusted servers.

Host: GitHub
URL: https://github.com/ProfFan/cloudflare-proxy-rs
Owner: ProfFan
Created: 2019-01-14T12:24:25.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2023-03-04T04:11:11.000Z (almost 2 years ago)
Last Synced: 2024-08-03T01:39:15.689Z (5 months ago)
Language: Rust
Size: 719 KB
Stars: 8
Watchers: 3
Forks: 0
Open Issues: 6
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# `cloudflare-proxy`

Proxy for Cloudflare API written in Rust. This is mainly designed to solve the problem that Cloudflare only has one API key for all sites belonging to an account.

This program provides a Certbot DNS challenge provider [`certbot-dns-cfproxy`](https://github.com/ProfFan/certbot-dns-cfproxy) that you can install via Pypi for easy tiered management of SSL certs for your personal servers while not leaking your CF API key everywhere on different cloud server providers.

# Usage

First install PostgreSQL, create the user and database, change the `.env` file (follow the http://diesel.rs/ tutorial):

```
DATABASE_URL=postgres://user_pass@localhost/DB_NAME
```

Then create a user, a site and give the user privilege:

```
diesel setup

> cargo run --bin new_user
Input username:
cargo

Ok! Input the API Key for cargo

super_secret_key

Created user cargo with id 2

> cargo run --bin new_site
Input site name:
G00gle

Ok! Input the zone (domain name) for G00gle

google.com

Created site G00gle with id 2

> cargo run --bin new_priv
Input user:
cargo

Ok! Input the zone (domain name):

google.com
Input the regex pattern:
.*\.google\.com
Make him superuser for cargo: (y/N)
n
```

And run the web app with you cloudflare credentials:

```
ROCKET_CFUSER= ROCKET_CFKEY= cargo run
```

Now you can call the API with:

```
curl --verbose --header "Content-Type: application/json" \
--data '{"user":"username","key":"fdsfdafsas","zone":"google.com","rec":"vu1.google.com","rectype":"A", "value":"10.2.22.2"}' \
http://localhost:8000/update
```

# ACME (Let's Encrypt)

Use with [`certbot-dns-cfproxy`](https://github.com/ProfFan/certbot-dns-cfproxy)

# LICENSE

MIT or Apache