Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I wanted to do this a long time ago but I wouldn't trust my router with a Cloudflare API key. Paranoid or is there a way to limit that key to one domain or, even better, one DNS entry?


As the other commenter says, you can get pretty granular with the permissions. If you want to go even further, you can build a Cloudflare Worker that performs exactly the request that you want to do, and nothing else. Then you can configure your router to hit that instead of the API directly.


Yes you can generate a key which, for example, only allows you to edit DNS of a specific domain


you can setup the job on your trusted machine behind the router, could be raspberry pi or your desktop




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: