222 lines
7.4 KiB
Python
222 lines
7.4 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
Cloudflare Credential Setup Wizard
|
|
Interactive script to guide users through configuring Cloudflare API credentials
|
|
"""
|
|
|
|
import os
|
|
import sys
|
|
import re
|
|
from pathlib import Path
|
|
|
|
|
|
def validate_api_token(token):
|
|
"""Validate Cloudflare API token format"""
|
|
# Cloudflare API tokens are typically 40+ characters
|
|
return len(token.strip()) >= 40
|
|
|
|
|
|
def validate_account_id(account_id):
|
|
"""Validate Cloudflare Account ID format"""
|
|
# Account IDs are typically 32-character hex strings
|
|
return re.match(r"^[a-f0-9]{32}$", account_id.strip(), re.IGNORECASE) is not None
|
|
|
|
|
|
def validate_zone_id(zone_id):
|
|
"""Validate Cloudflare Zone ID format"""
|
|
# Zone IDs are also 32-character hex strings
|
|
return re.match(r"^[a-f0-9]{32}$", zone_id.strip(), re.IGNORECASE) is not None
|
|
|
|
|
|
def get_input(prompt, validation_func=None, secret=False):
|
|
"""Get validated user input"""
|
|
while True:
|
|
try:
|
|
if secret:
|
|
import getpass
|
|
|
|
value = getpass.getpass(prompt)
|
|
else:
|
|
value = input(prompt)
|
|
|
|
if validation_func:
|
|
if validation_func(value):
|
|
return value
|
|
else:
|
|
print("❌ Invalid format. Please try again.")
|
|
else:
|
|
return value
|
|
except KeyboardInterrupt:
|
|
print("\n\nSetup cancelled.")
|
|
sys.exit(1)
|
|
|
|
|
|
def create_env_file(env_vars):
|
|
"""Create or update .env file with credentials"""
|
|
env_path = Path(".env")
|
|
|
|
# Read existing .env if it exists
|
|
existing_vars = {}
|
|
if env_path.exists():
|
|
with open(env_path, "r") as f:
|
|
for line in f:
|
|
if line.strip() and not line.startswith("#") and "=" in line:
|
|
key, value = line.strip().split("=", 1)
|
|
existing_vars[key] = value
|
|
|
|
# Update with new values
|
|
existing_vars.update(env_vars)
|
|
|
|
# Write back
|
|
with open(env_path, "w") as f:
|
|
f.write("# OpenCode Environment Variables\n")
|
|
f.write("# Generated by setup_credentials.py\n")
|
|
f.write("# IMPORTANT: Never commit this file to git\n\n")
|
|
|
|
# Write Cloudflare section
|
|
f.write(
|
|
"# ============================================================================\n"
|
|
)
|
|
f.write("# CLOUDFLARE API CONFIGURATION\n")
|
|
f.write(
|
|
"# ============================================================================\n"
|
|
)
|
|
|
|
for key, value in env_vars.items():
|
|
f.write(f'{key}="{value}"\n')
|
|
|
|
f.write("\n")
|
|
|
|
# Preserve other sections if they exist
|
|
sections = {
|
|
"GITHUB": [k for k in existing_vars.keys() if k.startswith("GITHUB")],
|
|
"GITLAB": [k for k in existing_vars.keys() if k.startswith("GITLAB")],
|
|
"OTHER": [
|
|
k
|
|
for k in existing_vars.keys()
|
|
if k not in env_vars and not k.startswith(("GITHUB", "GITLAB"))
|
|
],
|
|
}
|
|
|
|
for section_name, keys in sections.items():
|
|
if keys:
|
|
f.write(
|
|
f"# ============================================================================\n"
|
|
)
|
|
f.write(f"# {section_name} CONFIGURATION\n")
|
|
f.write(
|
|
f"# ============================================================================\n"
|
|
)
|
|
for key in keys:
|
|
f.write(f'{key}="{existing_vars[key]}"\n')
|
|
f.write("\n")
|
|
|
|
return env_path
|
|
|
|
|
|
def main():
|
|
print("🚀 Cloudflare Credential Setup Wizard")
|
|
print("=" * 50)
|
|
print()
|
|
|
|
print("This wizard will help you configure your Cloudflare API credentials.")
|
|
print("You'll need:")
|
|
print("1. Cloudflare API Token (with appropriate permissions)")
|
|
print("2. Cloudflare Account ID")
|
|
print("3. Optional: Zone ID for specific domain management")
|
|
print()
|
|
|
|
# Check if we're in the right directory
|
|
current_dir = Path.cwd()
|
|
if "cloudflare" not in str(current_dir):
|
|
print("⚠️ Warning: This script should be run from the cloudflare directory")
|
|
print(f" Current directory: {current_dir}")
|
|
proceed = get_input("Continue anyway? (y/n): ")
|
|
if proceed.lower() != "y":
|
|
print(
|
|
"Please navigate to the cloudflare directory and run this script again."
|
|
)
|
|
return
|
|
|
|
# Collect credentials
|
|
print("\n🔐 Cloudflare API Configuration")
|
|
print("-" * 30)
|
|
|
|
# API Token
|
|
print("\n📋 Step 1: Cloudflare API Token")
|
|
print("Get your token from: https://dash.cloudflare.com/profile/api-tokens")
|
|
print("Required permissions: Zone:DNS:Edit, Zone:Page Rules:Edit, Account:Read")
|
|
api_token = get_input(
|
|
"API Token: ", validation_func=validate_api_token, secret=True
|
|
)
|
|
|
|
# Account ID
|
|
print("\n🏢 Step 2: Cloudflare Account ID")
|
|
print("Find your Account ID in the Cloudflare dashboard sidebar")
|
|
print("Format: 32-character hex string (e.g., 1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p)")
|
|
account_id = get_input("Account ID: ", validation_func=validate_account_id)
|
|
|
|
# Zone ID (optional)
|
|
print("\n🌐 Step 3: Zone ID (Optional)")
|
|
print("If you want to manage a specific domain, provide its Zone ID")
|
|
print("Leave blank to skip")
|
|
zone_id = get_input(
|
|
"Zone ID (optional): ",
|
|
validation_func=lambda x: x.strip() == "" or validate_zone_id(x),
|
|
)
|
|
|
|
# Prepare environment variables
|
|
env_vars = {"CLOUDFLARE_API_TOKEN": api_token, "CLOUDFLARE_ACCOUNT_ID": account_id}
|
|
|
|
if zone_id.strip():
|
|
env_vars["CLOUDFLARE_ZONE_ID"] = zone_id
|
|
|
|
# Create .env file
|
|
print("\n💾 Saving credentials...")
|
|
env_path = create_env_file(env_vars)
|
|
|
|
# Set file permissions
|
|
env_path.chmod(0o600) # Only user read/write
|
|
|
|
print(f"✅ Credentials saved to: {env_path}")
|
|
print("🔒 File permissions set to 600 (owner read/write only)")
|
|
|
|
# Test configuration (basic validation only - no external dependencies)
|
|
print("\n🧪 Validating credentials...")
|
|
|
|
# Basic format validation
|
|
if validate_api_token(api_token) and validate_account_id(account_id):
|
|
print("✅ Credential formats are valid")
|
|
print("⚠️ Note: Full API connectivity test requires 'requests' module")
|
|
print(" Install with: pip install requests")
|
|
else:
|
|
print("❌ Credential validation failed")
|
|
print(" Please check your inputs and try again")
|
|
|
|
# Final instructions
|
|
print("\n🎉 Setup Complete!")
|
|
print("=" * 50)
|
|
print("\nNext steps:")
|
|
print("1. Source the environment file:")
|
|
print(" source .env")
|
|
print("\n2. Test Terraform configuration:")
|
|
print(" cd terraform && terraform init && terraform plan")
|
|
print("\n3. Deploy infrastructure:")
|
|
print(" terraform apply")
|
|
print("\n4. Start MCP servers:")
|
|
print(" Check MCP_GUIDE.md for server startup instructions")
|
|
print("\n📚 Documentation:")
|
|
print("- USAGE_GUIDE.md - Complete usage instructions")
|
|
print("- DEPLOYMENT_GUIDE.md - Deployment procedures")
|
|
print("- MCP_GUIDE.md - MCP server management")
|
|
|
|
# Security reminder
|
|
print("\n🔐 Security Reminder:")
|
|
print("- Never commit .env to version control")
|
|
print("- Use .gitignore to exclude .env files")
|
|
print("- Consider using environment-specific .env files (.env.production, etc.)")
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|