cloudflare_client_rb 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/cloudflare_client.rb +211 -0
- data/lib/cloudflare_client/certificate.rb +40 -0
- data/lib/cloudflare_client/organization.rb +26 -0
- data/lib/cloudflare_client/organization/access_rule.rb +76 -0
- data/lib/cloudflare_client/organization/invite.rb +53 -0
- data/lib/cloudflare_client/organization/member.rb +37 -0
- data/lib/cloudflare_client/organization/railgun.rb +79 -0
- data/lib/cloudflare_client/organization/role.rb +19 -0
- data/lib/cloudflare_client/railgun.rb +63 -0
- data/lib/cloudflare_client/version.rb +3 -0
- data/lib/cloudflare_client/virtual_dns_cluster.rb +133 -0
- data/lib/cloudflare_client/virtual_dns_cluster/analytic.rb +38 -0
- data/lib/cloudflare_client/zone.rb +129 -0
- data/lib/cloudflare_client/zone/analytics.rb +56 -0
- data/lib/cloudflare_client/zone/base.rb +9 -0
- data/lib/cloudflare_client/zone/custom_hostname.rb +86 -0
- data/lib/cloudflare_client/zone/custom_page.rb +28 -0
- data/lib/cloudflare_client/zone/custom_ssl.rb +62 -0
- data/lib/cloudflare_client/zone/dns.rb +66 -0
- data/lib/cloudflare_client/zone/firewall.rb +3 -0
- data/lib/cloudflare_client/zone/firewall/access_rule.rb +87 -0
- data/lib/cloudflare_client/zone/firewall/waf_package.rb +46 -0
- data/lib/cloudflare_client/zone/firewall/waf_package/base.rb +9 -0
- data/lib/cloudflare_client/zone/firewall/waf_package/rule.rb +46 -0
- data/lib/cloudflare_client/zone/firewall/waf_package/rule_group.rb +42 -0
- data/lib/cloudflare_client/zone/keyless_ssl.rb +56 -0
- data/lib/cloudflare_client/zone/log.rb +51 -0
- data/lib/cloudflare_client/zone/page_rule.rb +64 -0
- data/lib/cloudflare_client/zone/railgun_connections.rb +43 -0
- data/lib/cloudflare_client/zone/rate_limit.rb +73 -0
- data/lib/cloudflare_client/zone/ssl.rb +28 -0
- data/lib/cloudflare_client/zone/ssl/certificate_pack.rb +32 -0
- data/lib/cloudflare_client/zone/subscription.rb +55 -0
- metadata +76 -0
@@ -0,0 +1,46 @@
|
|
1
|
+
class CloudflareClient::Zone::Firewall::WAFPackage::Rule < CloudflareClient::Zone::Firewall::WAFPackage::Base
|
2
|
+
VALID_ORDERS = %w[priority group_id description].freeze
|
3
|
+
VALID_MODES = %w[default disable simulate block challenge on off].freeze
|
4
|
+
|
5
|
+
##
|
6
|
+
# waf_rules
|
7
|
+
|
8
|
+
##
|
9
|
+
# list waf rules
|
10
|
+
def list(mode: {}, priority: nil, match: 'all', order: 'priority', page: 1, per_page: 50, group_id: nil, description: nil, direction: 'desc')
|
11
|
+
#FIXME: mode isn't documented in api, ask CF
|
12
|
+
#FIXME: priority is read only?, ask CF
|
13
|
+
params = {page: page, per_page: per_page}
|
14
|
+
|
15
|
+
valid_value_check(:match, match, VALID_MATCHES)
|
16
|
+
params[:match] = match
|
17
|
+
|
18
|
+
valid_value_check(:order, order, VALID_ORDERS)
|
19
|
+
params[:order] = order
|
20
|
+
|
21
|
+
valid_value_check(:direction, direction, VALID_DIRECTIONS)
|
22
|
+
params[:direction] = direction
|
23
|
+
|
24
|
+
params[:group_id] unless group_id.nil?
|
25
|
+
params[:description] unless description.nil?
|
26
|
+
|
27
|
+
cf_get(path: "/zones/#{zone_id}/waf/packages/#{package_id}/rules", params: params)
|
28
|
+
end
|
29
|
+
|
30
|
+
##
|
31
|
+
# get a single waf rule
|
32
|
+
def show(id:)
|
33
|
+
id_check('id', id)
|
34
|
+
|
35
|
+
cf_get(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/rules/#{id}")
|
36
|
+
end
|
37
|
+
|
38
|
+
##
|
39
|
+
# update a waf rule
|
40
|
+
def update(id:, mode: 'on')
|
41
|
+
id_check('id', id)
|
42
|
+
valid_value_check(:mode, mode, VALID_MODES)
|
43
|
+
|
44
|
+
cf_patch(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/rules/#{id}", data: {mode: mode})
|
45
|
+
end
|
46
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
class CloudflareClient::Zone::Firewall::WAFPackage::RuleGroup < CloudflareClient::Zone::Firewall::WAFPackage::Base
|
2
|
+
VALID_MODES = %w[on off]
|
3
|
+
VALID_ORDERS = %w[mode rules_count]
|
4
|
+
|
5
|
+
##
|
6
|
+
# waf_rule_groups
|
7
|
+
def list(name: nil, mode: 'on', rules_count: 0, page: 1, per_page: 50, order: 'mode', direction: 'desc', match: 'all')
|
8
|
+
params = {page: page, per_page: per_page}
|
9
|
+
|
10
|
+
valid_value_check(:mode, mode, VALID_MODES)
|
11
|
+
params[:mode] = mode
|
12
|
+
|
13
|
+
#FIXME: rules_count doesn't make any sense, ask CF
|
14
|
+
valid_value_check(:order, order, VALID_ORDERS)
|
15
|
+
params[:order] = order
|
16
|
+
|
17
|
+
valid_value_check(:direction, direction, VALID_DIRECTIONS)
|
18
|
+
params[:direction] = direction
|
19
|
+
|
20
|
+
valid_value_check(:match, match, VALID_MATCHES)
|
21
|
+
params[:match] = match
|
22
|
+
|
23
|
+
cf_get(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/groups", params: params)
|
24
|
+
end
|
25
|
+
|
26
|
+
##
|
27
|
+
# details of a waf rule group
|
28
|
+
def show(id:)
|
29
|
+
id_check('id', id)
|
30
|
+
|
31
|
+
cf_get(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/groups/#{id}")
|
32
|
+
end
|
33
|
+
|
34
|
+
##
|
35
|
+
# updates a waf rule group
|
36
|
+
def update(id:, mode: 'on')
|
37
|
+
id_check('id', id)
|
38
|
+
valid_value_check(:mode, mode, VALID_MODES)
|
39
|
+
|
40
|
+
cf_patch(path: "/zones/#{zone_id}/firewall/waf/packages/#{package_id}/groups/#{id}", data: {mode: mode})
|
41
|
+
end
|
42
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
class CloudflareClient::Zone::KeylessSSL < CloudflareClient::Zone::Base
|
2
|
+
##
|
3
|
+
# keyless_ssl
|
4
|
+
|
5
|
+
##
|
6
|
+
# create a keyless ssl config
|
7
|
+
def create(host:, port:, certificate:, name: nil, bundle_method: 'ubiquitous')
|
8
|
+
raise 'host required' if host.nil?
|
9
|
+
raise 'certificate required' if certificate.nil?
|
10
|
+
bundle_method_check(bundle_method)
|
11
|
+
|
12
|
+
data = {host: host, port: port, certificate: certificate, bundle_method: bundle_method}
|
13
|
+
data[:name] = name ? name : "#{host} Keyless SSL"
|
14
|
+
|
15
|
+
cf_post(path: "/zones/#{zone_id}/keyless_certificates", data: data)
|
16
|
+
end
|
17
|
+
|
18
|
+
##
|
19
|
+
# list all the keyless ssl configs
|
20
|
+
def list
|
21
|
+
cf_get(path: "/zones/#{zone_id}/keyless_certificates")
|
22
|
+
end
|
23
|
+
|
24
|
+
##
|
25
|
+
# details of a keyless_ssl_config
|
26
|
+
def show(id:)
|
27
|
+
id_check('id', id)
|
28
|
+
|
29
|
+
cf_get(path: "/zones/#{zone_id}/keyless_certificates/#{id}")
|
30
|
+
end
|
31
|
+
|
32
|
+
##
|
33
|
+
# updates a keyless ssl config
|
34
|
+
def update(id:, host: nil, name: nil, port: nil, enabled: nil)
|
35
|
+
id_check('id', id)
|
36
|
+
unless enabled.nil?
|
37
|
+
raise 'enabled must be true||false' unless enabled == true || enabled == false
|
38
|
+
end
|
39
|
+
|
40
|
+
data = {}
|
41
|
+
data[:host] = host unless host.nil?
|
42
|
+
data[:name] = name ? name : "#{host} Keyless SSL"
|
43
|
+
data[:port] = port unless port.nil?
|
44
|
+
data[:enabled] = enabled unless enabled.nil?
|
45
|
+
|
46
|
+
cf_patch(path: "/zones/#{zone_id}/keyless_certificates/#{id}", data: data)
|
47
|
+
end
|
48
|
+
|
49
|
+
##
|
50
|
+
# delete a custom_ssl_config
|
51
|
+
def delete(id:)
|
52
|
+
id_check('id', id)
|
53
|
+
|
54
|
+
cf_delete(path: "/zones/#{zone_id}/keyless_certificates/#{id}")
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
class CloudflareClient::Zone::Log < CloudflareClient::Zone::Base
|
2
|
+
##
|
3
|
+
# Logs. This isn't part of the documented api, but is needed functionality
|
4
|
+
|
5
|
+
#FIXME: make sure this covers all the logging cases
|
6
|
+
|
7
|
+
##
|
8
|
+
# get logs using only timestamps
|
9
|
+
def list_by_time(start_time:, end_time: nil, count: nil)
|
10
|
+
id_check(:start_time, start_time)
|
11
|
+
timestamp_check(:start_time, start_time)
|
12
|
+
|
13
|
+
params = {start: start_time}
|
14
|
+
|
15
|
+
unless end_time.nil?
|
16
|
+
timestamp_check(:end_time, end_time)
|
17
|
+
params[:end] = end_time
|
18
|
+
end
|
19
|
+
|
20
|
+
params[:count] = count unless count.nil?
|
21
|
+
|
22
|
+
cf_get(path: "/zones/#{zone_id}/logs/requests", params: params, extra_headers: {'Accept-encoding': 'gzip'})
|
23
|
+
end
|
24
|
+
|
25
|
+
##
|
26
|
+
# get a single log entry by it's ray_id
|
27
|
+
def show(ray_id:)
|
28
|
+
id_check(:ray_id, ray_id)
|
29
|
+
|
30
|
+
cf_get(path: "/zones/#{zone_id}/logs/requests/#{ray_id}")
|
31
|
+
end
|
32
|
+
|
33
|
+
##
|
34
|
+
# get all logs after a given ray_id. end_time must be a valid unix timestamp
|
35
|
+
def list_since(ray_id:, end_time: nil, count: nil)
|
36
|
+
params = {start_id: ray_id}
|
37
|
+
|
38
|
+
unless end_time.nil?
|
39
|
+
timestamp_check(:end_time, end_time)
|
40
|
+
params[:end] = end_time
|
41
|
+
end
|
42
|
+
|
43
|
+
params[:count] = count unless count.nil?
|
44
|
+
|
45
|
+
cf_get(
|
46
|
+
path: "/zones/#{zone_id}/logs/requests/#{ray_id}",
|
47
|
+
params: params,
|
48
|
+
extra_headers: {'Accept-encoding': 'gzip'}
|
49
|
+
)
|
50
|
+
end
|
51
|
+
end
|
@@ -0,0 +1,64 @@
|
|
1
|
+
class CloudflareClient::Zone::PageRule < CloudflareClient::Zone::Base
|
2
|
+
VALID_STATUSES = %w[active disabled].freeze
|
3
|
+
VALID_ORDERS = %w[status priority].freeze
|
4
|
+
DOC_URL = 'https://api.cloudflare.com/#page-rules-for-a-zone-create-a-page-rule'.freeze
|
5
|
+
|
6
|
+
##
|
7
|
+
# page_rules_for_a_zone
|
8
|
+
|
9
|
+
##
|
10
|
+
# create zone_page_rule
|
11
|
+
def create(targets:, actions:, priority: 1, status: 'disabled')
|
12
|
+
raise "targets must be an array of targets #{DOC_URL}" if !targets.is_a?(Array) || targets.empty?
|
13
|
+
raise "actions must be an array of actions #{DOC_URL}" if !actions.is_a?(Array) || actions.empty?
|
14
|
+
valid_value_check(:status, status, VALID_STATUSES)
|
15
|
+
|
16
|
+
data = {targets: targets, actions: actions, priority: priority, status: status}
|
17
|
+
|
18
|
+
cf_post(path: "/zones/#{zone_id}/pagerules", data: data)
|
19
|
+
end
|
20
|
+
|
21
|
+
##
|
22
|
+
# list all the page rules for a zone
|
23
|
+
def list(status: 'disabled', order: 'priority', direction: 'desc', match: 'all')
|
24
|
+
valid_value_check(:status, status, VALID_STATUSES)
|
25
|
+
valid_value_check(:order, order, VALID_ORDERS)
|
26
|
+
valid_value_check(:direction, direction, VALID_DIRECTIONS)
|
27
|
+
valid_value_check(:match, match, VALID_MATCHES)
|
28
|
+
|
29
|
+
params = {status: status, order: order, direction: direction, match: match}
|
30
|
+
|
31
|
+
cf_get(path: "/zones/#{zone_id}/pagerules", params: params)
|
32
|
+
end
|
33
|
+
|
34
|
+
##
|
35
|
+
# page rule details
|
36
|
+
def show(id:)
|
37
|
+
id_check('id', id)
|
38
|
+
|
39
|
+
cf_get(path: "/zones/#{zone_id}/pagerules/#{id}")
|
40
|
+
end
|
41
|
+
|
42
|
+
#TODO: do we need upate, looks the same as change
|
43
|
+
|
44
|
+
##
|
45
|
+
# update a page rule
|
46
|
+
def update(id:, targets: [], actions: [], priority: 1, status: 'disabled')
|
47
|
+
id_check('id', id)
|
48
|
+
raise "targets must be an array of targets #{DOC_URL}" if !targets.is_a?(Array) || targets.empty?
|
49
|
+
raise "actions must be an array of actions #{DOC_URL}" if !actions.is_a?(Array) || actions.empty?
|
50
|
+
valid_value_check(:status, status, VALID_STATUSES)
|
51
|
+
|
52
|
+
data = {targets: targets, actions: actions, priority: priority, status: status}
|
53
|
+
|
54
|
+
cf_patch(path: "/zones/#{zone_id}/pagerules/#{id}", data: data)
|
55
|
+
end
|
56
|
+
|
57
|
+
##
|
58
|
+
# delete a zone page rule
|
59
|
+
def delete(id:)
|
60
|
+
id_check('id', id)
|
61
|
+
|
62
|
+
cf_delete(path: "/zones/#{zone_id}/pagerules/#{id}")
|
63
|
+
end
|
64
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
class CloudflareClient::Zone::RailgunConnections < CloudflareClient::Zone::Base
|
2
|
+
##
|
3
|
+
# Railgun connections
|
4
|
+
|
5
|
+
##
|
6
|
+
# available railguns
|
7
|
+
def list
|
8
|
+
cf_get(path: "/zones/#{zone_id}/railguns")
|
9
|
+
end
|
10
|
+
|
11
|
+
##
|
12
|
+
# details of a single railgun
|
13
|
+
def show(id:)
|
14
|
+
raise 'railgun id required' if id.nil?
|
15
|
+
cf_get(path: "/zones/#{zone_id}/railguns/#{id}")
|
16
|
+
end
|
17
|
+
|
18
|
+
##
|
19
|
+
# test a railgun connection
|
20
|
+
def test(id:)
|
21
|
+
raise 'railgun id required' if id.nil?
|
22
|
+
cf_get(path: "/zones/#{zone_id}/railguns/#{id}/diagnose")
|
23
|
+
end
|
24
|
+
|
25
|
+
##
|
26
|
+
# connect a railgun
|
27
|
+
def connect(id:)
|
28
|
+
update_connection(id: id, connected: true)
|
29
|
+
end
|
30
|
+
|
31
|
+
##
|
32
|
+
# disconnect a railgun
|
33
|
+
def disconnect(id:)
|
34
|
+
update_connection(id: id, connected: false)
|
35
|
+
end
|
36
|
+
|
37
|
+
private
|
38
|
+
|
39
|
+
def update_connection(id:, connected:)
|
40
|
+
raise 'railgun id required' if id.nil?
|
41
|
+
cf_patch(path: "/zones/#{zone_id}/railguns/#{id}", data: {connected: connected})
|
42
|
+
end
|
43
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
class CloudflareClient::Zone::RateLimit < CloudflareClient::Zone::Base
|
2
|
+
DOC_URL = 'https://api.cloudflare.com/#rate-limits-for-a-zone-create-a-ratelimit'.freeze
|
3
|
+
|
4
|
+
##
|
5
|
+
# rate_limits_for_a_zone
|
6
|
+
|
7
|
+
##
|
8
|
+
# list zone rate limits
|
9
|
+
def list(page: 1, per_page: 50)
|
10
|
+
params = {page: page, per_page: per_page}
|
11
|
+
|
12
|
+
cf_get(path: "/zones/#{zone_id}/rate_limits", params: params)
|
13
|
+
end
|
14
|
+
|
15
|
+
##
|
16
|
+
# Create a zone rate limit
|
17
|
+
def create(match:, threshold:, period:, action:, id: nil, disabled: nil, description: nil, bypass: nil)
|
18
|
+
common_checks(match, action, threshold, period)
|
19
|
+
|
20
|
+
data = {match: match, threshold: threshold, period: period, action: action}
|
21
|
+
data[:id] = id unless id.nil?
|
22
|
+
|
23
|
+
unless disabled.nil?
|
24
|
+
valid_value_check(:disabled, disabled, [true, false])
|
25
|
+
data[:disabled] = disabled
|
26
|
+
end
|
27
|
+
|
28
|
+
cf_post(path: "/zones/#{zone_id}/rate_limits", data: data)
|
29
|
+
end
|
30
|
+
|
31
|
+
##
|
32
|
+
# get details for a zone rate limit
|
33
|
+
def show(id:)
|
34
|
+
id_check('id', id)
|
35
|
+
|
36
|
+
cf_get(path: "/zones/#{zone_id}/rate_limits/#{id}")
|
37
|
+
end
|
38
|
+
|
39
|
+
##
|
40
|
+
# update zone rate limit
|
41
|
+
def update(id:, match:, action:, threshold:, period:, disabled: nil, description: nil, bypass: nil)
|
42
|
+
id_check('id', id)
|
43
|
+
common_checks(match, action, threshold, period)
|
44
|
+
|
45
|
+
data = {match: match, threshold: threshold, period: period, action: action}
|
46
|
+
data[:id] = id unless id.nil?
|
47
|
+
data[:description] = description unless description.nil?
|
48
|
+
|
49
|
+
unless disabled.nil?
|
50
|
+
valid_value_check(:disabled, disabled, [true, false])
|
51
|
+
data[:disabled] = disabled
|
52
|
+
end
|
53
|
+
|
54
|
+
cf_put(path: "/zones/#{zone_id}/rate_limits/#{id}", data: data)
|
55
|
+
end
|
56
|
+
|
57
|
+
##
|
58
|
+
# delete zone rate limit
|
59
|
+
def delete(id:)
|
60
|
+
id_check('id', id)
|
61
|
+
|
62
|
+
cf_delete(path: "/zones/#{zone_id}/rate_limits/#{id}")
|
63
|
+
end
|
64
|
+
|
65
|
+
private
|
66
|
+
|
67
|
+
def common_checks(match, action, threshold, period)
|
68
|
+
raise "match must be a match object #{DOC_URL}" unless match.is_a?(Hash)
|
69
|
+
raise "action must be a action object #{DOC_URL}" unless action.is_a?(Hash)
|
70
|
+
raise 'threshold must be between 1 86400' if !threshold.is_a?(Integer) || !threshold.between?(1, 86400)
|
71
|
+
raise 'period must be between 1 86400' if !period.is_a?(Integer) || !period.between?(1, 86400)
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
class CloudflareClient::Zone::SSL < CloudflareClient::Zone::Base
|
2
|
+
Dir[File.expand_path('../ssl/*.rb', __FILE__)].each {|f| require f}
|
3
|
+
|
4
|
+
VALID_RETRY_VERIFICATIONS = [true].freeze
|
5
|
+
|
6
|
+
##
|
7
|
+
# analyze a certificate
|
8
|
+
def analyze(certificate: nil, bundle_method: 'ubiquitous')
|
9
|
+
data = {}
|
10
|
+
data[:certificate] = certificate unless certificate.nil?
|
11
|
+
|
12
|
+
bundle_method_check(bundle_method)
|
13
|
+
data[:bundle_method] = bundle_method
|
14
|
+
|
15
|
+
cf_post(path: "/zones/#{zone_id}/ssl/analyze", data: data)
|
16
|
+
end
|
17
|
+
|
18
|
+
##
|
19
|
+
# get ssl verification
|
20
|
+
def verification(retry_verification: nil)
|
21
|
+
unless retry_verification.nil?
|
22
|
+
valid_value_check(:retry_verification, retry_verification, VALID_RETRY_VERIFICATIONS)
|
23
|
+
params = {retry: true}
|
24
|
+
end
|
25
|
+
|
26
|
+
cf_get(path: "/zones/#{zone_id}/ssl/verification", params: params)
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
class CloudflareClient::Zone::SSL::CertificatePack < CloudflareClient::Zone::SSL
|
2
|
+
##
|
3
|
+
# certificate_packs
|
4
|
+
|
5
|
+
##
|
6
|
+
# list all certificate packs
|
7
|
+
def list
|
8
|
+
cf_get(path: "/zones/#{zone_id}/ssl/certificate_packs")
|
9
|
+
end
|
10
|
+
|
11
|
+
##
|
12
|
+
# re-order certificate packs
|
13
|
+
def order(hosts: nil)
|
14
|
+
non_empty_array_check(:hosts, hosts) unless hosts.nil?
|
15
|
+
|
16
|
+
data = {hosts: hosts}
|
17
|
+
|
18
|
+
# TODO: test against api
|
19
|
+
cf_post(path: "/zones/#{zone_id}/ssl/certificate_packs", data: data)
|
20
|
+
end
|
21
|
+
|
22
|
+
##
|
23
|
+
# edit a certificate pack
|
24
|
+
def update(id:, hosts:)
|
25
|
+
id_check(:id, id)
|
26
|
+
non_empty_array_check(:hosts, hosts) unless hosts.nil?
|
27
|
+
|
28
|
+
data = {hosts: hosts}
|
29
|
+
|
30
|
+
cf_patch(path: "/zones/#{zone_id}/ssl/certificate_packs/#{id}", data: data)
|
31
|
+
end
|
32
|
+
end
|