kolobus · March 5, 2024 15:15
diff --git a/cf-ddns.rsc b/cf-ddns.rsc
 # Cloudflare Dynamic DNS update script
 # Required policy: read, write, test, policy
 # Add this script to scheduler
 # Install DigiCert root CA or disable check-certificate
 # Configuration ---------------------------------------------------------------------

 :local TOKEN "__TOKEN__"

 :local ZONEIDv6 "__ZONEID__"
 :local RECORDIDv6 "__RECORDID__"
 :local RECORDNAMEv6 "__RECORDNAME__"
 :global IP6NEW
 :global IP6CUR

 :local ZONEIDv4 "__ZONEID__"
 :local RECORDIDv4 "__RECORDID__"
 :local RECORDNAMEv4 "__RECORDNAME__"
 :global IP4NEW
 :global IP4CUR

 :local WANIF "ether1"

 #------------------------------------------------------------------------------------




 :if ([/interface get $WANIF value-name=running]) do={

    # IPv6 check

    :local requestip6 [tool fetch url="https://ipv6.icanhazip.com" mode=https check-certificate=no output=user as-value]
    :set IP6NEW [:pick ($requestip6->"data") 0 ([:len ($requestip6->"data")]-1)]

    :if ($IP6NEW != $IP6CUR) do={

        :log info "CF-DDNS: IPv6 changed to $IP6NEW"
        :local url "https://api.cloudflare.com/client/v4/zones/$ZONEIDv6/dns_records/$RECORDIDv6/"

        :local cfapi [/tool fetch http-method=put mode=https url=$url check-certificate=no output=user as-value \
            http-header-field="Authorization: Bearer $TOKEN" \
            http-data="{\"type\":\"AAAA\",\"name\":\"$RECORDNAMEv6\",\"content\":\"$IP6NEW\",\"ttl\":120,\"proxied\":false}"]

        :set IP6CUR $IP6NEW
        :log info "CF-DDNS: $RECORDNAMEv6 is now $IP6CUR"

    }  else={

        :log info "CF-DDNS: IP $IP6NEW not changed, quitting"

    }

   # IPv4 check

    :local requestip4 [tool fetch url="https://ipv4.icanhazip.com" mode=https check-certificate=no output=user as-value]
    :set IP4NEW [:pick ($requestip4->"data") 0 ([:len ($requestip4->"data")]-1)]

    :if ($IP4NEW != $IP4CUR) do={

        :log info "CF-DDNS: IPv4 changed to $IP4NEW"
        :local url "https://api.cloudflare.com/client/v4/zones/$ZONEIDv4/dns_records/$RECORDIDv4/"

        :local cfapi [/tool fetch http-method=put mode=https url=$url check-certificate=no output=user as-value \
            http-header-field="Authorization: Bearer $TOKEN" \
            http-data="{\"type\":\"A\",\"name\":\"$RECORDNAMEv4\",\"content\":\"$IP4NEW\",\"ttl\":120,\"proxied\":false}"]

        :set IP4CUR $IP4NEW
        :log info "CF-DDNS: $RECORDNAMEv4 is now $IP4CUR"

    }  else={

        :log info "CF-DDNS: IP $IP4NEW not changed, quitting"

    }

 } else={

    :log info "CF-DDNS: $WANIF is not currently running, quitting"

 }
	# Cloudflare Dynamic DNS update script
	# Required policy: read, write, test, policy
	# Add this script to scheduler
	# Install DigiCert root CA or disable check-certificate
	# Configuration ---------------------------------------------------------------------

	:local TOKEN "__TOKEN__"

	:local ZONEIDv6 "__ZONEID__"
	:local RECORDIDv6 "__RECORDID__"
	:local RECORDNAMEv6 "__RECORDNAME__"
	:global IP6NEW
	:global IP6CUR

	:local ZONEIDv4 "__ZONEID__"
	:local RECORDIDv4 "__RECORDID__"
	:local RECORDNAMEv4 "__RECORDNAME__"
	:global IP4NEW
	:global IP4CUR

	:local WANIF "ether1"

	#------------------------------------------------------------------------------------




	:if ([/interface get $WANIF value-name=running]) do={

	# IPv6 check

	:local requestip6 [tool fetch url="https://ipv6.icanhazip.com" mode=https check-certificate=no output=user as-value]
	:set IP6NEW [:pick ($requestip6->"data") 0 ([:len ($requestip6->"data")]-1)]

	:if ($IP6NEW != $IP6CUR) do={

	:log info "CF-DDNS: IPv6 changed to $IP6NEW"
	:local url "https://api.cloudflare.com/client/v4/zones/$ZONEIDv6/dns_records/$RECORDIDv6/"

	:local cfapi [/tool fetch http-method=put mode=https url=$url check-certificate=no output=user as-value \
	http-header-field="Authorization: Bearer $TOKEN" \
	http-data="{\"type\":\"AAAA\",\"name\":\"$RECORDNAMEv6\",\"content\":\"$IP6NEW\",\"ttl\":120,\"proxied\":false}"]

	:set IP6CUR $IP6NEW
	:log info "CF-DDNS: $RECORDNAMEv6 is now $IP6CUR"

	} else={

	:log info "CF-DDNS: IP $IP6NEW not changed, quitting"

	}

	# IPv4 check

	:local requestip4 [tool fetch url="https://ipv4.icanhazip.com" mode=https check-certificate=no output=user as-value]
	:set IP4NEW [:pick ($requestip4->"data") 0 ([:len ($requestip4->"data")]-1)]

	:if ($IP4NEW != $IP4CUR) do={

	:log info "CF-DDNS: IPv4 changed to $IP4NEW"
	:local url "https://api.cloudflare.com/client/v4/zones/$ZONEIDv4/dns_records/$RECORDIDv4/"

	:local cfapi [/tool fetch http-method=put mode=https url=$url check-certificate=no output=user as-value \
	http-header-field="Authorization: Bearer $TOKEN" \
	http-data="{\"type\":\"A\",\"name\":\"$RECORDNAMEv4\",\"content\":\"$IP4NEW\",\"ttl\":120,\"proxied\":false}"]

	:set IP4CUR $IP4NEW
	:log info "CF-DDNS: $RECORDNAMEv4 is now $IP4CUR"

	} else={

	:log info "CF-DDNS: IP $IP4NEW not changed, quitting"

	}

	} else={

	:log info "CF-DDNS: $WANIF is not currently running, quitting"

	}