En este artÃculo aprenderemos como utilizar la API de Cloudflare desde un script en python, de este modo seremos capaces de automatizar multitud de tareas administrativas.
Como ejemplo vamos a consultar los registros DNS de las zonas de varias cuentas, la librerÃa que utilizaremos es la oficial:
https://github.com/cloudflare/python-cloudflare
Creamos un token de acceso:
https://www.cloudflare.com/a/account/my-account
Le damos a la pestaña Tokens de API:
Crear token:
Podemos utilizar una plantilla genérica de acceso o podemos crear un acceso personalizado:
Creamos una personalizada de tal modo que solo pueda leer información de los DNS:
Nos muestra un resumen y le damos a Crear token:
Podemos comprobar el token de forma manual mediante curl:
-H "Authorization: Bearer YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY" \
-H "Content-Type:application/json"
{"result":{"id":"1f2e9ecf45463f956e02f6a4f61068f0","status":"active"},"success":true,"errors":[],"messages":[{"code":10000,"message":"This API Token is valid and active","type":null}]}
Ahora ya podemos proceder con nuestro script en Python, instalamos la librerÃa:
Escribimos el script:
#!/usr/local/bin/python3.8
import CloudFlare
import json
credential_tokens = {
'XXXX': 'YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY',
'XXXX': 'YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY',
'XXXX': 'YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY',
'XXXX': 'YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY'
}
for account, token in credential_tokens.items():
print('---------------------------------------------------------')
print('>> Account: % s -- Token: %s' % (account, token))
cf = CloudFlare.CloudFlare(token=token, raw=True)
page_number_domains = 0
while True:
page_number_domains += 1
try:
raw_results_domains = cf.zones.get(params={'per_page':5,'page':page_number_domains})
except CloudFlare.exceptions.CloudFlareAPIError as e:
exit('/zones.get %d %s - api call failed' % (e, e))
except Exception as e:
exit('/zones.get - %s - api call failed' % (e))
#print(json.dumps(raw_results_domains, indent=4, sort_keys=True))
zones = raw_results_domains['result']
for zone in zones:
zone_id = zone['id']
zone_name = zone['name']
print('-------- ZONE: %s --------' % zone_name)
page_number_dns = 0
while True:
page_number_dns += 1
try:
raw_results_dns = cf.zones.dns_records.get(zone_id, params={'per_page':5,'page':page_number_dns})
except CloudFlare.exceptions.CloudFlareAPIError as e:
exit('/zones/dns_records.get %d %s - api call failed' % (e, e))
#print(json.dumps(raw_results_dns, indent=4, sort_keys=True))
dns_records = raw_results_dns['result']
for dns_record in dns_records:
dns_id = dns_record['id']
dns_name = dns_record['name']
dns_type = dns_record['type']
dns_value = dns_record['content']
print('NAME: %s, TYPE: %s, VALUE: %s' % (dns_name, dns_type, dns_value))
total_pages_dns = raw_results_dns['result_info']['total_pages']
#print('page_number_dns: %s total_pages_dns: %s' % (page_number_dns, total_pages_dns))
if page_number_dns == total_pages_dns:
break
total_pages_domains = raw_results_domains['result_info']['total_pages']
#print('page_number_domains: %s total_pages_domains: %s' % (page_number_domains, total_pages_domains))
if page_number_domains == total_pages_domains:
break
Le asignamos los permisos necesarios y lo ejecutamos: