Skip to content

Use api token instead of key. #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Use api token instead of key. #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4361b66
Use api token instead of key.
kongkha Dec 2, 2024
1c71f16
Change key to token in readme, fix typo.
kongkha Dec 2, 2024
efbffd0
Change hostId to recordId
kongkha Jun 27, 2025
4bdd6a4
Readme reindent, add policy requirement
kongkha Jun 27, 2025
08e00e0
Change log message to avoid obfuscation
kongkha Jun 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 29 additions & 9 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,45 @@
# mikrotik-cloudflare-ddns-scripts

This simple scripts are designed to implement `DDNS` feature using the service [Cloudflare](https://www.cloudflare.com/).
This simple scripts are designed to implement DDNS feature using the [Cloudflare API](https://developers.cloudflare.com/api).

### Requirements and dependences
## Requirements and dependences

Scripts work only on `RouterOS` version 6.44 and above.

Depends on [Mikrotik JSON Parser](https://github.com/Winand/mikrotik-json-parser) project installed as system script with name `JParseFunctions`.

### Configure
## Configure

Each script (IPv4 and IPv6) has a configuration area. Just insert your values.

First of all you need your `Cloudflare API` key. Just go to the `Cloudflare` [site](https://www.cloudflare.com/) `My Profile -> API Keys section -> Global API Key -> View`. Follow the instructions. Now you have your `API` key. Keep it safe.
First of all you need your Cloudflare API Token. Create the [Cloudflare API Token](https://dash.cloudflare.com/profile/api-tokens), with DNS edit permission for your zone. Then grab your token, and follow the instructions. Keep the API Token safe.

The service does not allow easy retrieval of required Zone and DNS record identifiers. This is only possible through a REST API methods [List Zones](https://developers.cloudflare.com/api/operations/zones-get) and [List DNS Records](https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-list-dns-records). Using any REST client (I use [Advanced REST client](https://chrome.google.com/webstore/detail/advanced-rest-client/hgmloofddffdnphfgcellkdfbfbjeloo) for `Chrome Browser`), sending a request, you will receive the `JSON` answer with necessary Zone and DNS Record IDs.
You can go to your site's [cloudflare dashboard](https://dash.cloudflare.com) to retrieve zone id, on the URL it is `https://dash.cloudflare.com/$zone_id/$domain_name`, but DNS Record ID is only possible through REST API.

Insert all variables in scripts and install in your `Mikrotik` device.
REST API methods [List Zones](https://developers.cloudflare.com/api/operations/zones-get) and [List DNS Records](https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-list-dns-records). Using any REST client (e.g. [HTTPie](https://httpie.io/app), or [curl](https://curl.se)), sending a request, you will receive the JSON answer with necessary Zone and DNS Record IDs.

### Running
Insert all variables in scripts and install in your RouterOS device.

You may add this script to system scheduler as periodically task.
### Get zone id with cURL
Replace `$api_token` with your [api token](https://dash.cloudflare.com/profile/api-tokens).
```shell
curl --request GET \
--url https://api.cloudflare.com/client/v4/zones \
--header "Authorization: Bearer $api_token" \
--header "Content-Type: application/json"
```

### Get record id with cURL
Get dns record id. Replace `$api_token` with your [api token](https://dash.cloudflare.com/profile/api-tokens). And `$zone_id` with zone id from [above](#Get-zone-id-with-cURL).
```shell
curl --request GET \
--url https://api.cloudflare.com/client/v4/zones/$zone_id/dns_records \
--header "Authorization: Bearer $api_token" \
--header "Content-Type: application/json"
```
> [!TIP]
> You can use jq to prettify json output.
## Running
This script requires `read` and `test` policy.

#### Thanks for using.
You may add this script to system scheduler as periodically task.
16 changes: 6 additions & 10 deletions cloudflare4ddns
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,9 @@
:local wanif "wan1"

# Cloudflare section
:local email "e-mail"
:local key "token"
:local apiToken "token"
:local zoneId "zoneId"
:local hostId "hostId"

# Domain hostname
:local recordId "recordId"
:local hostName "host.yourdomain.com"

# ** END OF CONFIGURE SECTION **
Expand All @@ -24,16 +21,15 @@

:if ([:len $ip4new] = 0) do={
:log error "[Cloudflare DDNS] Could not get IPv4 for interface $wanif"
:error "[Cloudflare DDNS] Could not get IPv4 for interface $wanif"
}

:if ($ip4new != $ip4wan) do={

:log info "[Cloudflare DDNS] WAN IPv4 address for interface $wanif has been changed to $ip4new."
:log info "[Cloudflare DDNS] An A record for $recordId is being changed to $ip4new."

:local url "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records/$hostId"
:local header "X-Auth-Email: $email, X-Auth-Key: $key, content-type: application/json"
:local data "{\"type\":\"A\",\"name\":\"$hostName\",\"content\":\"$ip4new\",\"ttl\":120}"
:local url "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records/$recordId"
:local header "Authorization: Bearer $apiToken, Content-Type: application/json"
:local data "{\"type\":\"A\",\"name\":\"$hostName\",\"content\":\"$ip4new\"}"

# :log info "[Cloudflare DDNS] URL: $url"
# :log info "[Cloudflare DDNS] HEADER: $header"
Expand Down
16 changes: 6 additions & 10 deletions cloudflare6ddns
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,9 @@
:local wanif "lan1"

# Cloudflare section
:local email "e-mail"
:local key "token"
:local apiToken "token"
:local zoneId "zoneId"
:local hostId "hostId"

# Domain hostname
:local recordId "recordId"
:local hostName "host.yourdomain.com"

# ** END OF CONFIGURE SECTION **
Expand All @@ -24,16 +21,15 @@

:if ([:len $ip6new] = 0) do={
:log error "[Cloudflare DDNS] Could not get IPv6 for interface $wanif"
:error "[Cloudflare DDNS] Could not get IPv6 for interface $wanif"
}

:if ($ip6new != $ip6wan) do={

:log info "[Cloudflare DDNS] IPv6 address for interface $wanif has been changed to $ip6new."
:log info "[Cloudflare DDNS] An AAAA record for $hostname is being changed to $ip6new."

:local url "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records/$hostId"
:local header "X-Auth-Email: $email, X-Auth-Key: $key, content-type: application/json"
:local data "{\"type\":\"AAAA\",\"name\":\"$hostName\",\"content\":\"$ip6new\",\"ttl\":120}"
:local url "https://api.cloudflare.com/client/v4/zones/$zoneId/dns_records/$recordId"
:local header "Authorization: Bearer $apiToken, Content-Type: application/json"
:local data "{\"type\":\"AAAA\",\"name\":\"$hostName\",\"content\":\"$ip6new\"}"

# :log info "[Cloudflare DDNS] URL: $url"
# :log info "[Cloudflare DDNS] HEADER: $header"
Expand Down