Cloudflare Manager
v1.1.0Manage Cloudflare DNS records, Tunnels (cloudflared), and Zero Trust policies. Use for pointing domains, exposing local services via tunnels, and updating in...
0· 1.4k· 4 versions· 7 current· 7 all-time· Updated 4h ago· MIT-0
byazzar budiyanto@1999azzar
Cloudflare Manager
Standardized system for managing Cloudflare infrastructure and local tunnel ingress.
Prerequisites
- Binary:
python3andcloudflaredmust be installed. - Credentials:
CLOUDFLARE_API_TOKEN(minimal Zone permissions) andCLOUDFLARE_ZONE_ID.
Setup
- Define credentials in the environment or a local
.envfile. - Initialize the local environment:
bash scripts/install.sh.
Core Workflows
1. DNS Management
Add, list, or delete DNS records via Cloudflare API.
- List:
python3 $WORKSPACE/skills/cloudflare-manager/scripts/cf_manager.py list-dns - Add:
python3 $WORKSPACE/skills/cloudflare-manager/scripts/cf_manager.py add-dns --type A --name <subdomain> --content <ip>
2. Tunnel Ingress (Local)
Update /etc/cloudflared/config.yml and restart the tunnel service.
- Update:
python3 $WORKSPACE/skills/cloudflare-manager/scripts/cf_manager.py update-ingress --hostname <host> --service <url> - Safety: Use
--dry-runto preview configuration changes before application.
Security & Permissions
- Sudo Usage: The
update-ingresscommand requiressudoto write to system directories and restart thecloudflaredservice. - Least Privilege: Configure restricted sudo access using the pattern in
references/sudoers.example. - Token Isolation: Ensure API tokens are scoped narrowly to specific zones and permissions.
Reference
- Sudoers Pattern: See references/sudoers.example.
- Tunnel Logic: See references/tunnel-guide.md.
Version tags
cloudflarecloudflareddevopsdnslatesttunnel
Runtime requirements
Binspython3, cloudflared
EnvCLOUDFLARE_API_TOKEN, CLOUDFLARE_ZONE_ID