-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudflare.go
80 lines (65 loc) · 1.78 KB
/
cloudflare.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package utils
import (
"bytes"
"encoding/json"
"errors"
"net/http"
"net/url"
"time"
"github.com/eirka/eirka-libs/config"
)
type cloudFlareBanIPPayload struct {
Mode string `json:"mode"`
Notes string `json:"notes"`
Configuration cloudFlareBanIPConfiguration `json:"configuration"`
}
type cloudFlareBanIPConfiguration struct {
Target string `json:"target"`
Value string `json:"value"`
}
// CloudFlareBanIP will query the CloudFlare API and add the IP to ban to all zones
func CloudFlareBanIP(ip, reason string) (err error) {
// noop if cloudflare is not configured
if !config.Settings.CloudFlare.Configured {
return
}
if len(ip) == 0 {
return errors.New("no ip provided")
}
// block ip request json
data := cloudFlareBanIPPayload{
Mode: "block",
Configuration: cloudFlareBanIPConfiguration{
Target: "ip",
Value: ip,
},
Notes: reason,
}
payloadBytes, _ := json.Marshal(data)
// api endpoint
cloudflareURL := &url.URL{
Scheme: "https",
Host: "api.cloudflare.com",
Path: "/client/v4/user/firewall/access_rules/rules",
}
// our http request
req, err := http.NewRequest(http.MethodPost, cloudflareURL.String(), bytes.NewReader(payloadBytes))
if err != nil {
return errors.New("Error creating CloudFlare request")
}
req.Header.Set("X-Auth-Email", config.Settings.CloudFlare.Email)
req.Header.Set("X-Auth-Key", config.Settings.CloudFlare.Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("User-Agent", "Eirka/1.2")
// a client with a timeout
var netClient = &http.Client{
Timeout: time.Second * 10,
}
// do the request
// TODO: add errors here to a system log
_, err = netClient.Do(req)
if err != nil {
return errors.New("Error reaching CloudFlare")
}
return
}