cloudflare_dns – Manage Cloudflare DNS records¶
Synopsis¶
- Manages dns records via the Cloudflare API, see the docs: https://api.cloudflare.com/
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.6
Parameters¶
| Parameter | Choices/Defaults | Comments | 
|---|---|---|
| account_api_token 
                    string
                                             / required                     | Account API token. You can obtain your API key from the bottom of the Cloudflare 'My Account' page, found here: https://dash.cloudflare.com/ | |
| account_email 
                    string
                                             / required                     | Account email. | |
| algorithm 
                    integer
                                                                 added in 2.7 | Algorithm number. Required for  type=DSandtype=SSHFPwhenstate=present. | |
| cert_usage 
                    integer
                                                                 added in 2.7 | 
 | Certificate usage number. Required for  type=TLSAwhenstate=present. | 
| hash_type 
                    integer
                                                                 added in 2.7 | 
 | Hash type number. Required for  type=DS,type=SSHFPandtype=TLSAwhenstate=present. | 
| key_tag 
                    integer
                                                                 added in 2.7 | DNSSEC key tag. Needed for  type=DSwhenstate=present. | |
| port 
                    integer
                                                                 | Service port. Required for  type=SRVandtype=TLSA. | |
| priority 
                    -
                                                                 | Default: 1 | Record priority. Required for  type=MXandtype=SRV | 
| proto 
                    string
                                                                 | Service protocol. Required for  type=SRVandtype=TLSA.Common values are TCP and UDP. Before Ansible 2.6 only TCP and UDP were available. | |
| proxied 
                    boolean
                                                                 | 
 | Proxy through Cloudflare network or just use DNS. | 
| record 
                    string
                                                                 | Default: "@" | Record to add. Required if  state=present.Default is  @(e.g. the zone name).aliases: name | 
| selector 
                    integer
                                                                 added in 2.7 | 
 | Selector number. Required for  type=TLSAwhenstate=present. | 
| service 
                    -
                                                                 | Record service. Required for  type=SRV | |
| solo 
                    boolean
                                                                 | 
 | Whether the record should be the only one for that record type and record name. Only use with  state=present.This will delete all other records with the same record name and type. | 
| state 
                    string
                                                                 | 
 | Whether the record(s) should exist or not. | 
| timeout 
                    integer
                                                                 | Default: 30 | Timeout for Cloudflare API calls. | 
| ttl 
                    integer
                                                                 | Default: 1 | The TTL to give the new record. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic. | 
| type 
                    string
                                                                 | 
 | The type of DNS record to create. Required if  state=present.type=DS,type=SSHFPandtype=TLSAadded in Ansible 2.7. | 
| value 
                    string
                                                                 | The record value. Required for  state=present.aliases: content | |
| weight 
                    integer
                                                                 | Default: 1 | Service weight. Required for  type=SRV. | 
| zone 
                    string
                                             / required                     | The name of the Zone to work with (e.g. "example.com"). The Zone must already exist. aliases: domain | 
Examples¶
- name: Create a test.my.com A record to point to 127.0.0.1
  cloudflare_dns:
    zone: my.com
    record: test
    type: A
    value: 127.0.0.1
    account_email: test@example.com
    account_api_token: dummyapitoken
  register: record
- name: Create a my.com CNAME record to example.com
  cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    account_email: test@example.com
    account_api_token: dummyapitoken
    state: present
- name: Change its TTL
  cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    ttl: 600
    account_email: test@example.com
    account_api_token: dummyapitoken
    state: present
- name: Delete the record
  cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    account_email: test@example.com
    account_api_token: dummyapitoken
    state: absent
- name: create a my.com CNAME record to example.com and proxy through Cloudflare's network
  cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    proxied: yes
    account_email: test@example.com
    account_api_token: dummyapitoken
    state: present
# This deletes all other TXT records named "test.my.com"
- name: Create TXT record "test.my.com" with value "unique value"
  cloudflare_dns:
    domain: my.com
    record: test
    type: TXT
    value: unique value
    solo: true
    account_email: test@example.com
    account_api_token: dummyapitoken
    state: present
- name: Create an SRV record _foo._tcp.my.com
  cloudflare_dns:
    domain: my.com
    service: foo
    proto: tcp
    port: 3500
    priority: 10
    weight: 20
    type: SRV
    value: fooserver.my.com
- name: Create a SSHFP record login.example.com
  cloudflare_dns:
    zone: example.com
    record: login
    type: SSHFP
    algorithm: 4
    hash_type: 2
    value: 9dc1d6742696d2f51ca1f1a78b3d16a840f7d111eb9454239e70db31363f33e1
- name: Create a TLSA record _25._tcp.mail.example.com
  cloudflare_dns:
    zone: example.com
    record: mail
    port: 25
    proto: tcp
    type: TLSA
    cert_usage: 3
    selector: 1
    hash_type: 1
    value: 6b76d034492b493e15a7376fccd08e63befdad0edab8e442562f532338364bf3
- name: Create a DS record for subdomain.example.com
  cloudflare_dns:
    zone: example.com
    record: subdomain
    type: DS
    key_tag: 5464
    algorithm: 8
    hash_type: 2
    value: B4EB5AC4467D2DFB3BAF9FB9961DC1B6FED54A58CDFAA3E465081EC86F89BFAB
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Michael Gruener (@mgruener)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
