Hacker News new | past | comments | ask | show | jobs | submit login
Flares is a CloudFlare DNS backup tool (asciinema.org)
28 points by lfaoro on June 5, 2019 | hide | past | favorite | 18 comments



I too enjoy taking my keys to the kingdom and piping a bash script with it to do stuff.


Well done. But you can use cf-terraforming easily. "cf-terraforming is a command line utility to facilitate terraforming your existing Cloudflare resources."

https://github.com/cloudflare/cf-terraforming


terraform != text/dns

Lots of DNS tools speak text/dns natively - and being able to easily get all zones in that format makes things like export / point in time backups much easier.


Shameless plug: After doing this kind of thing manually for a while, I created a service a few years ago to backup and alert you on DNS changes for all of your providers (CF, AWS, DO, Linode, etc). It's free for one domain if anyone wants to take it for a spin: https://zonewatcher.com/


I added an equivalent script after we moved to Cloudflare. I found it's easy to make a mistake in the Cloudflare DNS web interface, e.g. it's easy to accidentally remove an entry.

Now, at every deploy to production, we do a backup of the DNS configuration on Cloudflare and save it on S3. This hardly costs us anything as each backup is only a small text file. But I now feel much more comfortable when editing our DNS config.


You can also use Terraform to manage CloudFlare DNS, and you get history, backups, consistency, and change management all for free. Just push the Terraform repo up to GitHub or GitBucket.


Would you like to have the tool automatically export all your DNS records to an S3 bucket?

`--export=s3`, `--export=gcs`


For text, I'd lean to preserving that in a git repo instead.


Or even use a git-repository as your source of DNS truth!

https://dns-api.com/ is my approach to that problem.


Hmmm that's not a bad idea actually. Easy to get a history by looking at the commits. Thanks!


If anybody from Cloudflare sees this - this is another good reason to add multiple API keys with permissions!


That's coming.


That comment inspires joy! I'm writing a tool that would jump at the chance of using limited access API keys than having the whole kingdom in my hand!


Brilliant - looking forward to it!


thank you John


Cool tool! But why would I use this over dnscontrol, Terraform or OctoDNS?


text/dns is a standard way to move DNS zones around - this means you can export this to a file, and possibly import it elsewhere, or just archive it as a point in time backup


This is REALLY cool! I'll be using this a lot!




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: