No Description

Thomas Dy 56acbee340 Add unmaintained notice 2 years ago
lib 5aebcd5b54 Make MX and SRV records editable 7 years ago
rust-server 7b12e659cd Release version 0.1.6 7 years ago
.gitignore 493685e510 Initial commit 9 years ago
README.md 56acbee340 Add unmaintained notice 2 years ago
config.json.example c36cc32c19 Document to use API Key and not token 2 years ago
index.html 493685e510 Initial commit 9 years ago
main.css 5aebcd5b54 Make MX and SRV records editable 7 years ago
package.json 7b12e659cd Release version 0.1.6 7 years ago
server.js 424f2acd8c Make whitelist optional 7 years ago
webpack.config.js 84a1b0cff5 Add woff2 in loader config 8 years ago

README.md

UNMAINTAINED

This project is no longer maintained. Cloudflare already supports multi-user for any account so there's not much need for this project anymore.

If you still absolutely need this for the whitelist functionality, you can try the api-token branch.

Cloudflare WebUI

This is a web frontend to the Cloudflare API. It mainly lets you manage DNS records, but it also lets you toggle development mode and purge the cache as well as changing the SSL mode.

This was mainly built to work around Cloudflare only having multi-user support for enterprise. It's a simple frontend for the DNS settings and a simple webserver that handles making the actual requests to Cloudflare.

Usage

Download the binary (only Linux x86_64 for now). Get a copy of config.json.example and name it config.json. Place it in the same directory as the binary. Fill in your account details and the domains to be whitelisted. Afterwards, run the binary and you should be able to manage your domains at localhost:8000.

Security

The server only listens at 127.0.0.1. It does not provide any form of authentication. It is meant to be run behind a reverse proxy such as nginx with basic auth, or behind something like oauth2_proxy.

The server never exposes your username and token to the clients, all requests to Cloudflare are made from the server. The server will also only allow API requests to domains specified in the whitelist. Domains not listed will be blocked even if your account owns it.