Skip to content

GitLab

Open
Created by Judah - MW@maximaweb

Generalised 3rd party service integration (to support Cloudflare DNS)

Details

Hi all, we would like to integrate Cloudflare (DNS specifically) with ISPConfig so that ISPC can be the master source of truth for DNS (and still continue to run named) but can keep separate CF DNS accounts in sync with DNS changes. At the moment we have to make DNS changes twice, once in ISPC and then replicated to CF which is slow and error prone.

In doing some research for this oft-requested feature we found this open feature request: #4846 and this HowToForge thread.

At the bottom of that HowToForge thread, @jnorell suggests generalising the system so it is provider agnostic and can then work with multiple DNS providers, which makes a lot of sense to me. It could even be generalised further so that it isn't just limited to linking DNS with external systems but also potentially websites with CDNs, etc.

So I guess I'd like to know: does that sound like something that fits nicely into ISPC? If I started on it would it be something you'd accept as a contribution? Do you have any guidance on the design/implementation? Are there any other ongoing efforts to do something similar I could take part in?

Finally, what would be preferable:

  1. A Cloudflare specific integration.
  2. A DNS specific integration (but 3rd party API agnostic, like Jesse suggested.)
  3. A completely general 3rd party framework (not limited to DNS.)

How it could work

Server

  • Server plugin for 3rd parties which imports 3rd party specific libraries.
  • Server library for Cloudflare imported as above which registers the right event listeners.
  • New DB table third_party_connection used by the plugin to store generic 3rd party connections.

Interface

  • New tab in Settings > Server config > called "3rd party connections" where the administrator can provide Cloudflare Reseller credentials, they are stored in the generic third_party_connection database as type cloudflare_reseller.
  • New limits in limit template to enable 3rd party access for clients.
  • New tab on DNS zone "External DNS" with dropdown menu to select a 3rd party integration, then option to supply email/API key and even a "New account" button if reseller credentials are installed on server. (Creds also stored in third_party_connection table.
  • New tab on DNS record "External DNS", allowing setting specific settings such as Cloudflare proxy status. (Where would that info be stored? Tricky. Extend the DNS record table to include a new column third_party_data (to keep it general)? Or a new table third_party_data to store all extra data?)

I'd appreciate your feedback on the approach before I start to see if I'm barking up the wrong tree, and also to see if anyone would like to help.