update readme files

This commit is contained in:
Asif Bacchus 2021-05-09 14:39:28 -06:00
parent ac4cf940ff
commit d8fe395a19
2 changed files with 168 additions and 281 deletions

327
README.md
View File

@ -1,39 +1,53 @@
# CloudflareDDNS <!-- omit in toc -->
Update your CloudFlare DNS records with your current (dynamic) IP address via
systemd timers and a bash script.
**NOTE: You can rename *cfddns.sh* to anything you want, the script will
auto-update itself. However, you MUST update the systemd service file
*(cfddns.service)* *ExecStart* line manually as explained below.**
Update your *existing* Cloudflare DNS records with your current (dynamic) IP address via systemd timers and a (POSIX) shell script.
## Contents <!-- omit in toc -->
- [cfddns&#46;sh](#cfddns46sh)
- [Installation:](#installation)
- [Usage:](#usage)
<!-- toc -->
- [Prerequisites](#prerequisites)
- [cfddns&#46;sh](#cfddns%2346sh)
* [Installation](#installation)
* [Usage](#usage)
+ [Parameters](#parameters)
- [Cloudflare credentials file](#cloudflare-credentials-file)
* [File structure](#file-structure)
* [Bearer token](#bearer-token)
* [Zone ID](#zone-id)
- [cfddns.service](#cfddnsservice)
- [IP4 and/or IP6](#ip4-andor-ip6)
- [Examples](#examples)
* [IP4 and/or IP6](#ip4-andor-ip6)
+ [Examples](#examples)
- [cfddns.timer](#cfddnstimer)
- [Activation](#activation)
- [The log file](#the-log-file)
- [Using Logwatch to monitor this script](#using-logwatch-to-monitor-this-script)
- [Using Logrotate to control log file size](#using-logrotate-to-control-log-file-size)
* [Activation](#activation)
- [Logging](#logging)
* [Using Logwatch to monitor this script](#using-logwatch-to-monitor-this-script)
* [Using Logrotate to control log file size](#using-logrotate-to-control-log-file-size)
- [Final thoughts](#final-thoughts)
<!-- tocstop -->
## Prerequisites
This script requires that `curl` and `jq` are installed. `curl` is used to interact with the Cloudflare API and `jq` is used to efficiently and reliably construct/deconstruct the JSON strings and arrays which is how the Cloudflare API communicates. In most cases you can install these programs using your package manager running as root or via sudo. On Debian/Ubuntu, for example, you would run:
```bash
apt install -y curl jq
```
While the script does *not* require root privileges, you will need sudo/root access to install the *systemd* service and timer.
## cfddns&#46;sh
### Installation:
### Installation
I recommend putting this script in your */usr/local/bin* directory or somewhere
else in your path so it's easy to run.
I recommend putting this script in your */usr/local/bin* directory or somewhere else in your path so it's easy to run.
1. Copy the script file to your desired path and rename if you want.
```Bash
sudo cp cfddns.sh /usr/local/bin/ # just copy it
sudo cp cfddns.sh /usr/local/bin/myscript.sh # copy and rename
sudo cp cfddns.sh /usr/local/bin/cloudflare-update.sh # copy and rename (choose any name)
```
2. Make it executable:
@ -42,112 +56,77 @@ ### Installation:
sudo chmod +x /usr/local/bin/cfddns.sh
```
### Usage:
> Note: You can rename *cfddns.sh* to anything you want, the script will auto-update itself. However, you **must** manually update the systemd service file (*cfddns.service*) `ExecStart` line as [explained below](#cfddns.service).
If you run the script with no parameters, it will display the help screen. The
script accepts several parameters with 2 being required. The parameters are
summarized here. You can access the help screen and example usage screens by
running:
### Usage
If you run the script with no parameters, it will display the help screen. The script accepts several parameters with only one (1) being required. The parameters are summarized below. You can access the help screen and example usage screens by running:
```Bash
cfddns.sh -h # display help screen
cfddns.sh -x # show script usage examples
cfddns.sh --help # display help screen
cfddns.sh --examples # show script usage examples
```
**-f: full path and filename containing account details (REQUIRED)**
This is the full path to a plain-text file containing your CloudFlare account
details. This file must contain 3 lines in the following order:
#### Parameters
- authorized email address
This is an email address that is permitted to login to your CloudFlare account.
- global api-key
You can get your Global API-key by going to your CloudFlare dashboard,
clicking on your profile picture in the upper-right and opening your profile.
Scroll down to to the API Keys section. Click on the 'View' button next to
Global API Key.
- zone identifier
You should be able to find this on the Overview page of your CloudFlare dashboard.
Your completed file should look like (these are not real credentials):
|Parameter|Description|Default|Required?|
|---|---|---|:---:|
|-r<br>--record<br>--records|The fully qualified hostname(s) that should be updated with new IP addresses. You can supply a comma-delimited list (no spaces) or just one. Note that the script can only update *either* A *or* AAAA records during a single run so you may need to batch your hostnames, depending on your set-up.<br>N.B. This script will only update *existing* host records, it will **not** create new ones!|none|YES|
|-c<br>--cred<br>--creds<br>--credentials<br>-f|Full path to your CloudFlare credentials file. This file contains your access token and zone id. See the [relevant section](#cloudflare-credentials-file) of this readme for more information.|scriptPath/cloudflare.credentials|NO|
|-i<br>--ip<br>--ip-address<br>-a<br>--address|The IP address that should be used to update Host A/AAAA records. If you omit this value, the script will attempt to auto-detect your public IP4/IP6 address and use that as appropriate. Use this option to manually force a specific IP to be used or when auto-detection fails. Note that the script does *not* check your IP addresses for correctness or proper form!|IP4 auto-detect|NO|
|-4<br>--ip4<br>--ipv4|Update Host A records only (IP4). The script can only update *either* A *or* AAAA records in a single run. If you specify this and also use the IP6 mode switch, the most recent one will take effect.|Enabled, update A records|NO|
|-6<br>--ip6<br>--ipv6|Update Host AAAA records only (IP6). The script can only update *either* A *or* AAAA records in a single run. If you specify this and also use the IP4 mode switch, the most recent one will take effect.|Disabled, update A records|NO|
|||||
|-l<br>--log|Full path where the script should save its log. Recommend */var/log/scriptName.log*|scriptPath/scriptName.log|NO|
|--nc<br>--no-color<br>--no-colour|Do not use ANSI colour-coding when writing to the log. This is useful if you review the logs using a reader that does not support ANSI colour-coding and instead displays control symbols which makes your log difficult to read.|Disabled, do colourful logs|NO|
|--log-console|Output the log to the console instead of a log file. You may use `--nc` with this option also.|Disabled, write to log file|NO|
|--no-log|Do not write a log file or output to the console. You will not have **any** feedback from the script if you run in this mode so you will not know if updates were successful or not. Im not really sure why youd want this option, but its available.|Disabled, write to log file|NO|
|-h<br>--help<br>-?|Display built-in help screen explaining these same parameters.|||
|--examples|Display some usage examples. Sometimes it's just easier to understand by seeing rather than reading.|||
## Cloudflare credentials file
This repo includes a sample credentials file (*cloudflare.credentials* at the root of the repo) with pretty self-explanatory variable names. The script reads this file to get the credentials it needs to connect to your Cloudflare account and update DNS entries. It should be noted that the script is designed to use a *bearer token* and **not** your username/password or your Global API token! Lets break this down in case things are a little fuzzy still...
### File structure
The file is a basic shell script variables file. Make sure you **do not** put spaces between the variable name, equal sign and the value. Also, **do not** add any executable code since it will be run! The file should contain values for the following two variables:
| Variable | Value |
| -------- | ------------------------------------------------------------ |
| cfKey | The bearer token granting access to *edit* the DNS records of the zone (domain) in question. |
| cfZoneId | The Cloudflare Zone ID of the zone (domain) you wish to update. |
You can add comments if youd like since the script will ignore them. In the end, your file should look something like this, but obviously with your data instead of this nonsense sample information:
```ini
#
# Cloudflare token for my.domain.tld
#
cfKey=_dLuyyRNaKN8SLG4-csmNYYfC39nnCmPVA7aYUJj
cfZoneId=83d564234134513245311b23412331dd
```
johndoe@example.com
e7882db52804aca6fab22780e055b97056466
492af8aa69f8c44baf043342c74319fd
```
Your global API-key is equivalent to your account password, so you should
secure this file by changing the owner of the file to root
You can save the file as anything you like and anywhere youd like as long as you inform the script of its location using the `--credentials` parameter. By default, the script will look for a file named *cloudflare.credentials* in the same path as the script.
```Bash
chown root:root path/to/filename
```
### Bearer token
and then restricting access to only the root user
I chose to use an API bearer token instead of a username/password or Global API token for security reasons. Your username/password and Global API token provide unfettered access to your account so if anyone gets hold of them, they can do anything to your account. An API bearer token, by contrast, can only do what you authorize it to do and you can revoke it at any time. Therefore, I suggest making a bearer token that is based on the “Edit zone DNS” template and restricted to the specific domain/zone you wish to update. Cloudflare provides an [excellent article](https://support.cloudflare.com/hc/en-us/articles/200167836-Managing-API-Tokens-and-Keys) on how to generate this token.
```Bash
chmod 600 path/to/filename
```
> N.B. This is a breaking change from previous versions of this script!
**-r: target DNS entry to update (REQUIRED)**
At least one entry here is *required*. This is the A or AAAA record you want to
update the IP address for in your DNS zone file. If you have multiple A or AAAA
records you want to update, simply specifiy multiple -r parameters.
### Zone ID
*Note: You can only specify *either* A records *or* AAAA records. You have to
update IP4 and IP6 records separately by running this script multiple times
(once for A records, once for AAAA records even if the hostname is the same).*
This is required by the Cloudflare API so it knows which zone you are editing and can check the permissions of the bearer token. This script only caters to one zone so likely only one domain per configuration file. If you need to update multiple zones, you can have multiple configuration files and call them as required on separate invocations of the script.
**-4 or -6: type of record to update**
The default option is -4 and it does not need to be specified. This will update
*A records* specified by the -r parameter(s). If you specify -6, then *AAAA
records* will updated as specified by the -r parameter(s).
To get your Zone ID, log into your Cloudflare account and open the domain in question. On the overview page, scroll down a bit and look to the right. You will see your Zone ID listed there. Copy that string into your configuration file.
**-i: use the specified IP address**
The script will auto-detect the IP address of the machine it's being run on by
accessing an external service and asking for that service to echo the machine's
IP address. If running with -4, then the IP4 will be requested for echo. If
running with -6, then the IP6 address will be requested for echo.
This parameter let's you bypass auto-detection and specify a particular address
to be used instead. This parameter is most useful if running the script
manually to update a particular DNS record. In most cases, you'd want your
current IP address auto-detected (i.e. omit this parameter).
*NOTE: The address you supply is NOT checked for correctness. Ensure you're
supplying a valid address of the correct type based on your choice of -4 or -6
parameter!*
**-l (lower-case L): specify where the log file should be written**
The script will default to writing it's log file in the same directory as the
script is located. It will use it's own name and append a *.log* extension.
So, the default name for the log file is *cfddns.log*. If you rename the script
*something&#46;sh* then the generated log file name will be *something.log*.
This can be messy if you store the script in /usr/local/bin/ as recommended.
Therefore, it's recommended you choose a different location for
the log file (*/var/log/cfddns.log* is recommended).
```Ini
[Service]
...
ExecStart=/usr/local/bin/cfddns.sh -l /var/log/cfddns.log ...
```
**-h: display help**
Displays the help screen, which is an abbreviated version of this section you
are currently reading.
**-x: display examples**
This is the best way to learn how this script works. Several examples are
provided
## cfddns.service
This file **must** be copied to your */etc/systemd/system* directory (or
equivalent directory if you're not running debian/ubuntu). If you change the
name of the cfddns&#46;sh file, you must update the filename in the *ExecStart*
line as shown below:
This file **must** be copied to your */etc/systemd/system* directory (or equivalent directory if you're not running Debian/Ubuntu). If you change the name of the cfddns&#46;sh file, you must update the filename in the `ExecStart` line as shown below:
````Ini
...
@ -157,66 +136,58 @@ ## cfddns.service
...
````
Dont forget to reload systemd after copying this file so it is recognized by the system! On most systems you can do this by running the following as root or via sudo:
```bash
systemctl daemon-reload
```
### IP4 and/or IP6
The cfddns.service file includes two *ExecStart* lines, one without a specified
IP-protocol parameter (default IP4) and the other with the -6 (IP6) parameter.
The service will run the cfddns&#46;sh script in default (IP4) mode with specified
parameters first and then will run the script again in IP6 mode with specified
parameters.
The cfddns.service file includes two *ExecStart* lines, one without a specified IP-protocol parameter (default IP4) and the other with the -6 (IP6) parameter. The service will run the cfddns&#46;sh script in default (IP4) mode with specified parameters first and then will run the script again in IP6 mode with specified parameters.
*Note: The parameters *can be different* in each case.*
#### Examples
1. **Only update A records**
Update *mail<span>.example.com* A record with the current IP of this machine and log
results to */var/log/cfddns.log*.
```Ini
Update *mail<span>.example.com* A record with the current auto-detected public IP4 address of this machine and log results to */var/log/cfddns.log*.
```Ini
[Service]
Type=oneshot
ExecStart=/usr/local/bin/cfddns.sh -f /root/accountDetails.cloudflare -r mail.example.com -l /var/log/cfddns.log
ExecStart=/usr/local/bin/cfddns.sh -c /root/cloudflare.credentials -r mail.example.com -l /var/log/cfddns.log
...
```
2. **Only update AAAA records**
Update *git<span>.example.com* and *mail<span>.example.com* AAAA records with the current
IP6 address of this machine. Log will be stored in the same directory as the
script file (/usr/local/bin).
Update *git<span>.example.com* and *mail<span>.example.com* AAAA records with the current auto-detected public IP6 address of this machine. Log will be stored in the same directory as the script file (/usr/local/bin).
```Ini
[Service]
Type=oneshot
ExecStart=/usr/local/bin/cfddns.sh -6 -f /home/johndoe/account.details -r git.example.com -r mail.example.com
...
```
```Ini
[Service]
Type=oneshot
ExecStart=/usr/local/bin/cfddns.sh -6 -c /home/johndoe/cloudflare.credentials -r git.example.com,mail.example.com
...
```
3. **Update A records then AAAA records**
Update *mail<span>.example.com* A record with current IP address of this machine and
write to log file stored at */var/log/DDNS_IP4.log*. Then, update both
*mail<span>.example.com* and *git<span>.example.com* AAAA records with current IP address
of this machine and write to log file at */var/log/DDNS_IP6.log*.
Update *mail<span>.example.com* A record with auto-detected public IP4 address of this machine and write to log file stored at */var/log/DDNS_IP4.log*. Then, update both *mail<span>.example.com* and *git<span>.example.com* AAAA records with the specified IP6 address and write to log file at */var/log/DDNS_IP6.log*.
```Ini
[Service]
Type=oneshot
ExecStart=/usr/local/bin/cfddns.sh -f /dir1/account.cf -r mail.example.com -l /var/log/DDNS_IP4.log
ExecStart=/usr/local/bin/cfddns.sh -6 -f /dir2/cloudflare.details -r mail.example.com -r git.example.com -l /var/log/DDNS_IP6.log
# update IP4 addresses
ExecStart=/usr/local/bin/cfddns.sh -c /dir1/account.cf -r mail.example.com -l /var/log/DDNS_IP4.log
# update IP6 addresses
ExecStart=/usr/local/bin/cfddns.sh -6 -c /dir2/cloudflare.details -r mail.example.com,git.example.com --ip fd3f:e6db:9817:df84::a001 -l /var/log/DDNS_IP6.log
...
```
## cfddns.timer
This is the timer file that tells your system how often to call the
cfddns.service file which runs the cfddns&#46;sh script. By default, the timer is
set for 5 minutes after the system boots up (to allow for other processes to
initialize even on slower systems like a RasPi) and is then run every 15
minutes thereafter. Remember when setting your timer that CloudFlare limits
API calls to 1200 every 5 minutes.
This is the timer file that tells your system how often to call the *cfddns.service* file which runs the *cfddns&#46;sh* script. By default, the timer is set for 5 minutes after the system boots up (to allow for other processes to initialize even on slower systems like a RasPi) and is then run every 15 minutes thereafter. Remember when setting your timer that Cloudflare limits API calls to 1200 every 5 minutes.
You can change the timer by modifying the relevant section of the cfddns.timer
file:
You can change the timer by modifying the relevant section of the *cfddns.timer* file:
```Ini
[Timer]
@ -224,22 +195,18 @@ ## cfddns.timer
OnUnitActiveSec=15min
```
*OnBootSec* is how long to wait after the system boots up before executing
the cfddns.service. *OnUnitActiveSec* will then wait the specified time from that
first (after boot) call or after the timer is explicitly started before calling
cfddns.service again. I recommend setting OnUnitActiveSec to a low value (like
2 minutes) for testing then setting it to a more reasonable time (like 15
*OnBootSec* is how long to wait after the system boots up before executing the *cfddns.service*. *OnUnitActiveSec* will then wait the specified time from that first (after boot) call or after the timer is explicitly started before calling *cfddns.service* again. I recommend setting OnUnitActiveSec to a low value (like 2 minutes) for testing then setting it to a more reasonable time (like 15
minutes) after everything is working.
### Activation
You can start the timer system immediately via systemctl
You can start the timer system immediately via *systemctl*
```Bash
systemctl start cfddns.timer
```
and can enable it to start automatically on system start up by typing
and can enable it to start automatically on boot by typing
```Bash
systemctl enable cfddns.timer
@ -251,55 +218,45 @@ ### Activation
systemctl status cfddns.timer
```
It is NOT necessary to enable/start the *cfddns.service*, only the timer needs
to be active.
It is NOT necessary to enable/start the *cfddns.service*, only the timer needs to be active.
## The log file
## Logging
The script logs every major action it takes and provides details on any errors
it encounters in the log file (see the above section for details on log file
location and name). If errors are encountered, they are colour coded red and
an explanation of the error code is provided.
The script logs every major action it takes and provides details on any errors it encounters in the log file (see the [parameters section](#parameters) for details about setting log location and name). If errors are encountered, they are colour coded red and an explanation of the error code is provided.
While the log file is as terse as I felt reasonable, you may still want to
configure any log-watch programs to further filter things for you so you don't
have to review this log as part of your daily routine. To make that easier, the
following conventions are observed in the log file and can be used to program
your log-watch system:
While the log file is as terse as I felt reasonable, you may still want to configure any log-watch programs to further filter things for you so you don't have to review this log as part of your daily routine. To make that easier, the following conventions are observed in the log file and can be used to program your log-watch system:
- Errors always appear as **-- [ERROR] text and error code here --**
- Errors are followed by an explanation of the specific error code on a new line
- A clean exit appears as **-- [SUCCESS] some text here --**
- The script always starts a new set of log entries with **-- Start CloudFlare
DDNS script execution --**
- All log file entries start with a time-stamp in **[square brackets]**
- Specific update process errors: **[TIMESTAMP] ERR: message**
- These can be counted/filtered separately if you only care about update errors and not any other errors.
- Error messages: **[TIMESTAMP] ERROR: message (code: number)**
- Only one summary error message will be displayed for any/all update errors. This message contains a tally of failed updates. If you want to count individual update errors, filter for the above process error message format.
- While process error messages only relate to updates, these general error messages are logged for a variety of error conditions so its a good idea to include them in any filters.
- Cloudflare API error messages: **[TIMESTAMP] CF-ERR: message (code: cf-error-code)**
- These are only logged when update process errors occur so that you can see exactly what the Cloudflare API is complaining about.
- Specific update process warnings: **[TIMESTAMP] WARN: message**
- These can be counted/filtered separately from general warning messages. Presently, there are *no* general warning messages.
- Warning messages: **[TIMESTAMP] WARNING: message**
- Summary of each type of warning. Contains a tally of the specific warning.
- Currently, warnings are only issued for hostnames that are not found (i.e. update process warnings).
- Success messages: **[TIMESTAMP] SUCCESS: message**
- Each successful update generates a success message. There is no process or tally message.
- Already up-to-date: **[TIMESTAMP] IP address for {fqdn} is already up-to-date**
- Already up-to-date host entries generate a success message but you may still want to filter for them separately using this criteria.
- A session log always starts with **[TIMESTAMP] -- Cloudflare DDNS update-script: starting --**
- A successful session log always ends with **[TIMESTAMP] -- Cloudflare DDNS update-script: completed successfully --**
- A session ending with errors always ends with **[TIMESTAMP] -- Cloudflare DDNS update-script: completed with error(s) --**
### Using Logwatch to monitor this script
If you are using the Logwatch package to monitor your system, **see the README
in the /etc/logwatch folder** for details about the pre-configured service files
already done for you :-)
If you are using the Logwatch package to monitor your system, see the README in the */etc/logwatch* folder for details about the pre-configured service files already done for you :-)
### Using Logrotate to control log file size
Logrotate is pre-installed on standard Debian/Ubuntu distributions and is a great
way to automatically rotate your log files and control how many old logs you
keep on your system so they don't accumulate and eat up your disk space.
I've included a sample configuration file you can copy to your
*/etc/logrotate.d/* folder. This file is set up to rotate your logs once a
week, keep 3 weeks worth of history (compressed) and delete all logs older than
that. The configuration file is located in this git archive at
*/etc/logrotate.d/cfddns* and is fully commented to help you customize it to
suit your needs.
Logrotate is pre-installed on standard Debian/Ubuntu distributions and is a great way to automatically rotate your log files and control how many old logs you keep on your system so they don't accumulate and eat up your disk space. I've included a sample configuration file you can copy to your */etc/logrotate.d/* folder. This file is set up to rotate your logs once a week, keep 3 weeks worth of history (compressed) and delete all logs older than that. The configuration file is located in this git archive at
*/etc/logrotate.d/cfddns* and is fully commented to help you customize it to suit your needs.
## Final thoughts
I'm by no means an expert in BASH scripting and I only program/script as a hobby
when I find stuff that irritates me and no other good solutions seem easily
available. So, by all means, please comment, provide feedback and suggestions
to make this script better! Thanks, I hope this helps someone else out!
Hopefully this helps you with an easy and reliable way to update your Cloudflare DNS entries with a dynamic IP address. Please feel free to comment and provide feedback and suggestions to make this script better!
Please check out my blog at
[https://mytechiethoughts.com](https://mytechiethoughts.com) where I tackle
problems like this all the time and find free/cheap solutions to tech problems.
Please check out my blog at [https://mytechiethoughts.com](https://mytechiethoughts.com) where I tackle problems like this all the time and find free/cheap solutions to tech problems.

View File

@ -1,45 +1,25 @@
# Using Logwatch to monitor Cloudflare DDNS updater script <!-- omit in toc -->
The Cloudflare DDNS update script's log file has been set up so that utilities
like Logwatch can easily parse it. In order to make that happen, a LogFile
Group file, Service and Script have to be created for Logwatch to generate
reports. The correct (general) directory structure has been created in this git
archive already. Below are the details of each file.
The Cloudflare DDNS update script's log file has been set up so that utilities like Logwatch can easily parse it. In order to make that happen, a LogFile Group file, Service and Script have to be created for Logwatch to generate reports. The correct (general) directory structure has been created in this git archive already. Below are the details of each file.
## Contents <!-- omit in toc -->
- [LogFile Group file (/etc/logwatch/conf/logfiles/cfddns.conf)](#logfile-group-file-etclogwatchconflogfilescfddnsconf)
- [Log file location](#log-file-location)
- [Archive location and name format](#archive-location-and-name-format)
- [External script for timestamp processing](#external-script-for-timestamp-processing)
- [Service definition file (/etc/logwatch/conf/services/cfddns.conf)](#service-definition-file-etclogwatchconfservicescfddnsconf)
- [LogFile Group file definition](#logfile-group-file-definition)
- [Report title](#report-title)
- [Detail level](#detail-level)
- [Service script (/etc/logwatch/scripts/services/cfddns)](#service-script-etclogwatchscriptsservicescfddns)
- [Detail levels](#detail-levels)
- [Timestamp processing script (/etc/logwatch/scripts/shared/sqfullstampanywhere)](#timestamp-processing-script-etclogwatchscriptssharedsqfullstampanywhere)
- [The time format specification](#the-time-format-specification)
- [The search REGEX](#the-search-regex)
- [Testing](#testing)
- [Final thoughts](#final-thoughts)
<!-- toc -->
<!-- tocstop -->
## LogFile Group file (/etc/logwatch/conf/logfiles/cfddns.conf)
### Log file location
Update this as needed to point to the location and name of the log file
generated by the updater script. Remember, by default, the log file is created
in the same directory as the script itself.
Update this as needed to point to the location and name of the log file generated by the updater script. Remember, by default, the log file is created in the same directory as the script itself.
```Ini
LogFile = /path/to/your/cfddns.log
...
```
Best practices suggest you use the *-l*
flag to change this location to something like */var/log/cfddns.log*, for
example. In that case, the entry would look like:
Best practices suggest you use the `--log` flag to change this location to something like */var/log/cfddns.log*, for example. In that case, the entry would look like:
```Ini
LogFile = /var/log/cfddns.log
@ -48,12 +28,7 @@ ### Log file location
### Archive location and name format
If you want Logwatch to process old (archived) log files generated by something
like *Logrotate*, then you have to specify the location and file name format of
those files. I've included the generalized compressed format of such rotated
files as the default in the script. Suppose you store your log files in the
recommended location (*/var/log/*) and are using *Logrotate* with compression
enabled, the archive line would look like:
If you want Logwatch to process old (archived) log files generated by something like *Logrotate*, then you have to specify the location and file name format of those files. I've included the generalized compressed format of such rotated files as the default in the script. Suppose you store your log files in the recommended location (*/var/log/*) and are using *Logrotate* with compression enabled, the archive line would look like:
```Ini
...
@ -61,19 +36,13 @@ ### Archive location and name format
...
```
This would tell Logwatch, when the archive option is set to true, that your
*cfddns.log* files are archived as: *cfddns.log.1.gz*, *cfddns.log.2.gz*, etc.
and are all located in */var/log/*.
This would tell Logwatch, when the archive option is set to true, that your *cfddns.log* files are archived as: *cfddns.log.1.gz*, *cfddns.log.2.gz*, etc. and are all located in */var/log/*.
**Note: This line is totally optional and only used if you set the archive
option in Logwatch to true. You can comment/delete this line if you wish.**
> Note: This line is totally optional and only used if you set the archive option in Logwatch to true. You can comment/delete this line if you wish.
### External script for timestamp processing
Since the log file uses a non-standard (according to Logwatch) method of
datestamping, a custom filter had to be created. See the
[relevant](#timestamp-processing-script-etclogwatchscriptssharedsqfullstampanywhere)
section of this document for more information.
Since the log file uses a non-standard (according to Logwatch) method of datestamping, a custom filter had to be created. See the [relevant](#timestamp-processing-script-etclogwatchscriptssharedsqfullstampanywhere) section of this document for more information.
The script file is called with an *\** before the filename.
@ -83,31 +52,24 @@ ### External script for timestamp processing
...
```
If you change the name of this file, you will have to change this line.
Remember that whatever you type here as a name is converted to all-lowercase
so your filename should be all lowercase also.
If you change the name of this file, you will have to change this line. Remember that whatever you type here as a name is converted to all-lowercase so your filename should be all lowercase also.
## Service definition file (/etc/logwatch/conf/services/cfddns.conf)
### LogFile Group file definition
The service file needs to know what group of log files it is responsible for
processing. This MUST match the name of your *LogFile Group file*:
The service file needs to know what group of log files it is responsible for processing. This MUST match the name of your *LogFile Group file*:
```Ini
LogFile = cfddns
...
```
If you change your LogFile Group filename, then update it here too without the
*.conf* extension.
If you change your LogFile Group filename, then update it here also without the *.conf* extension.
### Report title
The Logwatch output file (html or text) is divided into sections. You can
define the title to be anything that has meaning for you. I have arbitrarily
chosen *"CloudFlare DDNS update"* but you can change it to anything you want by
modifying the line:
The Logwatch output file (html or text) is divided into sections. You can define the title to be anything that has meaning for you. I have arbitrarily chosen *"CloudFlare DDNS update"* but you can change it to anything you want by modifying the line:
```Ini
...
@ -115,10 +77,7 @@ ### Report title
```
### Detail level
If you want to set the *detail* level of this service differently from your
other services (which will use the *--detail* switch value or the value in your
*logwatch.conf*), then you can define that level here. By default, it appears
like this in the service configuration file:
If you want to set the *detail* level of this service differently from your other services (which will use the *--detail* switch value or the value in your *logwatch.conf*), then you can define that level here. By default, it appears like this in the service configuration file:
```Ini
...
@ -127,8 +86,7 @@ # Remember the levels are: 0, 1-4, 5, 6+
# Detail = 0
```
Simply change it to the value you want enforced. For example, here I'm setting
it to output level 5 regardless of whatever settings everything else is using.
Simply change it to the value you want enforced. For example, here I'm setting it to output level 5 regardless of whatever settings everything else is using.
```Ini
# Override the detail level for this service
@ -138,16 +96,10 @@ # Remember the levels are: 0, 1-4, 5, 6+
## Service script (/etc/logwatch/scripts/services/cfddns)
Logwatch calls any script with a name that **matches the service name**. You'll
notice that I just named everything *cfddns* to keep things simple. You can
change this to whatever you want, however. If you changed the service name to
*"cloudflare*.conf", for example, you would have to rename this script file to
"*cloudflare*" with no extension. Note: The script is a PERL file (note the
Logwatch calls any script with a name that **matches the service name**. You'll notice that I just named everything *cfddns* to keep things simple. You can change this to whatever you want, however. If you changed the service name to *"cloudflare*.conf", for example, you would have to rename this script file to "*cloudflare*" with no extension. Note: The script is a PERL file (note the
shebang) but it can be written in any language.
In essence, Logwatch just spits out the log file(s) defined in the LogFile Group
file as standard input (STDIN) for the script and then takes whatever is output
(STDOUT) from the script to assemble into it's report.
In essence, Logwatch just spits out the log file(s) defined in the LogFile Group file as standard input (STDIN) for the script and then takes whatever is output (STDOUT) from the script to assemble into its report.
### Detail levels
@ -192,20 +144,11 @@ ### Detail levels
## Timestamp processing script (/etc/logwatch/scripts/shared/sqfullstampanywhere)
This is basically a modified version of the '*applyeurodate*' script that comes
with Logwatch. It had to be modified to search within [square brackets] and to
accept characters coming before the stamp (i.e. ANSI colour codes). If you
change the '**stamp**' variable in the updater script to update the timestamp to
your liking (which to totally fine!) then you'll probably have to update this
file. There are two lines you need to modify to suit your new '**stamp**'
variable.
This is basically a modified version of the '*applyeurodate*' script that comes with Logwatch. It had to be modified to search within [square brackets] and to accept characters coming before the stamp (i.e. ANSI colour codes). If you change the '**stamp**' variable in the updater script to update the timestamp to your liking (which to totally fine!) then you'll probably have to update this file. There are two lines you need to modify to suit your new '**stamp**' variable.
### The time format specification
'*$SearchDate*' is the variable used in the PERL script to do exactly what it
says, search for the date stamp. I have it set up to look for the format
'*year-month-date hour:minute:second*'. Note, we don't care about brackets or
anything here, we're just defining the format of the date/time stamp.
'*$SearchDate*' is the variable used in the PERL script to do exactly what it says, search for the date stamp. I have it set up to look for the format '*year-month-date hour:minute:second*'. Note, we don't care about brackets or anything here, we're just defining the format of the date/time stamp.
```Perl
...
@ -213,9 +156,7 @@ ### The time format specification
...
```
If you changed the '**stamp**' variable so it was formatted as '*month/day/year
hour:minute*' (ex: '*[09/27/2018 18:38]*') then you'd update the **$SearchDate**
variable as follows (note: no mention of the square brackets!):
If you changed the '**stamp**' variable so it was formatted as '*month/day/year hour:minute*' (ex: '*[09/27/2018 18:38]*') then you'd update the **$SearchDate** variable as follows (note: no mention of the square brackets!):
```Perl
...
@ -225,8 +166,7 @@ ### The time format specification
### The search REGEX
The PERL script uses a '*regular expression*' (REGEX) to search within the log file for
'*$SearchDate*'. For the default datestamp, this specification looks like:
The PERL script uses a '*regular expression*' (REGEX) to search within the log file for '*$SearchDate*'. For the default datestamp, this specification looks like:
```Perl
...
@ -234,12 +174,7 @@ ### The search REGEX
...
```
The REGEX appears between '*m/*' and '*/o*'. In this case, it searches for
'*$SearchDate*' inside [square brackets] appearing anywhere on the line. This
is because ANSI colour-codes often appear before the datestamp in the default
log file. If you have modified this so that your datestamp appears at the
beginning of the line and in the example format in the section above (using
slashes instead of dashes) then you'd rewrite this REGEX as follows:
The REGEX appears between '*m/*' and '*/o*'. In this case, it searches for '*$SearchDate*' inside [square brackets] appearing anywhere on the line. This is because ANSI colour-codes often appear before the datestamp in the default log file. If you have modified this so that your datestamp appears at the beginning of the line and in the example format in the section above (using slashes instead of dashes) then you'd rewrite this REGEX as follows:
```Perl
...
@ -265,16 +200,14 @@ ### The search REGEX
## Testing
Run *logwatch --help* and note the options. You can test just this service
locally on your screen with the following command (assuming you kept default
names for everything):
Run *logwatch --help* and note the options. You can test just this service locally on your screen with the following command (assuming you kept default names for everything):
```Bash
# Summary output, entire duration of log file
logwatch --service cfddns --output stdout --format text --range all --detail 0
# Minimal detail, yesterday only
logwatch --service cfddns --output stdout --format text --range yesterday --detail 3
logwatch --service cfddns --output stdout --format text --range yesterday --detail 1
# Verbose output, today only
logwatch --service cfddns --output stdout --format text --range today --detail 5
@ -282,7 +215,4 @@ # Verbose output, today only
## Final thoughts
That's it! I'm a horrible PERL programmer so if anyone can optimize/improve the
script file used for Logwatch then please do it! Otherwise, I hope this made
sense and helped you integrate the updater script with Logwatch for easy
monitoring :-)
That's it! I'm a horrible PERL programmer so if anyone can optimize/improve the script file used for Logwatch then please do it! Otherwise, I hope this made sense and helped you integrate the updater script with Logwatch for easy monitoring :-)