Additional Cloudflare Integration

cableguy · October 28, 2024, 3:47pm

I use porkbun as my registar, and cloudflare as my DNS manager, which allows for the use of all of the cloudflare features. However, this configuration causes some odd behavior within ApisCP.

When I click DNS Manager, I get this error:

Action failed

Domain missing glue nameserver `demi.ns.cloudflare.com'. Automatically added nameserver record!
Domain missing glue nameserver `vicente.ns.cloudflare.com'. Automatically added nameserver record!
 2 more messages
Failed to create record `@.[hostname].com' type NS: Content for NS record is invalid. NS records at the apex must not overwrite assigned nameservers.
Failed to create record `@.[hostname].com' type NS: Content for NS record is invalid. NS records at the apex must not overwrite assigned nameservers.

Also, in Help - Setup I see this at the top:

##### Domain pending propagation

Your domain looks to use third-party nameservers or have third-party DNS assigned. We're showing generic configuration that will work now, but recommend checking back for server-neutral configuration in a couple days once the dust settles!

Detected IP 104.21.90.236. Want [apiscp ipv4-pool IP]  [ <-- removed my public ipv4 IP]

I will update this as I find any other feature updates regarding cloudflare.

msaladna · October 28, 2024, 8:51pm

When I click DNS Manager, I get this error:

Thanks, updated the logic check for managed DNS providers which manage NS records directly; Cloudflare being one such provider. This behavior dates back to circular requirements with TLDs - in particular .net - that required an authoritative NS to return matching subordinate NS records to verify authoritative status.

Panel compares the results of the following commands:

cpcmd -d DOMAIN dns:get-records-by-rr ns DOMAIN
cpcmd -d DOMAIN dns:get-hosting-nameservers DOMAIN

If the nameservers listed in dns:get-hosting-nameservers aren’t present in the result from dns:get-records-by-rr, then it attempts to add them. Since Cloudflare restricts removal of these records, the check is unnecessary.

Detected IP 104.21.90.236. Want [apiscp ipv4-pool IP] [ ← removed my public ipv4 IP]

There’s an open feature request for better coordination with proxied IPs for DNS providers. Right now, the panel does not provide lookthroughs to see if the proxied IP would reach the server.