aggarwalakshun/ipv6-k3s
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'use cf-ddns instead of cronjob' (#26) from add-cf-ddns into main
Some checks failed
Validate Kubernetes Manifests / kubeconform (push) Has been cancelled
Details

Browse Source 
Reviewed-on: #26
This commit was merged in pull request #26.
This commit is contained in:
Akshun Aggarwal
2026-01-03 23:29:18 +00:00
parent 62359ba094 49d4494a03
commit 23a187b688
6 changed files with 49 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
clusters/ipv6/external-dns/cf-cron.yml
View File

@@ -1,41 +0,0 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: ipv6-dns-updater
namespace: external-dns
spec:
schedule: "*/60 * * * *"
successfulJobsHistoryLimit: 0
failedJobsHistoryLimit: 0
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: updater
image: alpine:3.23
command:
- /bin/sh
- -c
- |
apk add --no-cache curl jq &&
sh /mnt/update-ipv6.sh
env:
- name: CF_API_KEY
valueFrom:
secretKeyRef:
name: cloudflare-global-key
key: CF_API_KEY
- name: CF_EMAIL
valueFrom:
secretKeyRef:
name: cloudflare-global-key
key: CF_EMAIL
volumeMounts:
- name: script
mountPath: /mnt
volumes:
- name: script
configMap:
name: ipv6-updater-script

59
clusters/ipv6/external-dns/cf-script.yml
View File

@@ -1,59 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: ipv6-updater-script
namespace: external-dns
data:
update-ipv6.sh: |
#!/bin/sh
ZONE_ID="fe797c7b55d4e23fcd7929173c72a021"
RECORD="*.akshun-lab.cc"
IPV6=$(curl -s https://api64.ipify.org)
if [ -z "$IPV6" ]; then
echo "No IPv6 detected"
exit 1
fi
# Get Record ID
RECORD_ID=$(curl -s \
-H "X-Auth-Email: $CF_EMAIL" \
-H "X-Auth-Key: $CF_API_KEY" \
"https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?type=AAAA&name=$RECORD" \
| jq -r '.result[0].id')
if [ "$RECORD_ID" = "null" ]; then
echo "Record does not exist, creating..."
curl -s -X POST \
-H "X-Auth-Email: $CF_EMAIL" \
-H "X-Auth-Key: $CF_API_KEY" \
-H "Content-Type: application/json" \
"https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records" \
--data "{
\"type\": \"AAAA\",
\"name\": \"$RECORD\",
\"content\": \"$IPV6\",
\"ttl\": 120,
\"proxied\": false
}"
else
echo "Updating existing record..."
curl -s -X PUT \
-H "X-Auth-Email: $CF_EMAIL" \
-H "X-Auth-Key: $CF_API_KEY" \
-H "Content-Type: application/json" \
"https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$RECORD_ID" \
--data "{
\"type\": \"AAAA\",
\"name\": \"$RECORD\",
\"content\": \"$IPV6\",
\"ttl\": 120,
\"proxied\": false
}"
fi

14
clusters/ipv6/external-dns/cloudflare-secret-sealed.yml
View File

@@ -1,14 +0,0 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: cloudflare-api-token
namespace: external-dns
spec:
encryptedData:
CF_API_TOKEN: AgBGXS4yStjaLKfFq7svTArF6Y9wr/RvwQcV3P/aj/QzH8R3z9UimgGlrY61zTapCszTRRR4NJ55XpYQAU+9ugkfhDXfpmyi63oh7WWGENonHZFii9iAuC1xKMVP0B43I9Jm+YSFFCxpVE3iTiXFVbyhiSrbPfYX8KP3ED58D4T1s0OjCFWI6Uk63C5Qvc3zzjYRAvy/eHq4DEfNXifkFw7hJ03OouUmZMkvZXieNvPa3lvtnXHzE55eu3gs8C0xr/zGa3r2StfsVwLdLYaya+hHNtgp3cIiB+p8ncoBIEbyGzWQwT5jbl7zn7lqSfafe6KVYNxzKMGicVhCCOQfGyCUrrGkbBC3eXRPSgcPoHaJxLwjzPR1rVniKDsdVpRun2wskGXScRvzBEmt6gucLTUQTapc2R3R7MO8rxX0+dOR4uj7/hJdOJqNb6b7G74Jf9Y8nFfY1QEIys2i04d2HHKRIomQfAcnU2IsbWO2lEw4wzToPOGI4kQQqpLR7dIFOQnRrWJRj/5x3titG/th3vIyTRVHigGSwH9DUEh3TgVBSQbWuJMbh9HRZ/3z06kfgiGAnydzltLUOGw3w3JRE09+vS7kGKDr78jcokVoPcm8riRc1eJQImZsodMA1SF8PH1u+y0kUEbJpRuRG0e3m1yC014laokpa3Lrl8BAJkqOyAjufAOmSFPvXNROxw3WB1tED8RjZSADSocZPVoKfPNxInGxFntojEoYQw+P32d4sBdj9tJqHuCy
template:
metadata:
name: cloudflare-api-token
namespace: external-dns
type: Opaque

8
clusters/ipv6/external-dns/namespace.yml
View File

@@ -1,8 +0,0 @@
---
kind: Namespace
apiVersion: v1
metadata:
name: external-dns
labels:
name: external-dns

14
clusters/ipv6/tools/cloudflare-ddns/cf-ddns-secret-sealed.yml Normal file
View File

@@ -0,0 +1,14 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: cf-ddns-secret
namespace: tools
spec:
encryptedData:
api-token: AgB0eovgOD1djWw86G6ETlDEtrs0Yf31v/9voMyLkBM76rlPQ1RaLSZ8ozyH1nriLgAtiF1/g5/dtshGE+YZ0o4RjMCLPEhJXGFftEYXCTqTfH6PoODf4FV3sSSB1qx0VIUYjk61xxM0SD1R0cjNUlfTQxpmVcI2Zw8bjuuYZXy3kNt/4znsWtYUdRWgLFb5cAsdsesL+deWTnvLv67M3DyQ3l1qoqndVHFh3Sshxd8eI46kEiPVYwK+s1lGxi/y+Qbmw9g8Ki5LNvryVe6SHDTEziNHtnKsbPeDQ4bHRCs2/KQqhZIR39+1KV8dJ6DcXgz3GUermcQdm2o5nnfb2e0hsrQflW/IKxValsO9Ds+I1LARIQqdEYMHvsoExd+YVyL86hO3OWqSu53WbWToqbzx2O2NZ0iVFhOIqGHzTOZS0CQY8n9w3lpB86VF7nGZHW8AjJ8Z8FpU11Yx5So0UJG25n0f7gszm6v9HVvb5MUBZyXosoJGgB6AGG4lFgDWze+JIvnsgWrfjUwzsGVXeXOoi16+qZwdXcU7NfRPy0c4UV6C+UQH1oAgHN6Qy/PoaOcs0qnHuP0Cnzr8TgeYzsStpntA+3sPLpRjYCzAiowc5HzKbHDArMDrKgdy6cQSYL58P57ZsYV/AmQC9S0n+vYAZbJlOeI7laxCoPYAxcWS8WCYPoBDVmELPeeI7ch4BaoTYpWpOrGVeaJkRtMTVuQ7Fgc5yFzVOH6KOTTLDXuM/3xYHhG1ZRXj
template:
metadata:
name: cf-ddns-secret
namespace: tools
type: Opaque

35
clusters/ipv6/tools/cloudflare-ddns/cf-ddns.yml Normal file
View File

@@ -0,0 +1,35 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cf-ddns
namespace: tools
spec:
selector:
matchLabels:
app: cf-ddns
template:
metadata:
labels:
app: cf-ddns
spec:
hostNetwork: true
containers:
- name: cf-ddns
image: favonia/cloudflare-ddns:1.15.1
securityContext:
capabilities:
drop:
- ALL
env:
- name: DOMAINS
value: "*.akshun-lab.cc"
- name: PROXIED
value: "false"
- name: IP4_PROVIDER
value: "none"
- name: CLOUDFLARE_API_TOKEN
valueFrom:
secretKeyRef:
name: cf-ddns-secret
key: api-token