alexvanin/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity
lego/docs/content/dns/zz_gen_cloudflare.md
Jarred Trainor a5a29187fe cloudflare: add support for API tokens (#937)
2019-09-01 14:32:20 +02:00

2.5 KiB
Raw Blame History

title date draft slug
Cloudflare 2019-03-03T16:39:46+01:00 false cloudflare

Since: v0.3.0

Configuration for Cloudflare.

  • Code: cloudflare

Here is an example bash command using the Cloudflare provider:

CLOUDFLARE_EMAIL=foo@bar.com \
CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \
lego --dns cloudflare --domains my.domain.com --email my@email.com run

# or

CLOUDFLARE_API_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \
lego --dns cloudflare --domains my.domain.com --email my@email.com run

Credentials

Environment Variable Name Description
CF_API_EMAIL Account email
CF_API_KEY API key
CF_API_TOKEN API token
CLOUDFLARE_API_KEY Alias to CF_API_KEY
CLOUDFLARE_API_TOKEN Alias to CF_API_TOKEN
CLOUDFLARE_EMAIL Alias to CF_API_EMAIL

The environment variable names can be suffixed by _FILE to reference a file instead of a value. More information here.

Additional Configuration

Environment Variable Name Description
CLOUDFLARE_HTTP_TIMEOUT API request timeout
CLOUDFLARE_POLLING_INTERVAL Time between DNS propagation check
CLOUDFLARE_PROPAGATION_TIMEOUT Maximum waiting time for DNS propagation
CLOUDFLARE_TTL The TTL of the TXT record used for the DNS challenge

The environment variable names can be suffixed by _FILE to reference a file instead of a value. More information here.

Description

You may use CF_API_EMAIL and CF_API_KEY to authenticate, or CF_API_TOKEN.

API keys

If using API keys (CF_API_EMAIL and CF_API_KEY), the Global API Key needs to be used, not the Origin CA Key.

API tokens

If using API tokens (CF_API_TOKEN), the following permissions are required:

  • Zone:Read
  • DNS:Edit

More information