dnscontrol icon indicating copy to clipboard operation
dnscontrol copied to clipboard
verified publisher icon StackExchange

Cloudflare get-zones does not return page rules

Open robcohen opened this issue 5 years ago • 6 comments

sudo docker run --env CF_API=<APIKEY> --rm -it -v $(pwd)/dnsconfig.js:/dns/dnsconfig.js -v $(pwd)/creds.json:/dns/creds.json stackexchange/dnscontrol dnscontrol get-zones -format=dsl cloudflare CLOUDFLAREAPI all

This command does not return any pagerules. I have to dnscontrol preview the output of the command above, then try to copy paste the rules together.

Even after I try to piece together the ordering, there are missing rules still? I only have an API key for the account so I need to check more closely.

I'll look into how to curl the rules and process them out, but why does get-zones not contain any rules from CF?

robcohen avatar Mar 13 '20 01:03 robcohen

I implemented the cloudflare implementation for get_zones. I decided not to grab page rules at the time.

I felt like the primary use case for get-zones would be a user of cloudflare dns wanting to move to dnscontrol. Since CF_REDIRECT is a bit of an odd concept, I figured that was the kind of thing that most users would add in manually after the fact. I remember implementing the CF_REDIRECT logic, but not really how it works. I know we are looking for page rules matching very specific formats, and dnscontrol does not act as a general purpose page rule management tool.

Looking at the code again, I suppose get-zones could be modified to add CF_REDIRECT and CF_TEMP_REDIRECT entries if it finds those kinds of redirect page rules in an existing zone. No reason not to.

captncraig avatar Mar 13 '20 02:03 captncraig

Thanks for the quick response. I wonder if it would be possible to get Cloudflare themselves to spend resources maintaining the provider? I'll have to look into whether they officially support any other software like dnscontrol (OctoDNS, Terraform).

robcohen avatar Mar 13 '20 11:03 robcohen

https://github.com/cloudflare/cloudflare-go/issues/426

robcohen avatar Mar 13 '20 12:03 robcohen

Reversing page rules into CF_* items sounds like quite a challenge. I'll gladly accept PRs that do it if the community wants to support such a thing. Sounds like an interesting code challenge you'd see in a CS programming contest!

As documented, the goal of "get-zones" is to create a decent first draft, not a perfect replica. It is usually used for a one-time conversion. So, doing fancy stuff like pagerule conversion has little ROI.

When deciding what to do by hand vs. automating, I tend to favor the Compensatory Principle as my guide (https://queue.acm.org/detail.cfm?id=2841313). Following that principle, leaving this as manual is reasonable because it is in the rare/skilled quadrant.

If you want to take a stab at a PR that would do some of the easy cases, others could build on it.

Tom

tlimoncelli avatar Mar 13 '20 12:03 tlimoncelli

That makes sense to me, but the problem is that the ordering gets all crazy if you try to rebuild the redirects from the dnscontrol preview DELETE pagerules. I've tried reconstructing it but the ordering gets crazy, and then for some reason the ordering requires an additional rule here or there to reduce the MODIFIED occurrences. I only have a RO API key, or else I would actually manually just copy the rules over via the CF GUI. Is there a better way to do this?

robcohen avatar Mar 13 '20 12:03 robcohen

Uh yeah, that's the kind of difficulties I was fearing might happen. :)

How about as a first step, just download the rules and put them in as comments? Once that works, the next step will be more clear.

Tom

tlimoncelli avatar Mar 13 '20 13:03 tlimoncelli