search

octodns / octodns-cloudflare

Cloudflare DNS provider for octoDNS
MIT License
24 stars 17 forks source link

CloudFlare Specific Proxied Type / Value #74

Closed mhosker closed 8 months ago

mhosker commented 8 months ago

Duplicate of issue #1130 on octodns/octodns - adding here as the solution seems potentially more relevant to specifically the Cloudflare provider.

Hi,

I am currently looking to implement OctoDNS using Cloudflare & NS1, however a number of my records are required to be proxied via CloudFlare even when the DNS query is served by NS1.

I can make this work using a CloudFlare partial CNAME zone, where proxied records that exist in NS1 can be created as CNAMEs pointing back to Cloudflare e.g www.example.com.cdn.cloudflare.net..

However, herein lies my problem... without using two zone files (one for NS1 & one for Cloudflare) is it possible to either specify a per provider value or add an override for CloudFlare specifically. Something like...

www: octodns: cloudflare: proxied: true type: A value: 8.8.8.8 ttl: 300 type: CNAME value: www.example.com.cdn.cloudflare.net.

Where 8.8.8.8 is the value of your secret origin server sitting behind Cloudflare.

I think this feature would be really beneficial (if it doesn't already exist and I have missed it!) as in a lot of cases the reason for proxying behind Cloudflare is to mask the origin IP, so I can see few use cases where you would have split DNS setup with Cloudflare returning a proxied record some of the time and the other provider returning the origin IP the rest of the time.

Additionally, if I were to use two non Cloudflare DNS providers and use Cloudflare as a CDN only, I would run into the same issue whereby the DNS providers would need to return the .cdn.cloudflare.net. CNAME record, however Cloudflare would need the true origin A / AAAA / CNAME configured.

Hopefully this makes sense, at the moment its making my deployment a bit tricky as I both don't want duplicate zone files to maintain and additional config OR my origin server IP exposed for non Cloudflare queries (plus it wouldn't work as my origins are all locked down to Cloudflare IPs only)!

As an aside, I love the OctoDNS project and have it successfully working with another zone that is solely Cloudflare. I plan to write some blog posts / produce a video on my rather unorthodox method of running OctoDNS using an Azure DevOps pipeline!

Thanks in advance! :)

ross commented 8 months ago

Closing in favor of https://github.com/octodns/octodns/issues/1130 since I saw it first and commented there. The specific need is somewhat CF specific, but in general is probably more of a question about to vary values across providers so I think it's fine to use the octoDNS core one.