cloudflare_dns - manage Cloudflare DNS records¶

New in version 2.1.

Synopsis
- Requirements
Parameters
Examples
Return Values
Status
Maintenance
- Author

Synopsis ¶

Manages dns records via the Cloudflare API, see the docs: https://api.cloudflare.com/

Requirements ¶

The below requirements are needed on the host that executes this module.

python >= 2.6

Parameters ¶

Parameter	Choices/Defaults	Comments
account_api_token required		Account API token. You can obtain your API key from the bottom of the Cloudflare 'My Account' page, found here: https://dash.cloudflare.com/
account_email required		Account email.
algorithm int (added in 2.7)		Algorithm number. Required for `type=DS` and `type=SSHFP` when `state=present`.
cert_usage int (added in 2.7)	Choices: 0 1 2 3	Certificate usage number. Required for `type=TLSA` when `state=present`.
hash_type int (added in 2.7)	Choices: 1 2	Hash type number. Required for `type=DS`, `type=SSHFP` and `type=TLSA` when `state=present`.
key_tag int (added in 2.7)		DNSSEC key tag. Needed for `type=DS` when `state=present`.
port		Service port. Required for `type=SRV` and `type=TLSA`.
priority	Default: 1	Record priority. Required for `type=MX` and `type=SRV`
proto		Service protocol. Required for `type=SRV` and `type=TLSA`. Common values are tcp and udp. Before Ansible 2.6 only tcp and udp were available.
proxied bool (added in 2.3)	Choices: no ← yes	Proxy through cloudflare network or just use DNS
record	Default: @	Record to add. Required if `state=present`. Default is `@` (e.g. the zone name) aliases: name
selector int (added in 2.7)	Choices: 0 1	Selector number. Required for `type=TLSA` when `state=present`.
service		Record service. Required for `type=SRV`
solo		Whether the record should be the only one for that record type and record name. Only use with `state=present` This will delete all other records with the same record name and type.
state	Choices: present ← absent	Whether the record(s) should exist or not
timeout	Default: 30	Timeout for Cloudflare API calls
ttl	Default: 1 (automatic)	The TTL to give the new record. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic.
type	Choices: A AAAA CNAME TXT SRV MX NS DS SPF SSHFP TLSA	The type of DNS record to create. Required if `state=present` `type=DS`, `type=SSHFP` and `type=TLSA` added in Ansible 2.7.
value		The record value. Required for `state=present` aliases: content
weight	Default: 1	Service weight. Required for `type=SRV`
zone required		The name of the Zone to work with (e.g. "example.com"). The Zone must already exist. aliases: domain

Examples ¶

# create a test.my.com A record to point to 127.0.0.1
- cloudflare_dns:
    zone: my.com
    record: test
    type: A
    value: 127.0.0.1
    account_email: [email protected]
    account_api_token: dummyapitoken
  register: record

# create a my.com CNAME record to example.com
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    state: present
    account_email: [email protected]
    account_api_token: dummyapitoken

# change it's ttl
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    ttl: 600
    state: present
    account_email: [email protected]
    account_api_token: dummyapitoken

# and delete the record
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    state: absent
    account_email: [email protected]
    account_api_token: dummyapitoken

# create a my.com CNAME record to example.com and proxy through cloudflare's network
- cloudflare_dns:
    zone: my.com
    type: CNAME
    value: example.com
    state: present
    proxied: yes
    account_email: [email protected]
    account_api_token: dummyapitoken

# create TXT record "test.my.com" with value "unique value"
# delete all other TXT records named "test.my.com"
- cloudflare_dns:
    domain: my.com
    record: test
    type: TXT
    value: unique value
    state: present
    solo: true
    account_email: [email protected]
    account_api_token: dummyapitoken

# create a SRV record _foo._tcp.my.com
- cloudflare_dns:
    domain: my.com
    service: foo
    proto: tcp
    port: 3500
    priority: 10
    weight: 20
    type: SRV
    value: fooserver.my.com

# create a SSHFP record login.example.com
- cloudflare_dns:
    zone: example.com
    record: login
    type: SSHFP
    algorithm: 4
    hash_type: 2
    value: 9dc1d6742696d2f51ca1f1a78b3d16a840f7d111eb9454239e70db31363f33e1

# create a TLSA record _25._tcp.mail.example.com
- cloudflare_dns:
    zone: example.com
    record: mail
    port: 25
    proto: tcp
    type: TLSA
    cert_usage: 3
    selector: 1
    hash_type: 1
    value: 6b76d034492b493e15a7376fccd08e63befdad0edab8e442562f532338364bf3

# Create a DS record for subdomain.example.com
- cloudflare_dns:
    zone: example.com
    record: subdomain
    type: DS
    key_tag: 5464
    algorithm: 8
    hash_type: 2
    value: B4EB5AC4467D2DFB3BAF9FB9961DC1B6FED54A58CDFAA3E465081EC86F89BFAB

Return Values ¶

Common return values are documented here, the following are the fields unique to this module:

Key		Returned	Description
record complex		success, except on record deletion	dictionary containing the record data
	proxiable boolean	success	whether this record can be proxied through cloudflare
	locked boolean	success	No documentation available
	name string	success	the record name as FQDN (including _service and _proto for SRV) Sample: www.sample.com
	data dictionary	success, if type is SRV, DS, SSHFP or TLSA	additional record data Sample: {'priority': 10, 'target': 'jabberhost.sample.com', 'service': '_xmpp', 'proto': '_tcp', 'port': 8080, 'weight': 5, 'name': 'jabber'}
	proxied boolean	success	whether the record is proxied through cloudflare
	priority int	success, if type is MX	priority of the MX record Sample: 10
	created_on string	success	the record creation date Sample: 2016-03-25 19:09:42.516553
	meta dictionary	success	No documentation available Sample: {'auto_added': False}
	ttl int	success	the time-to-live for the record Sample: 300
	modified_on string	success	record modification date Sample: 2016-03-25 19:09:42.516553
	zone_name string	success	the name of the zone containing the record Sample: sample.com
	content string	success	the record content (details depend on record type) Sample: 192.0.2.91
	type string	success	the record type Sample: A
	id string	success	the record id Sample: f9efb0549e96abcb750de63b38c9576e
	zone_id string	success	the id of the zone containing the record Sample: abcede0bf9f0066f94029d2e6b73856a

Status ¶

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance ¶

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author ¶

Michael Gruener (@mgruener)

Hint

If you notice any issues in this documentation you can edit this document to improve it.