sam/SafelineAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
4590d46e17dde886a09d1a9cd1855f5e8c53abc8
SafelineAPI/docs/CONFIGURATION.md

87 lines
3.4 KiB
Markdown
Raw Blame History

**SafelineAPI Configuration and Cloudflare DNS Guide**
This guide explains how to configure SafelineAPI to use Cloudflare for DNS-01 challenges and how to run the program.
**Quick Start**
- **Prerequisites:** Go is only required for building from source. If you prefer, use the built binary produced by `go build`.
- **Minimal steps:** create a Cloudflare API token, update `config.json`, and run the program.
**Config File Location**
- The primary configuration file is `config.json` in the repository root. See `docs/cloudflare.md` for a short Cloudflare-specific note.
**Important fields**
- **SafeLine.ApiToken:** API token used to connect to the SafeLine API.
- **ApplyCert.Email:** Contact email used when requesting certificates.
- **ApplyCert.DNSProviderConfig.DNSProvider:** Set this to `Cloudflare` to use Cloudflare.
- **ApplyCert.DNSProviderConfig.Cloudflare.APIToken:** Recommended — a scoped Cloudflare API Token with `Zone:DNS:Edit` on your zone(s).
- **ApplyCert.DNSProviderConfig.Cloudflare.APIKey** and **Email:** Optional — use only if you must authenticate with the Global API key.
**Example `config.json` snippet**
```json
{
"SafeLine": {
"Host": { "HostName": "192.168.1.4", "Port": "1443" },
"ApiToken": "<your-safeline-api-token>"
},
"ApplyCert": {
"Days": 30,
"Email": "you@example.com",
"SavePath": "C:/path/to/ssl",
"DNSProviderConfig": {
"DNSProvider": "Cloudflare",
"Cloudflare": {
"APIToken": "<your-cloudflare-scoped-token>"
}
}
}
}
```
**Create a Cloudflare API Token**
1. Log into the Cloudflare dashboard and open **My Profile → API Tokens**.
2. Click **Create Token** and choose the **Edit zone DNS** template or set custom permissions:
- Zone:Zone:Read
- Zone:DNS:Edit
3. Scope the token to the specific zone(s) you need and create the token.
4. Put the token value in `ApplyCert.DNSProviderConfig.Cloudflare.APIToken`.
**Run commands**
- Build the binary (optional):
```powershell
cd C:\Users\samge\coding\SafelineAPI-1
go build -o safelineApi.exe ./cmd/safelineApi
```
- Run with the built binary:
```powershell
.\safelineApi.exe
```
- Or run directly with Go:
```powershell
go run ./cmd/safelineApi -- -t "<SafeLineApiToken>" -D "Cloudflare" -e "you@example.com"
```
Notes on flags: the project reads flags and `config.json`. If a flag is present it will be used for that run.
**Troubleshooting**
- Warning about missing values: If you see warnings like `未设置 DNS服务提供商`, set `ApplyCert.DNSProviderConfig.DNSProvider` or pass `-D` on the command line.
- Dependency/download issues: If `go build` stalls on module downloads, try setting a proxy:
```powershell
go env -w GOPROXY=https://goproxy.cn,direct
go clean -modcache
go mod tidy
go build -v ./...
```
- Cloudflare auth mismatch: Use `APIToken` (recommended). If using `APIKey` (global key), also provide the account `Email`.
**Security recommendations**
- Prefer scoped API tokens over the global API key.
- Store secrets outside source control. Use environment variables or an external secret store in production.
- Limit token scope to required zones.
**Files added/edited**
- Documentation: [docs/cloudflare.md](docs/cloudflare.md)
- Configuration example: `config.json` at project root
If you'd like, I can also add a short `README.md` or copy a minimal example `config.example.json` to the repo root for easy onboarding. Which would you prefer next?
Reference in New Issue View Git Blame Copy Permalink