Drivers connect and manage infrastructure. To wire up CI, registries and more go here.
Back
humanitec/dns-cloudflare
Provision a new subdomain for a domain managed in a Cloudflare Zone.
Available. Currently being open sourced. Learn more- Readme
- Input
Provision a new subdomain for a domain managed in a Cloudflare Zone.
Notes
Zone Identifier
Cloudflare organises resources into "Zones". You can find the Zone Identifier on the main dash page for the domain. It is at the bottom right under the heading Zone ID.
API Token
The driver uses a Cloudflare API Token to add, update and remove DNS records. The token must have Zone.DNS edit permissions on the zone the subdomain should be set up in.
The token should be added as an account of type cloudflare.
Example
In this example, we use the humanitec/dns-cloudflare driver to provision new subdomains under staging.cf-hosted-domain.com for an app called cloudflare-dns-example-app.
First, the Resource Account containing the Cloudflare API Token must be created:
curl https://api.humanitec.io/orgs/my-org/resources/accounts \
-X POST \
-H "Authorization: Bearer $HUMANITEC_TOKEN" \
-H "Content-Type: application/json" \
--data-binary '{
"id": "cloudflare-example-account",
"name": "Cloudflare Example Account",
"type": "cloudflare",
"credentials": {
"token": "kji2b0masdlkfjbaslf-b28n"
}
}'
Then following Dynamic Resource Definition should be added:
curl https://api.humanitec.io/orgs/my-org/resources/dynic \
-X POST \
-H "Authorization: Bearer $HUMANITEC_TOKEN" \
-H "Content-Type: application/json" \
--data-binary '{
"id": "dynamic-dns-cloudflare",
"name": "Dynamic DNS via Cloudflare",
"type": "dns",
"criteria": [
{
"app_id": "cloudflare-dns-example-app"
}
],
"account_id": "cloudflare-example-account",
"driver_type": "humanitec/dns-cloudflare",
"driver_params": {
"values": {
"zone_id": "1ef520391d97ed73c38bc35dd8b570d0",
"domain": "staging.cf-hosted-domain.com",
"ttl": 1,
"proxied": false
},
"secrets": {
"tls": {
"tls.crt": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----\n",
"tls.key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n"
}
}
}
}'
Secrets
| Name | Type | Description | Required |
|---|---|---|---|
| tls | object | The TLS certificate and private key for the DNS Name specfied in host. Should be provided in K8s format - that is an object with properties tls.crt and tls.key. |
x |
| Name | Type | Description |
|---|---|---|
| tls.tls.crt | string | |
| tls.tls.key | string |
Values
| Name | Type | Description | Required |
|---|---|---|---|
| domain | string | The parent DNS name that the subdomain will be created under. | x |
| proxied | boolean | Specifies whether the record should be proxied through Cloudflare. | |
| ttl | integer | The TTL of the created record. Defaults to 1 (which in turn defaults the record to the Cloudflare TTL) | |
| zone_id | string | The ID of the Zone the DNS record will be created in. | x |
