Cloudflare Skill
Connect to Cloudflare API for DNS management, tunnels, and zone administration.
Setup
1. Get Your API Token
- 1. Go to dash.cloudflare.com/profile/api-tokens
- Create a token with required permissions:
-
Zone:Read - List domains
-
DNS:Edit - Manage DNS records
-
Account:Cloudflare Tunnel:Edit - Manage tunnels
- 3. Copy the token
2. Configure
�CODEBLOCK0
3. Test Connection
./scripts/setup.sh
Commands
Zones (Domains)
CODEBLOCK2
DNS Records
CODEBLOCK3
Tunnels
CODEBLOCK4�
Token Permissions
| Feature | Required Permission |
|---|
| List zones | Zone:Read |
| Manage DNS |
DNS:Edit |
| Manage tunnels | Account:Cloudflare Tunnel:Edit |
Create token at: dash.cloudflare.com/profile/api-tokens
Common Workflows
Point subdomain to server
�CODEBLOCK5
Set up tunnel for local service
# 1. Create tunnel
./scripts/tunnels/create.sh webhook-tunnel
# 2. Configure ingress
./scripts/tunnels/configure.sh webhook-tunnel \
--hostname hook.mysite.com \
--service http://localhost:8080
# 3. Add DNS record
TUNNEL_ID=$(./scripts/tunnels/list.sh --name webhook-tunnel --quiet)
./scripts/dns/create.sh mysite.com \
--type CNAME \
--name hook \
--content ${TUNNEL_ID}.cfargotunnel.com \
--proxied
# 4. Run tunnel
TOKEN=$(./scripts/tunnels/token.sh webhook-tunnel)
cloudflared tunnel run --token $TOKEN
Output Formats
| Flag | Description |
|---|
| INLINECODE0 | Raw JSON from API |
| INLINECODE1 |
Formatted table (default) |
|
--quiet | Minimal output (IDs only) |
Troubleshooting
| Error | Solution |
|---|
| "No API token found" | Run setup or set CLOUDFLAREAPITOKEN |
| "401 Unauthorized" |
Check token is valid |
| "403 Forbidden" | Token missing required permission |
| "Zone not found" | Verify domain is in your account |
Cloudflare 技能
连接 Cloudflare API,用于 DNS 管理、隧道和区域管理。
设置
1. 获取 API 令牌
- 1. 前往 dash.cloudflare.com/profile/api-tokens
- 创建具有所需权限的令牌:
-
区域:读取 - 列出域名
-
DNS:编辑 - 管理 DNS 记录
-
账户:Cloudflare 隧道:编辑 - 管理隧道
- 3. 复制令牌
2. 配置
bash
选项 A:存储在文件中(推荐)
echo 你的
API令牌 > ~/.cloudflare_token
chmod 600 ~/.cloudflare_token
选项 B:环境变量
export CLOUDFLARE
APITOKEN=你的
API令牌
3. 测试连接
bash
./scripts/setup.sh
命令
区域(域名)
bash
./scripts/zones/list.sh # 列出所有区域
./scripts/zones/list.sh --json # JSON 输出
./scripts/zones/get.sh example.com # 获取区域详情
DNS 记录
bash
列出记录
./scripts/dns/list.sh example.com
./scripts/dns/list.sh example.com --type A
./scripts/dns/list.sh example.com --name api
创建记录
./scripts/dns/create.sh example.com \
--type A \
--name api \
--content 1.2.3.4 \
--proxied
创建 CNAME
./scripts/dns/create.sh example.com \
--type CNAME \
--name www \
--content example.com \
--proxied
更新记录
./scripts/dns/update.sh example.com \
--name api \
--type A \
--content 5.6.7.8
删除记录
./scripts/dns/delete.sh example.com --name api --type A
隧道
bash
列出隧道
./scripts/tunnels/list.sh
创建隧道
./scripts/tunnels/create.sh my-tunnel
配置隧道入口
./scripts/tunnels/configure.sh my-tunnel \
--hostname app.example.com \
--service http://localhost:3000
获取运行令牌
./scripts/tunnels/token.sh my-tunnel
删除隧道
./scripts/tunnels/delete.sh my-tunnel
令牌权限
DNS:编辑 |
| 管理隧道 | 账户:Cloudflare 隧道:编辑 |
创建令牌: dash.cloudflare.com/profile/api-tokens
常见工作流程
将子域名指向服务器
bash
./scripts/dns/create.sh mysite.com --type A --name api --content 1.2.3.4 --proxied
为本地服务设置隧道
bash
1. 创建隧道
./scripts/tunnels/create.sh webhook-tunnel
2. 配置入口
./scripts/tunnels/configure.sh webhook-tunnel \
--hostname hook.mysite.com \
--service http://localhost:8080
3. 添加 DNS 记录
TUNNEL_ID=$(./scripts/tunnels/list.sh --name webhook-tunnel --quiet)
./scripts/dns/create.sh mysite.com \
--type CNAME \
--name hook \
--content ${TUNNEL_ID}.cfargotunnel.com \
--proxied
4. 运行隧道
TOKEN=$(./scripts/tunnels/token.sh webhook-tunnel)
cloudflared tunnel run --token $TOKEN
输出格式
| 标志 | 描述 |
|---|
| --json | API 原始 JSON |
| --table |
格式化表格(默认) |
| --quiet | 最小化输出(仅 ID) |
故障排除
| 错误 | 解决方案 |
|---|
| 未找到 API 令牌 | 运行设置或设置 CLOUDFLAREAPITOKEN |
| 401 未授权 |
检查令牌是否有效 |
| 403 禁止访问 | 令牌缺少所需权限 |
| 未找到区域 | 确认域名在你的账户中 |
