190 lines
5.3 KiB
Bash
190 lines
5.3 KiB
Bash
#!/bin/bash
|
|
|
|
# Cloudflare Credential Setup Script
|
|
# Interactive script to configure Cloudflare API credentials
|
|
|
|
set -e
|
|
|
|
echo "🚀 Cloudflare Credential Setup Wizard"
|
|
echo "=================================================="
|
|
echo
|
|
|
|
echo "This script will help you configure your Cloudflare API credentials."
|
|
echo "You'll need:"
|
|
echo "1. Cloudflare API Token (with appropriate permissions)"
|
|
echo "2. Cloudflare Account ID"
|
|
echo "3. Optional: Zone ID for specific domain management"
|
|
echo
|
|
|
|
# Check if we're in the right directory
|
|
if [[ ! "$PWD" =~ "cloudflare" ]]; then
|
|
echo "⚠️ Warning: This script should be run from the cloudflare directory"
|
|
echo " Current directory: $PWD"
|
|
read -p "Continue anyway? (y/n): " -n 1 -r
|
|
echo
|
|
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
|
|
echo "Please navigate to the cloudflare directory and run this script again."
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
# Function to validate API token format
|
|
validate_api_token() {
|
|
local token="$1"
|
|
# Cloudflare API tokens are typically 40+ characters
|
|
[[ ${#token} -ge 40 ]]
|
|
}
|
|
|
|
# Function to validate Account ID format
|
|
validate_account_id() {
|
|
local account_id="$1"
|
|
# Account IDs are 32-character hex strings
|
|
[[ "$account_id" =~ ^[a-f0-9]{32}$ ]]
|
|
}
|
|
|
|
# Function to validate Zone ID format
|
|
validate_zone_id() {
|
|
local zone_id="$1"
|
|
# Zone IDs are 32-character hex strings
|
|
[[ "$zone_id" =~ ^[a-f0-9]{32}$ ]]
|
|
}
|
|
|
|
# Function to get validated input
|
|
get_validated_input() {
|
|
local prompt="$1"
|
|
local validation_func="$2"
|
|
local secret="$3"
|
|
|
|
while true; do
|
|
if [[ "$secret" == "true" ]]; then
|
|
read -s -p "$prompt" value
|
|
echo
|
|
else
|
|
read -p "$prompt" value
|
|
fi
|
|
|
|
if [[ -n "$validation_func" ]]; then
|
|
if $validation_func "$value"; then
|
|
echo "$value"
|
|
return
|
|
else
|
|
echo "❌ Invalid format. Please try again."
|
|
fi
|
|
else
|
|
echo "$value"
|
|
return
|
|
fi
|
|
done
|
|
}
|
|
|
|
# Collect credentials
|
|
echo "🔐 Cloudflare API Configuration"
|
|
echo "------------------------------"
|
|
echo
|
|
|
|
# API Token
|
|
echo "📋 Step 1: Cloudflare API Token"
|
|
echo "Get your token from: https://dash.cloudflare.com/profile/api-tokens"
|
|
echo "Required permissions: Zone:DNS:Edit, Zone:Page Rules:Edit, Account:Read"
|
|
API_TOKEN=$(get_validated_input "API Token: " validate_api_token true)
|
|
|
|
# Account ID
|
|
echo
|
|
echo "🏢 Step 2: Cloudflare Account ID"
|
|
echo "Find your Account ID in the Cloudflare dashboard sidebar"
|
|
echo "Format: 32-character hex string (e.g., 1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p)"
|
|
ACCOUNT_ID=$(get_validated_input "Account ID: " validate_account_id false)
|
|
|
|
# Zone ID (optional)
|
|
echo
|
|
echo "🌐 Step 3: Zone ID (Optional)"
|
|
echo "If you want to manage a specific domain, provide its Zone ID"
|
|
echo "Leave blank to skip"
|
|
ZONE_ID=$(get_validated_input "Zone ID (optional): " "[[ -z \"\$1\" ]] || validate_zone_id \"\$1\"" false)
|
|
|
|
# Create .env file
|
|
echo
|
|
echo "💾 Saving credentials..."
|
|
|
|
# Read existing .env if it exists
|
|
ENV_CONTENT=""
|
|
if [[ -f ".env" ]]; then
|
|
# Preserve existing non-Cloudflare variables
|
|
while IFS= read -r line; do
|
|
if [[ ! "$line" =~ ^CLOUDFLARE_ ]] && [[ ! "$line" =~ ^#.*CLOUDFLARE ]]; then
|
|
ENV_CONTENT="$ENV_CONTENT$line\n"
|
|
fi
|
|
done < ".env"
|
|
fi
|
|
|
|
# Create new .env content
|
|
cat > .env << EOF
|
|
# OpenCode Environment Variables
|
|
# Generated by setup_credentials.sh
|
|
# IMPORTANT: Never commit this file to git
|
|
|
|
# ============================================================================
|
|
# CLOUDFLARE API CONFIGURATION
|
|
# ============================================================================
|
|
CLOUDFLARE_API_TOKEN="$API_TOKEN"
|
|
CLOUDFLARE_ACCOUNT_ID="$ACCOUNT_ID"
|
|
EOF
|
|
|
|
# Add Zone ID if provided
|
|
if [[ -n "$ZONE_ID" ]]; then
|
|
echo "CLOUDFLARE_ZONE_ID=\"$ZONE_ID\"" >> .env
|
|
fi
|
|
|
|
# Add preserved content
|
|
if [[ -n "$ENV_CONTENT" ]]; then
|
|
echo >> .env
|
|
echo "$ENV_CONTENT" >> .env
|
|
fi
|
|
|
|
# Set secure permissions
|
|
chmod 600 .env
|
|
|
|
echo "✅ Credentials saved to: .env"
|
|
echo "🔒 File permissions set to 600 (owner read/write only)"
|
|
|
|
# Basic validation
|
|
echo
|
|
echo "🧪 Validating credentials..."
|
|
if validate_api_token "$API_TOKEN" && validate_account_id "$ACCOUNT_ID"; then
|
|
echo "✅ Credential formats are valid"
|
|
echo "⚠️ Note: Full API connectivity test requires curl or python requests"
|
|
else
|
|
echo "❌ Credential validation failed"
|
|
echo " Please check your inputs and try again"
|
|
fi
|
|
|
|
# Final instructions
|
|
echo
|
|
echo "🎉 Setup Complete!"
|
|
echo "=================================================="
|
|
echo
|
|
echo "Next steps:"
|
|
echo "1. Source the environment file:"
|
|
echo " source .env"
|
|
echo
|
|
echo "2. Test Terraform configuration:"
|
|
echo " cd terraform && terraform init && terraform plan"
|
|
echo
|
|
echo "3. Deploy infrastructure:"
|
|
echo " terraform apply"
|
|
echo
|
|
echo "4. Start MCP servers:"
|
|
echo " Check MCP_GUIDE.md for server startup instructions"
|
|
echo
|
|
echo "📚 Documentation:"
|
|
echo "- USAGE_GUIDE.md - Complete usage instructions"
|
|
echo "- DEPLOYMENT_GUIDE.md - Deployment procedures"
|
|
echo "- MCP_GUIDE.md - MCP server management"
|
|
echo
|
|
echo "🔐 Security Reminder:"
|
|
echo "- Never commit .env to version control"
|
|
echo "- Use .gitignore to exclude .env files"
|
|
echo "- Consider using environment-specific .env files (.env.production, etc.)"
|
|
|
|
# Make script executable
|
|
chmod +x "$0" |