bea1903ac9
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Co-authored-by: Cursor <cursoragent@cursor.com>
105 lines
3.6 KiB
Bash
105 lines
3.6 KiB
Bash
#!/usr/bin/env bash
|
|
# Add Cloudflare A records for domains that verification reports as "Not found"
|
|
# (export only lists A records; these may be missing or CNAME). Creates DNS-only A to PUBLIC_IP.
|
|
# Usage: bash scripts/verify/add-missing-cloudflare-a-records.sh [--dry-run]
|
|
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
|
|
cd "$PROJECT_ROOT"
|
|
|
|
[ -f .env ] && set +u && source .env 2>/dev/null; set -u
|
|
|
|
DRY_RUN=false
|
|
[[ "${1:-}" == "--dry-run" ]] && DRY_RUN=true
|
|
|
|
CLOUDFLARE_API_TOKEN="${CLOUDFLARE_API_TOKEN:-}"
|
|
CLOUDFLARE_EMAIL="${CLOUDFLARE_EMAIL:-}"
|
|
CLOUDFLARE_API_KEY="${CLOUDFLARE_API_KEY:-}"
|
|
PUBLIC_IP="${PUBLIC_IP:-76.53.10.36}"
|
|
ZONE_D_BIS="${CLOUDFLARE_ZONE_ID_D_BIS_ORG:-${CLOUDFLARE_ZONE_ID:-}}"
|
|
ZONE_DEFI_ORACLE="${CLOUDFLARE_ZONE_ID_DEFI_ORACLE_IO:-}"
|
|
|
|
if [ -n "$CLOUDFLARE_API_TOKEN" ]; then
|
|
AUTH_HEADER="Authorization: Bearer $CLOUDFLARE_API_TOKEN"
|
|
elif [ -n "$CLOUDFLARE_EMAIL" ] && [ -n "$CLOUDFLARE_API_KEY" ]; then
|
|
AUTH_HEADER="X-Auth-Email: $CLOUDFLARE_EMAIL"$'\n'"X-Auth-Key: $CLOUDFLARE_API_KEY"
|
|
else
|
|
echo "Set CLOUDFLARE_API_TOKEN or CLOUDFLARE_EMAIL + CLOUDFLARE_API_KEY in .env"
|
|
exit 1
|
|
fi
|
|
|
|
# name (FQDN), zone_id
|
|
RECORDS=(
|
|
"rpc-http-pub.d-bis.org|$ZONE_D_BIS"
|
|
"rpc-http-prv.d-bis.org|$ZONE_D_BIS"
|
|
"rpc-fireblocks.d-bis.org|$ZONE_D_BIS"
|
|
"ws.rpc-fireblocks.d-bis.org|$ZONE_D_BIS"
|
|
)
|
|
RECORDS_DEFI=(
|
|
"rpc.public-0138.defi-oracle.io|$ZONE_DEFI_ORACLE"
|
|
)
|
|
|
|
add_record() {
|
|
local name="$1"
|
|
local zone_id="$2"
|
|
[ -z "$zone_id" ] && return 1
|
|
local data
|
|
data=$(jq -n --arg type "A" --arg name "$name" --arg content "$PUBLIC_IP" '{type:$type,name:$name,content:$content,ttl:1,proxied:false}')
|
|
if [[ "$DRY_RUN" == true ]]; then
|
|
echo "[DRY-RUN] Would create A $name -> $PUBLIC_IP in zone $zone_id"
|
|
return 0
|
|
fi
|
|
if [ -n "$CLOUDFLARE_API_TOKEN" ]; then
|
|
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$zone_id/dns_records" \
|
|
-H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "$data"
|
|
else
|
|
curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$zone_id/dns_records" \
|
|
-H "X-Auth-Email: $CLOUDFLARE_EMAIL" \
|
|
-H "X-Auth-Key: $CLOUDFLARE_API_KEY" \
|
|
-H "Content-Type: application/json" \
|
|
-d "$data"
|
|
fi
|
|
}
|
|
|
|
echo "Adding missing A records (PUBLIC_IP=$PUBLIC_IP, DNS only)..."
|
|
for entry in "${RECORDS[@]}"; do
|
|
IFS='|' read -r name zone_id <<< "$entry"
|
|
result=$(add_record "$name" "$zone_id")
|
|
if [[ "$DRY_RUN" != true ]]; then
|
|
success=$(echo "$result" | jq -r '.success // false')
|
|
if [[ "$success" == "true" ]]; then
|
|
echo "Created A $name -> $PUBLIC_IP"
|
|
else
|
|
err=$(echo "$result" | jq -r '.errors[0].message // .message // "unknown"')
|
|
if echo "$result" | jq -e '.errors[] | select(.code == 81057)' &>/dev/null; then
|
|
echo "A $name already exists (skip)"
|
|
else
|
|
echo "Failed $name: $err"
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
for entry in "${RECORDS_DEFI[@]}"; do
|
|
IFS='|' read -r name zone_id <<< "$entry"
|
|
[ -z "$zone_id" ] && echo "Skip $name (no defi-oracle zone id)" && continue
|
|
result=$(add_record "$name" "$zone_id")
|
|
if [[ "$DRY_RUN" != true ]]; then
|
|
success=$(echo "$result" | jq -r '.success // false')
|
|
if [[ "$success" == "true" ]]; then
|
|
echo "Created A $name -> $PUBLIC_IP"
|
|
else
|
|
if echo "$result" | jq -e '.errors[] | select(.code == 81057)' &>/dev/null; then
|
|
echo "A $name already exists (skip)"
|
|
else
|
|
err=$(echo "$result" | jq -r '.errors[0].message // .message // "unknown"')
|
|
echo "Failed $name: $err"
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
echo "Done."
|