hryha/do-cf-sync
最新稳定版本:1.0.0
Composer 安装命令:
composer create-project hryha/do-cf-sync
包简介
Sync Cloudflare IP ranges into a DigitalOcean Firewall (ingress rules)
README 文档
README
This small PHP utility syncs the current list of Cloudflare IP ranges into a specified DigitalOcean Firewall as inbound rules. It runs as a CLI script and is intended to be scheduled daily via cron.
What it does
- Fetches Cloudflare IP ranges (both IPv4 and IPv6) from the official Cloudflare API.
- Updates the target DigitalOcean Firewall to allow inbound TCP traffic on configured ports (default: 80 and 443) from those Cloudflare ranges.
- Preserves your other firewall rules. It only replaces previously-added Cloudflare rules for the same ports.
Requirements
- PHP 8.2+
- Composer
- A DigitalOcean Personal Access Token with write access to Firewalls
- An existing DigitalOcean Firewall ID you want to update
Installation
- Clone or copy this repository to your server.
- Install dependencies:
composer install --no-dev --optimize-autoloader
- Configure environment variables. Copy
.env.exampleto.envand fill values:DO_TOKEN="your_digitalocean_api_token_here" DO_FIREWALL_ID="your_firewall_id_here" # Optional: comma-separated list of TCP ports to allow from Cloudflare PORTS="80,443" # Optional: add extra CIDRs (IPv4/IPv6) to allow in addition to Cloudflare ranges EXTRA_CIDRS="8.8.8.8/32,2001:db8::/32"
- Add a daily cron job (every day at 02:15):
15 2 * * * /usr/bin/php /path/to/project/bin/sync.php >> /var/log/do-cf-sync.log 2>&1
统计信息
- 总下载量: 1
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 3
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-12-17