Cloudflare DDNS
Purpose
Since I have a Dynamic IP address, meaning that every now and again my ISP changes my IP address. I need to make sure that Cloudflare is receiving the right IP address to be able to serve traffic from.
I would consider using the router directly, but since Cloudflare has some weird domain challenges to verify that the change is coming from an authenticated client. Support for Cloudflare DDNS natively in the router isn’t very common, so this is the only other option.
Docker compose
I will be using favonia's Cloudflare-DDNS container and using the Latest version / tag.
On their GitHub page, favonia gives us an example docker compose file, in that I don’t really need to change much as their example is rock-solid. I only need to change a couple of environment variables to suit my use case.
services:
cloudflare-ddns:
image: favonia/cloudflare-ddns:latest
network_mode: host
restart: always
user: UUID:GUID # set to cloudflare-ddns user
read_only: true
cap_drop: [all]
security_opt: [no-new-privileges:true]
environment:
- CLOUDFLARE_API_TOKEN=YOUR-CLOUDFLARE-API-TOKEN
- DOMAINS=example.org,www.example.org,example.io
- PROXIED=true
The only things I changed is what user the container runs under, the CLOUDFLARE_API_TOKEN and DOMAINS environment variables.
In a nice Secure by design mythology made by favonia, they purposely make privileges Cloudflare API tokens not work in the container. So, using the Edit zone DNS template for Cloudflare API tokens will give us the exact amount of privilege needed on the token.
A Simple plug and play container.
Enjoy Reading This Article?
Here are some more articles you might like to read next: