Little help with an error about dns-failover-cloudflare-monit HOT 34 CLOSED

Hello Xander,

Thanks for your kind words.

1. record_identifier will be returned by Cloudflare API.
2. record_identifier is mandatory that's why it doesn't work.

If multiple domains hosted on the same server should be monitored you should modify tomain and to backup files so you can update DNS for multiple websites.

If you need help to get the record_identifier value, have a look there https://www.noobunbox.net/serveur/configurer-un-dns-failover-cloudflare It's in french but I think google translate will work quite well

from dns-failover-cloudflare-monit.

Ow sorry I didnt know you speak french.

Regarding the multiple domains hosted on the same server:

1-I think the best option is to NOT modify the monit check. If one site is down, all sites are down
2-take a look at the CURL command in tomain and to backup scripts:

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{\"type\":\"A\",\"name\":\"$record_name\",\"content\":\"$ip\"}"

You should have as much curl command as domains/sites (in tomain and tobackup script files) ) you host on this server. Bellow find the example for a 2 sites script

#!/bin/bash
auth_key=api_key
auth_email=your_cloudflare_email
ip=backup_ip
## 1st site
zone_identifier1=zone_identifier
record_identifier1=record_identifier
record_name1=record_name
##2nd site
zone_identifier2=zone_identifier
record_identifier2=record_identifier
record_name2=record_name

wget -q --tries=1 --timeout=3 http://www.google.com -O /tmp/index.google >> /dev/null
if [ ! -s /tmp/index.google ];then
       echo `date` No interwebz? Not switching over! >> /root/cloudflare/switch.log
        exit 0
else
#Start check if in backup mode
if [ -f /root/cloudflare/backupactive ];
then
    echo "already in backup mode!"
    exit 0
fi
cd /root/cloudflare

echo "Switching to backup..."
touch /root/cloudflare/backupactive

##1st site
curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier1/dns_records/$record_identifier1" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{\"type\":\"A\",\"name\":\"$record_name1\",\"content\":\"$ip\"}"

##2nd site
curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier2/dns_records/$record_identifier2" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{\"type\":\"A\",\"name\":\"$record_name2\",\"content\":\"$ip\"}"


echo `date` going down! >> /root/cloudflare/logs/switch.log
fi
exit 0

from dns-failover-cloudflare-monit.

You are welcome.

Would you be able to test the following once you will be home;

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier1/dns_records/$record_identifier1" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{\"type\":\"A\",\"name\":\"$record_name1\",\"content\":\"$ip\",\"proxied\":\"true\"}"

from dns-failover-cloudflare-monit.

Thanks

Will tell you once the proxy issue is soved

from dns-failover-cloudflare-monit.

Alright, found the solution. The issue was on the curl line and the correct form should be \"proxied\":true}" instead of \"proxied\":\"true\"}". It works just fine now so everything is ok on cloudflare side. Thanks for all your help @novakin and this can be marked as fixed :)

from dns-failover-cloudflare-monit.

Thanks a lot for your answer

Didn't needed the google translate, I can understand french and even if anyone doesn't those commands are so simple to be used and offer the right information. Bookmarked it, it's really helpful.
Ran your script for a test and this time works as intended.

• Now, if you could only give me some clues about what I need to modify in tomain and tobackup script to use multiple domains, would be great.

• Also I noticed when the script is ran and domain ip gets changed to the backup server or to main server, the cloudflre CDN is automatically disabled (grey cloud http://prntscr.com/dg03hm), thus it's exposing server original ip address. (i see in the message upon running script something saying proxied:false, maybe that's the problem) How can i keep the orange cloud in this case?

Once again, great job with this script and thanks for sharing it with us.

from dns-failover-cloudflare-monit.

Thank you, looks easy to achieve multidomains hosted on same server. Will check it as soon as I get back home from the office.

What about

• Also I noticed when the script is ran and domain ip gets changed to the backup server or to main server, the cloudflre CDN is automatically disabled (grey cloud http://prntscr.com/dg03hm), thus it's exposing server original ip address. (i see in the message upon running script something saying proxied:false, maybe that's the problem) How can i keep the orange cloud in this case?

from dns-failover-cloudflare-monit.

Great, I'll let you know if everything turns out to be ok.

Thanks again for taking your time to answer my questions, much appreciated.

from dns-failover-cloudflare-monit.

Hi Novakin

Yes, your script is super awesome and it really helps.
It can potentially save thousands of dollars to my clients and with some google translate magic I was able to set it up.
Although I have problems but will ask about these in a separate thread.

Wanted to express my interest over that grey cloud Xander mentioned.

from dns-failover-cloudflare-monit.

@webhostingdoo, the answer for that is mentioned by novakin in his last post. Simply add the last part to the curl command inside of the script ,"proxied":"true"}" Haven't tested yet but I'm sure it works, it's the parameter that does exactly what I needed to.

from dns-failover-cloudflare-monit.

Unfortunately, I'll have to wait USA night time to test it out, because it's the live environment.
But yes, it really feels like a solution.

from dns-failover-cloudflare-monit.

@XanderGS if you wish to use the cloudflare proxy feature, i think your monit checks should ping the server ip address instead of the fully qualified domain name

from dns-failover-cloudflare-monit.

Alright, updating this one as I just tested the proxied argument and outputs an error

Using this:
curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier/dns_records/$record_identifier" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{"type":"A","name":"$record_name","content":"$ip","proxied":"true"}"

Error:
{"success":false,"errors":[{"code":1004,"message":"DNS Validation Error","error_chain":[{"code":9003,"message":"Invalid 'proxied' value, must be a boolean"}]}],"messages":[],"result":null}

Found a reference link http://stackoverflow.com/questions/31383436/cloudflare-api-v4-no-way-of-enabling-cloudflare-proxy-on-dns-records and I see someone else has the same issue when adding this extra argument.

from dns-failover-cloudflare-monit.

Thanks for the feedback, will try to contact cloudflare

from dns-failover-cloudflare-monit.

Thanks, hope they'll answer soon.

You said monit checks should ping the server ip address but doesn't it already does that?
Or I should change all variables: yourwebsite.com, yourwebsiteip, http://yourwebsite.com to the server ip?

check host yourwebsite.com with address yourwebsiteip
alert [email protected]
if failed icmp type echo count 3 with timeout 1 seconds for 4 cycles then exec "/bin/bash -c /root/cloudflare/tobackup.sh"
else if succeeded for 20 cycles then exec "/bin/bash -c /root/cloudflare/tomain.sh"
if failed url http://yourwebsite.com with timeout 2 seconds and retry 3 for 15 cycles then exec "/bin/bash -c /root/cloudflare/tobackup.sh"
else if succeeded for 20 cycles then exec "/bin/bash -c /root/cloudflare/tomain.sh"

from dns-failover-cloudflare-monit.

You should replace http://yourwebsite.com by http://server.ip

If you enable Cloudflare CDN it acts as a reverse proxy, visitors only see Cloudflare's IP. Monitoring http://yourwebsite monit will check Cloudflare's IP and not the real server.

from dns-failover-cloudflare-monit.

So this will be the right approach?

check host 188.120.xxx.xxx with address 188.120.xxx.xxx
alert [email protected]
if failed icmp type echo count 3 with timeout 1 seconds for 4 cycles then exec "/bin/bash -c /root/cloudflare/tobackup.sh"
else if succeeded for 20 cycles then exec "/bin/bash -c /root/cloudflare/tomain.sh"
if failed url http://188.120.xxx.xxx with timeout 2 seconds and retry 3 for 15 cycles then exec "/bin/bash -c /root/cloudflare/tobackup.sh"
else if succeeded for 20 cycles then exec "/bin/bash -c /root/cloudflare/tomain.sh"

from dns-failover-cloudflare-monit.

yes

from dns-failover-cloudflare-monit.

Great, thanks.

from dns-failover-cloudflare-monit.

Having some issues with additional A site records for subdomains

eg:
record_name1=domain.com, subdomain1.domain.com,subdomain2.domain.com

error:
"success":false,"errors":[{"code":1004,"message":"DNS Validation Error","error_chain":[{"code":9000,"message":"invalid or missing name"}]}],"messages":[],"result":null}

I did separated them by commas. In cloudflare A records are like this:
domain.com
subdomain1
subdomain2

Also tried adding just the A record name exactly as is in cloudflare (eg: record_name1=domain.com, subdomain1,subdomain2) however I get the same error.

Any ideas?

from dns-failover-cloudflare-monit.

You should have one command line / domain or subdomain. dont try to edit multiple domains or subdomains in one curl command

from dns-failover-cloudflare-monit.

I did the following:

1st site

zone_identifier1=86b69dec3d4473cdxxxxxxxxxxxxxxx
record_identifier1=5a5897074b326644bxxxxxxxxxxxxxxx
record_name1=domain.com

2nd site

zone_identifier2=86b69dec3d4473cdxxxxxxxxxxxxxxx
record_identifier2=5a5897074b326644bxxxxxxxxxxxxxxx
record_name2=www.domain.com

3rd site

zone_identifier3=86b69dec3d4473cdxxxxxxxxxxxxxxx
record_identifier3=5a5897074b326644bxxxxxxxxxxxxxxx
record_name3=subdomain.domain.com

1st site

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier1/dns_records/$record_identifier1" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{"type":"A","name":"$record_name1","content":"$ip"}"

2nd site

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier2/dns_records/$record_identifier2" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{"type":"A","name":"$record_name2","content":"$ip"}"

3rd site

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier3/dns_records/$record_identifier3" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{"type":"A","name":"$record_name3","content":"$ip"}"

When i run the script for a test the following happens:

• domain.com DNS name is deleted from cloudflare account
• www DNS name stays unchanged from cloudflare account
• subdomain DNS name gets duplicated inside cloudflare account , one stays with the old ip (main) and one has the new ip (backup)

I also tried using recordname using exact names as inside cloudflare account:
record_name1=domain.com
record_name2=www
record_name3=subdomain

from dns-failover-cloudflare-monit.

Have you checked the type record ? A ? or Cname ?

And I think the best option would be to have only one curl command and in cloudflare
domain.com A IP
www CNAME domain.com
subdomain CNAME domain.con

from dns-failover-cloudflare-monit.

All 3 are A records

for www I can add CNAME since i forward www to non-www however subdomain needs IP as it's used in an application where some files are checked/downloaded in case they miss.

from dns-failover-cloudflare-monit.

So you may wanna check if the record-identifier is different for these other domain and subdomains.

I never tried to modify multiple records at once

from dns-failover-cloudflare-monit.

Already tried and it doesn't seem to offer different record-identified for other subdomains but for the main domain only

{"result":[],"result_info":{"page":1,"per_page":20,"total_pages":0,"count":0,"total_count":0},"success":true,"errors":[],"messages":[]}curl: (6) Could not resolve host: .jq

from dns-failover-cloudflare-monit.

So you may wanna try to use 3 times this script: one per domain/'subdomain and 3 different checks in monit

from dns-failover-cloudflare-monit.

moved WWW from A to CNAME now to point to domain.com so only working with two A records.

1st site

zone_identifier1=86b69dec3d4473cdxxxxxxxxxxxxxxx
record_identifier1=5a5897074b326644bxxxxxxxxxxxxxxx
record_name1=domain.com

2nd site

zone_identifier2=86b69dec3d4473cdxxxxxxxxxxxxxxx
record_identifier2=5a5897074b326644bxxxxxxxxxxxxxxx
record_name2=subdomain.domain.com

CURL

1st site

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier1/dns_records/$record_identifier1" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{"type":"A","name":"$record_name1","content":"$ip"}"

2nd site

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zone_identifier2/dns_records/$record_identifier2" -H "X-Auth-Email: $auth_email" -H "X-Auth-Key: $auth_key" -H "Content-Type: application/json" --data "{"type":"A","name":"$record_name2","content":"$ip"}"

Error

{"success":false,"errors":[{"code":1020,"message":"Invalid DNS record identifier"}],"messages":[],"result":null}{"success":false,"errors":[{"code":1020,"message":"Invalid DNS record identifier"}],"messages":[],"result":null}

from dns-failover-cloudflare-monit.

Record identifier is wrong, get the correct one using the blog post I've published

from dns-failover-cloudflare-monit.

Right, for some reason seems the record identifier value changed to a new one (probably because script deleted domain.com record). Corrected record_identifier value and the following happens when i run tobackup.sh:

domain.com A record gets deleted
subdomain.domain.com A record gets duplicated with both old ip and the new backup ip

when I run tomain.sh:

domain.com A record gets back
duplicated subdomain.domain.com that had assigned the backup ip is deleted

Note: This happens when I try to use two A records from the same domain zone.

from dns-failover-cloudflare-monit.

Had some time to look closer at this issue and you were right, additional subdomains have the same zone id but different record identifier. Reason I was getting an error yesterday it's because I tried to run both curl commands and you only need to run the 2nd curl command to retrieve just the record identifier alone as the zone id remains the same, so this time I used the curl command with same /zoneid/ for domain.com and changed the last part to /subdomain.domain.com/ and returned me a new record identifier.

If anyone else wants to add additional subdomains of the same domain keep in mind a new record identifier is generated for each separate subdomain, also in case you delete the domain.com record and add it back, a new record identifier will be generated too.

Tested everything again with multiple A records and it works smooth. Your help is much appreciated, @novakin.

All that's left now is to make the proxied: true command work to keep the cloudflare protection on during the switch.

from dns-failover-cloudflare-monit.

Hey there. Any news about the cloudflare proxy?

from dns-failover-cloudflare-monit.

Not yet

from dns-failover-cloudflare-monit.

Great, i'm happy you solved it,

from dns-failover-cloudflare-monit.