phil/Export_DNS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
44c7ea4b64
Export_DNS/Cloudflare
History
Phil 44c7ea4b64 Updated the script so you no longer need to specify zones. The zones will be looked up against the account and it will pull down and zones into seperate config files. This means that the config file now only needs one API key from the account that has Zone:Read and DNS:Read permissions.
2025-08-25 21:17:15 +01:00
..
config.conf Updated the script so you no longer need to specify zones. The zones will be looked up against the account and it will pull down and zones into seperate config files. This means that the config file now only needs one API key from the account that has Zone:Read and DNS:Read permissions. 2025-08-25 21:17:15 +01:00
export_dns_cloudflare.sh Updated the script so you no longer need to specify zones. The zones will be looked up against the account and it will pull down and zones into seperate config files. This means that the config file now only needs one API key from the account that has Zone:Read and DNS:Read permissions. 2025-08-25 21:17:15 +01:00
README.md Updated the script so you no longer need to specify zones. The zones will be looked up against the account and it will pull down and zones into seperate config files. This means that the config file now only needs one API key from the account that has Zone:Read and DNS:Read permissions. 2025-08-25 21:17:15 +01:00

README.md

Cloudflare DNS Export Script

This script automates exporting DNS records for all zones in a Cloudflare account.
It uses the Cloudflare API Token authentication method (recommended for security).

Each run saves the DNS export of every zone into an export/ folder, with filenames containing the zone name and a timestamp.

📦 Requirements

  • bash (any modern Linux/macOS environment will work)
  • curl
  • jq (for parsing JSON)

Install jq if you dont already have it:

# Ubuntu/Debian
sudo apt install jq -y

# macOS (Homebrew)
brew install jq

⚙️ Setup

  1. Clone or copy these files:

    • import_dns_records.sh
    • config.conf

  2. Edit the config.conf file and add your Cloudflare API Token:

# config.conf
CLOUDFLARE_API_TOKEN=your_api_token_here

🔑 When creating your API Token in Cloudflare Dashboard, give it at least:

  • Zone: Read
  • DNS: Read

▶️ Usage

Make the script executable:

chmod +x import_dns_records.sh

Run the script:

./import_dns_records.sh

📂 Output

  • All exports are saved into the export/ folder.
  • Each export is a plain text file containing the zones DNS records in BIND format.
  • Filenames follow the format:
export/<zone_name>_<YYYYMMDD>_<HHMMSS>.txt

Example:

export/example.com_20250825_153012.txt
export/testdomain.net_20250825_153015.txt

🔒 Security Notes

  • Never commit config.conf (it contains your API token).
  • Limit API token permissions to the minimum required (Zone:Read, DNS:Read).
  • Rotate API tokens periodically for best security practices.

Example Workflow

# 1. Configure your token
echo 'CLOUDFLARE_API_TOKEN=abc123xyz...' > config.conf

# 2. Run the export
./import_dns_records.sh

# 3. Check the export folder
ls export/

🛠 Troubleshooting

  • Empty export files?
    Ensure your API Token has the correct permissions (Zone:Read, DNS:Read).

  • Script fails with jq: command not found?
    Install jq as shown above.

  • Only some zones exported?
    Check the API Tokens scope. If it was created for a specific zone, it wont return all zones.
    Create a token scoped for “All zones - Read” to export everything.