cloudflare_dns - manage Cloudflare DNS records

New in version 2.1.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6

Parameters

Parameter Choices/Defaults Comments
account_api_token
required
Account API token. You can obtain your API key from the bottom of the Cloudflare 'My Account' page, found here: https://dash.cloudflare.com/
account_email
required
Account email.
algorithm
int

(added in 2.7)
Algorithm number. Required for type=DS and type=SSHFP when state=present.
cert_usage
int

(added in 2.7)
    Choices:
  • 0
  • 1
  • 2
  • 3
Certificate usage number. Required for type=TLSA when state=present.
hash_type
int

(added in 2.7)
    Choices:
  • 1
  • 2
Hash type number. Required for type=DS, type=SSHFP and type=TLSA when state=present.
key_tag
int

(added in 2.7)
DNSSEC key tag. Needed for type=DS when state=present.
port
Service port. Required for type=SRV and type=TLSA.
priority Default:
1
Record priority. Required for type=MX and type=SRV
proto
Service protocol. Required for type=SRV and type=TLSA.
Common values are tcp and udp.
Before Ansible 2.6 only tcp and udp were available.
proxied
bool

(added in 2.3)
    Choices:
  • no ←
  • yes
Proxy through cloudflare network or just use DNS
record Default:
@
Record to add. Required if state=present. Default is @ (e.g. the zone name)

aliases: name
selector
int

(added in 2.7)
    Choices:
  • 0
  • 1
Selector number. Required for type=TLSA when state=present.
service
Record service. Required for type=SRV
solo
Whether the record should be the only one for that record type and record name. Only use with state=present
This will delete all other records with the same record name and type.
state
    Choices:
  • present ←
  • absent
Whether the record(s) should exist or not
timeout Default:
30
Timeout for Cloudflare API calls
ttl Default:
1 (automatic)
The TTL to give the new record. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic.
type
    Choices:
  • A
  • AAAA
  • CNAME
  • TXT
  • SRV
  • MX
  • NS
  • DS
  • SPF
  • SSHFP
  • TLSA
The type of DNS record to create. Required if state=present
type=DS, type=SSHFP and type=TLSA added in Ansible 2.7.
value
The record value. Required for state=present

aliases: content
weight Default:
1
Service weight. Required for type=SRV
zone
required
The name of the Zone to work with (e.g. "example.com"). The Zone must already exist.

aliases: domain

Examples

# create a test.my.com A record to point to 127.0.0.1
- cloudflare_dns:
    zone: my.com
    record: test
    type: A
    value: 127.0.0.1
    account_email: [email protected]
    account_api_token: dummyapitoken
  register: record

# create a my.com CNAME record to example.com
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    state: present
    account_email: [email protected]
    account_api_token: dummyapitoken

# change it's ttl
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    ttl: 600
    state: present
    account_email: [email protected]
    account_api_token: dummyapitoken

# and delete the record
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    state: absent
    account_email: [email protected]
    account_api_token: dummyapitoken

# create a my.com CNAME record to example.com and proxy through cloudflare's network
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    state: present
    proxied: yes
    account_email: [email protected]
    account_api_token: dummyapitoken

# create TXT record "test.my.com" with value "unique value"
# delete all other TXT records named "test.my.com"
- cloudflare_dns:
    domain: my.com
    record: test
    type: TXT
    value: unique value
    state: present
    solo: true
    account_email: [email protected]
    account_api_token: dummyapitoken

# create a SRV record _foo._tcp.my.com
- cloudflare_dns:
    domain: my.com
    service: foo
    proto: tcp
    port: 3500
    priority: 10
    weight: 20
    type: SRV
    value: fooserver.my.com

# create a SSHFP record login.example.com
- cloudflare_dns:
    zone: example.com
    record: login
    type: SSHFP
    algorithm: 4
    hash_type: 2
    value: 9dc1d6742696d2f51ca1f1a78b3d16a840f7d111eb9454239e70db31363f33e1

# create a TLSA record _25._tcp.mail.example.com
- cloudflare_dns:
    zone: example.com
    record: mail
    port: 25
    proto: tcp
    type: TLSA
    cert_usage: 3
    selector: 1
    hash_type: 1
    value: 6b76d034492b493e15a7376fccd08e63befdad0edab8e442562f532338364bf3

# Create a DS record for subdomain.example.com
- cloudflare_dns:
    zone: example.com
    record: subdomain
    type: DS
    key_tag: 5464
    algorithm: 8
    hash_type: 2
    value: B4EB5AC4467D2DFB3BAF9FB9961DC1B6FED54A58CDFAA3E465081EC86F89BFAB

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
record
complex
success, except on record deletion
dictionary containing the record data

  proxiable
boolean
success
whether this record can be proxied through cloudflare

  locked
boolean
success
No documentation available

  name
string
success
the record name as FQDN (including _service and _proto for SRV)

Sample:
www.sample.com
  data
dictionary
success, if type is SRV, DS, SSHFP or TLSA
additional record data

Sample:
{'priority': 10, 'target': 'jabberhost.sample.com', 'service': '_xmpp', 'proto': '_tcp', 'port': 8080, 'weight': 5, 'name': 'jabber'}
  proxied
boolean
success
whether the record is proxied through cloudflare

  priority
int
success, if type is MX
priority of the MX record

Sample:
10
  created_on
string
success
the record creation date

Sample:
2016-03-25 19:09:42.516553
  meta
dictionary
success
No documentation available

Sample:
{'auto_added': False}
  ttl
int
success
the time-to-live for the record

Sample:
300
  modified_on
string
success
record modification date

Sample:
2016-03-25 19:09:42.516553
  zone_name
string
success
the name of the zone containing the record

Sample:
sample.com
  content
string
success
the record content (details depend on record type)

Sample:
192.0.2.91
  type
string
success
the record type

Sample:
A
  id
string
success
the record id

Sample:
f9efb0549e96abcb750de63b38c9576e
  zone_id
string
success
the id of the zone containing the record

Sample:
abcede0bf9f0066f94029d2e6b73856a


Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

  • Michael Gruener (@mgruener)

Hint

If you notice any issues in this documentation you can edit this document to improve it.