**SafelineAPI Configuration and Cloudflare DNS Guide** This guide explains how to configure SafelineAPI to use Cloudflare for DNS-01 challenges and how to run the program. **Quick Start** - **Prerequisites:** Go is only required for building from source. If you prefer, use the built binary produced by `go build`. - **Minimal steps:** create a Cloudflare API token, update `config.json`, and run the program. **Config File Location** - The primary configuration file is `config.json` in the repository root. See `docs/cloudflare.md` for a short Cloudflare-specific note. **Important fields** - **SafeLine.ApiToken:** API token used to connect to the SafeLine API. - **ApplyCert.Email:** Contact email used when requesting certificates. - **ApplyCert.DNSProviderConfig.DNSProvider:** Set this to `Cloudflare` to use Cloudflare. - **ApplyCert.DNSProviderConfig.Cloudflare.APIToken:** Recommended — a scoped Cloudflare API Token with `Zone:DNS:Edit` on your zone(s). - **ApplyCert.DNSProviderConfig.Cloudflare.APIKey** and **Email:** Optional — use only if you must authenticate with the Global API key. **Example `config.json` snippet** ```json { "SafeLine": { "Host": { "HostName": "192.168.1.4", "Port": "1443" }, "ApiToken": "" }, "ApplyCert": { "Days": 30, "Email": "you@example.com", "SavePath": "C:/path/to/ssl", "DNSProviderConfig": { "DNSProvider": "Cloudflare", "Cloudflare": { "APIToken": "" } } } } ``` **Create a Cloudflare API Token** 1. Log into the Cloudflare dashboard and open **My Profile → API Tokens**. 2. Click **Create Token** and choose the **Edit zone DNS** template or set custom permissions: - Zone:Zone:Read - Zone:DNS:Edit 3. Scope the token to the specific zone(s) you need and create the token. 4. Put the token value in `ApplyCert.DNSProviderConfig.Cloudflare.APIToken`. **Run commands** - Build the binary (optional): ```powershell cd C:\Users\samge\coding\SafelineAPI-1 go build -o safelineApi.exe ./cmd/safelineApi ``` - Run with the built binary: ```powershell .\safelineApi.exe ``` - Or run directly with Go: ```powershell go run ./cmd/safelineApi -- -t "" -D "Cloudflare" -e "you@example.com" ``` Notes on flags: the project reads flags and `config.json`. If a flag is present it will be used for that run. **Troubleshooting** - Warning about missing values: If you see warnings like `未设置 DNS服务提供商`, set `ApplyCert.DNSProviderConfig.DNSProvider` or pass `-D` on the command line. - Dependency/download issues: If `go build` stalls on module downloads, try setting a proxy: ```powershell go env -w GOPROXY=https://goproxy.cn,direct go clean -modcache go mod tidy go build -v ./... ``` - Cloudflare auth mismatch: Use `APIToken` (recommended). If using `APIKey` (global key), also provide the account `Email`. **Security recommendations** - Prefer scoped API tokens over the global API key. - Store secrets outside source control. Use environment variables or an external secret store in production. - Limit token scope to required zones. **Files added/edited** - Documentation: [docs/cloudflare.md](docs/cloudflare.md) - Configuration example: `config.json` at project root If you'd like, I can also add a short `README.md` or copy a minimal example `config.example.json` to the repo root for easy onboarding. Which would you prefer next?