Documentation
¶
Overview ¶
Package api implements protocols to update DNS records and WAF lists.
Index ¶
- func CompareWAFList(l1, l2 WAFList) int
- func DescribeProxyStatus(proxied bool) string
- type Auth
- type CloudflareAuth
- type DeletionMode
- type Handle
- type HandleOptions
- type HandleOwnershipPolicy
- type ID
- type Record
- type RecordParams
- type TTL
- type WAFList
- type WAFListCleanupCode
- type WAFListCreateItem
- type WAFListItem
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CompareWAFList ¶ added in v1.16.0
CompareWAFList compares two WAF lists first by account ID and then by list name.
func DescribeProxyStatus ¶ added in v1.16.0
DescribeProxyStatus returns a user-facing description of the Cloudflare proxy status.
Types ¶
type Auth ¶
type Auth interface {
// New uses the authentication information to create a Handle.
New(ppfmt pp.PP, options HandleOptions) (Handle, bool)
// CheckUsability performs an early credential usability check.
//
// The check is warning-only and should not block startup.
CheckUsability(ctx context.Context, ppfmt pp.PP)
}
An Auth contains authentication information.
type CloudflareAuth ¶
A CloudflareAuth implements the Auth interface, holding the authentication data to create a [cloudflareHandle].
func (CloudflareAuth) CheckUsability ¶ added in v1.16.0
func (t CloudflareAuth) CheckUsability(ctx context.Context, ppfmt pp.PP)
CheckUsability performs an early token check and emits warnings for suspicious results while allowing startup to continue.
func (CloudflareAuth) New ¶
func (t CloudflareAuth) New(ppfmt pp.PP, options HandleOptions) (Handle, bool)
New creates a [cloudflareHandle] from the authentication data and handle options.
type DeletionMode ¶ added in v1.14.1
type DeletionMode bool
DeletionMode tells the deletion updater whether a careful re-reading of lists must be enforced if an error happens.
const ( // RegularDeletionMode enables re-reading when an error occurs. RegularDeletionMode DeletionMode = false // FinalDeletionMode disables re-reading when an error occurs. FinalDeletionMode DeletionMode = true )
type Handle ¶
type Handle interface {
// ListRecords lists managed DNS records matching the given domain/IP-family scope.
// The managed-record selector is bound into the handle options because
// implementations may cache filtered records by domain/IP-family scope.
//
// The second return value indicates whether the list was cached.
ListRecords(ctx context.Context, ppfmt pp.PP, ipFamily ipnet.Family, domain domain.Domain,
fallbackParams RecordParams,
) ([]Record, bool, bool)
// UpdateRecord reconciles one managed DNS record to the desired state.
//
// Implementations must apply the desired DNS content and metadata in
// desiredParams for this record:
// - content/IP: ip
// - ttl/proxied/comment/tags: desiredParams
UpdateRecord(ctx context.Context, ppfmt pp.PP, ipFamily ipnet.Family, domain domain.Domain,
id ID, ip netip.Addr, desiredParams RecordParams,
) bool
// CreateRecord creates one managed DNS record with the given desired metadata.
// It returns the ID of the new record.
CreateRecord(ctx context.Context, ppfmt pp.PP, ipFamily ipnet.Family, domain domain.Domain,
ip netip.Addr, desiredParams RecordParams) (ID, bool)
// DeleteRecord deletes one managed DNS record by ID.
//
// mode controls cache invalidation behavior for failure handling.
DeleteRecord(ctx context.Context, ppfmt pp.PP, ipFamily ipnet.Family,
domain domain.Domain, id ID, mode DeletionMode,
) bool
// ListWAFListItems returns managed WAF list items with their IP ranges.
// It does not create the list if it does not exist.
//
// The managed-item selector is bound into the handle options because
// implementations may cache filtered items by WAF-list scope.
// fallbackItemComment is the fallback comment target for newly created
// managed list items; implementations may use it for advisory mismatch hints.
//
// The second return value indicates whether the list already exists.
// The third return value indicates whether the list content was cached.
ListWAFListItems(ctx context.Context, ppfmt pp.PP, list WAFList, fallbackDescription, fallbackItemComment string,
) ([]WAFListItem, bool, bool, bool)
// FinalCleanWAFList removes managed WAF content during shutdown.
// Implementations choose whole-list or managed-item cleanup from the handle's
// bound ownership policy and the in-scope family set for the run.
//
// The handle should not be reused for any further update operations after
// calling this method.
FinalCleanWAFList(ctx context.Context, ppfmt pp.PP, list WAFList,
fallbackDescription string, managedFamilies map[ipnet.Family]bool,
) WAFListCleanupCode
// DeleteWAFListItems deletes managed WAF list items by item IDs.
DeleteWAFListItems(ctx context.Context, ppfmt pp.PP, list WAFList, fallbackDescription string, ids []ID) bool
// CreateWAFListItems creates managed WAF list items with the given prefixes
// and per-item comments.
CreateWAFListItems(ctx context.Context, ppfmt pp.PP, list WAFList, fallbackDescription string,
items []WAFListCreateItem) bool
}
A Handle represents a generic API to update DNS records and WAF lists. Currently, the only implementation is Cloudflare.
type HandleOptions ¶ added in v1.16.0
type HandleOptions struct {
HandleOwnershipPolicy
CacheExpiration time.Duration
}
HandleOptions bundles handle-scoped settings that affect cache correctness and other per-handle behavior.
type HandleOwnershipPolicy ¶ added in v1.16.0
type HandleOwnershipPolicy struct {
ManagedRecordsCommentRegex *regexp.Regexp
ManagedWAFListItemsCommentRegex *regexp.Regexp
AllowWholeWAFListDeleteOnShutdown bool
}
HandleOwnershipPolicy bundles the handle-bound ownership selectors and shutdown authority that affect cache correctness and WAF cleanup behavior.
func (HandleOwnershipPolicy) MatchManagedRecordComment ¶ added in v1.16.0
func (p HandleOwnershipPolicy) MatchManagedRecordComment(comment string) bool
MatchManagedRecordComment reports whether a DNS record comment is in scope.
func (HandleOwnershipPolicy) MatchManagedWAFListItemComment ¶ added in v1.16.0
func (p HandleOwnershipPolicy) MatchManagedWAFListItemComment(comment string) bool
MatchManagedWAFListItemComment reports whether a WAF item comment is in scope.
func (HandleOwnershipPolicy) Sanitize ¶ added in v1.16.0
func (p HandleOwnershipPolicy) Sanitize(ppfmt pp.PP) HandleOwnershipPolicy
Sanitize normalizes contradictory ownership settings and logs advisories.
type ID ¶ added in v1.14.0
type ID string
ID is a new type representing identifiers to avoid programming mistakes.
type Record ¶ added in v1.14.0
type Record struct {
ID ID
IP netip.Addr
RecordParams //nolint:embeddedstructfieldcheck // parameters go last
}
Record represents a DNS record.
type RecordParams ¶ added in v1.16.0
RecordParams bundles parameters of a DNS record.
type TTL ¶
type TTL int
A TTL represents a time-to-live value of a DNS record.
const TTLAuto TTL = 1
TTLAuto represents Cloudflare's "automatic" TTL sentinel value.
type WAFListCleanupCode ¶ added in v1.16.0
type WAFListCleanupCode int
WAFListCleanupCode summarizes final shutdown cleanup for one WAF list.
const ( // WAFListCleanupNoop means the managed WAF content was already gone. WAFListCleanupNoop WAFListCleanupCode = iota // WAFListCleanupUpdated means the managed WAF content was removed synchronously. WAFListCleanupUpdated // WAFListCleanupUpdating means WAF cleanup was started asynchronously. WAFListCleanupUpdating // WAFListCleanupFailed means shutdown cleanup did not finish successfully. WAFListCleanupFailed )
type WAFListCreateItem ¶ added in v1.16.0
WAFListCreateItem represents one WAF list item to create.
Source Files
Directories