selivan · May 4, 2025 21:16 · FazziCLAY · Nov 20, 2024
diff --git a/cf-update-all-zones-settings.sh b/cf-update-all-zones-settings.sh
 #!/bin/bash

 ACCOUNT_EMAIL="$1"
 GLOBAL_API_KEY="$2"
 OPTION="${3:-ech}"
 VALUE="${4:-off}"

 if [ -z "${ACCOUNT_EMAIL}" ] || [ -z "${GLOBAL_API_KEY}" ]; then
        echo "Usage: $0 CLOUDFLARE_ACCOUNT_EMAIL CLOUDFLARE_GLOBAL_API_KEY [OPTION] [VALUE]"
        echo
        echo "Set specified setting for all zones for given account"
        echo "By default disable TLS ECH, that can not be done from web UI for free accounts"
        echo "To disable TLS 1.3 use this option: tls_1_3 off"
        echo
        echo "Docs: https://developers.cloudflare.com/api/operations/zone-settings-get-all-zone-settings"
        echo "Get all available zone settings: GET https://api.cloudflare.com/client/v4/zones/ID_ZONE/settings"
        exit 1
 fi

 type curl && type jq || exit 1

 # https://developers.cloudflare.com/api/operations/zones-get
 zones=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?per_page=50" \
     -H "X-Auth-Email: ${ACCOUNT_EMAIL}" \
     -H "X-Auth-Key: ${GLOBAL_API_KEY}")

 num_pages=$(echo "$zones" | jq --exit-status -r ".result_info.total_pages") || { echo "Something went wrong"; exit 1; }

 for page in $(seq 1 $num_pages); do
        curl -s -X GET "https://api.cloudflare.com/client/v4/zones?per_page=50&page=$page" \
        -H "X-Auth-Email: ${ACCOUNT_EMAIL}" \
        -H "X-Auth-Key: ${GLOBAL_API_KEY}" \
        | jq '.result' | jq '.[]' | jq -c '[.id,.name]' \
        | while read -r i; do
                ID_ZONE=$(echo "$i" | jq -r '.[0]')
                NAME_ZONE=$(echo "$i" | jq -r '.[1]')

                echo "Zone id: ${ID_ZONE}"
                echo "Name: ${NAME_ZONE}"
                echo "Changing ${OPTION} to ${VALUE} ..."

                curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/${ID_ZONE}/settings/${OPTION}" \
                -H "X-Auth-Email: ${ACCOUNT_EMAIL}" \
                -H "X-Auth-Key: ${GLOBAL_API_KEY}" \
                -H "Content-Type:application/json" --data "{\"id\":\"${OPTION}\",\"value\":\"${VALUE}\"}" | jq
        done
 done
	#!/bin/bash

	ACCOUNT_EMAIL="$1"
	GLOBAL_API_KEY="$2"
	OPTION="${3:-ech}"
	VALUE="${4:-off}"

	if [ -z "${ACCOUNT_EMAIL}" ] \|\| [ -z "${GLOBAL_API_KEY}" ]; then
	echo "Usage: $0 CLOUDFLARE_ACCOUNT_EMAIL CLOUDFLARE_GLOBAL_API_KEY [OPTION] [VALUE]"
	echo
	echo "Set specified setting for all zones for given account"
	echo "By default disable TLS ECH, that can not be done from web UI for free accounts"
	echo "To disable TLS 1.3 use this option: tls_1_3 off"
	echo
	echo "Docs: https://developers.cloudflare.com/api/operations/zone-settings-get-all-zone-settings"
	echo "Get all available zone settings: GET https://api.cloudflare.com/client/v4/zones/ID_ZONE/settings"
	exit 1
	fi

	type curl && type jq \|\| exit 1

	# https://developers.cloudflare.com/api/operations/zones-get
	zones=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?per_page=50" \
	-H "X-Auth-Email: ${ACCOUNT_EMAIL}" \
	-H "X-Auth-Key: ${GLOBAL_API_KEY}")

	num_pages=$(echo "$zones" \| jq --exit-status -r ".result_info.total_pages") \|\| { echo "Something went wrong"; exit 1; }

	for page in $(seq 1 $num_pages); do
	curl -s -X GET "https://api.cloudflare.com/client/v4/zones?per_page=50&page=$page" \
	-H "X-Auth-Email: ${ACCOUNT_EMAIL}" \
	-H "X-Auth-Key: ${GLOBAL_API_KEY}" \
	\| jq '.result' \| jq '.[]' \| jq -c '[.id,.name]' \
	\| while read -r i; do
	ID_ZONE=$(echo "$i" \| jq -r '.[0]')
	NAME_ZONE=$(echo "$i" \| jq -r '.[1]')

	echo "Zone id: ${ID_ZONE}"
	echo "Name: ${NAME_ZONE}"
	echo "Changing ${OPTION} to ${VALUE} ..."

	curl -s -X PATCH "https://api.cloudflare.com/client/v4/zones/${ID_ZONE}/settings/${OPTION}" \
	-H "X-Auth-Email: ${ACCOUNT_EMAIL}" \
	-H "X-Auth-Key: ${GLOBAL_API_KEY}" \
	-H "Content-Type:application/json" --data "{\"id\":\"${OPTION}\",\"value\":\"${VALUE}\"}" \| jq
	done
	done