Skills cloudflare-manager
Manage Cloudflare DNS records, Tunnels (cloudflared), and Zero Trust policies. Use for pointing domains, exposing local services via tunnels, and updating ingress rules.
install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/1999azzar/cloudflare-manager" ~/.claude/skills/clawdbot-skills-cloudflare-manager && rm -rf "$T"
manifest:
skills/1999azzar/cloudflare-manager/SKILL.mdsource content
Cloudflare Manager
Standardized system for managing Cloudflare infrastructure and local tunnel ingress.
Prerequisites
- Binary:
andpython3
must be installed.cloudflared - Credentials:
(minimal Zone permissions) andCLOUDFLARE_API_TOKEN
.CLOUDFLARE_ZONE_ID
Setup
- Define credentials in the environment or a local
file..env - Initialize the local environment:
.bash scripts/install.sh
Core Workflows
1. DNS Management
Add, list, or delete DNS records via Cloudflare API.
- List:
python3 $WORKSPACE/skills/cloudflare-manager/scripts/cf_manager.py list-dns - Add:
python3 $WORKSPACE/skills/cloudflare-manager/scripts/cf_manager.py add-dns --type A --name <subdomain> --content <ip>
2. Tunnel Ingress (Local)
Update
/etc/cloudflared/config.yml- Update:
python3 $WORKSPACE/skills/cloudflare-manager/scripts/cf_manager.py update-ingress --hostname <host> --service <url> - Safety: Use
to preview configuration changes before application.--dry-run
Security & Permissions
- Sudo Usage: The
command requiresupdate-ingress
to write to system directories and restart thesudo
service.cloudflared - Least Privilege: Configure restricted sudo access using the pattern in
.references/sudoers.example - Token Isolation: Ensure API tokens are scoped narrowly to specific zones and permissions.
Reference
- Sudoers Pattern: See references/sudoers.example.
- Tunnel Logic: See references/tunnel-guide.md.