search

cloudydeno / kubernetes-dns-sync

Manage hosted DNS providers using a Kubernetes control plane
8 stars 0 forks source link

Implement cloudflare provider #10

Closed danopia closed 2 years ago

danopia commented 2 years ago

I'm marking the tested record types starting with this provider: A, AAAA, TXT, CNAME, MX, NS

Fixes #4

danopia commented 2 years ago

This works nicely, except that I'm not really sure how to implement the provider-specific aspect of setting 'proxied'. Still thinking on that.

danopia commented 2 years ago
external-dns info

Annotation for setting 'proxied': external-dns.alpha.kubernetes.io/cloudflare-proxied

Default TTL: 1 (otherwise the minimum is 60)

Unproxyable records: Wildcards or LOC, MX, NS, SPF, TXT, SRV (also private IP space but external-dns doesn't have that check)

links: docs code

danopia commented 2 years ago

This will need to wait and be rewritten once the refactor #11 is merged

samip5 commented 2 years ago

I would like to point out that proxing wildcards IS supported on a paid plan.

danopia commented 2 years ago

I would like to point out that proxing wildcards IS supported on a paid plan.

Good info! external-dns is hardcoded to be unable to do that: https://github.com/kubernetes-sigs/external-dns/blob/8b07536f4ac7a082e4d79e9453d67dd19f1fd876/provider/cloudflare/cloudflare.go#L417-L419

The reason it matters here is the create record API doesn't have a 'proxy if possible' flag. Either you require proxying for the record or not, so we need to know when it can be requested per-record.

I don't think I want to check the plan via API so I'll add a allow_proxied_wildcards = true option 🤷