Use Cloudflare Workers Cron Triggers to keep your Hetzner Cloud Firewall allowing the latest list of Cloudflare IPs, or any other lists!

Overview

Hetzner Cloud Firewall automation with Cloudflare Workers

Heavily inspired by xopez/Hetzner-Cloud-Firewall-API-examples, this repository holds a Cloudflare Worker which updates a Hetzner Cloud Firewall to use the latest list of Cloudflare IP ranges on a Cron Trigger.

Requirements

  • Hetzner Cloud account
  • Wrangler: npm install -g @cloudflare/wrangler
  • Cloudflare account configured to deploy Workers

Usage

  • Create a Firewall on Hetzner Cloud that you want to set to the Cloudflare IPs.
  • Set the ports you want to allow through the Firewall in the PORTS variable of wrangler.toml
  • Enter the ID of the Firewall in FIREWALL_ID. You can find this as the nuumber after /firewalls/ in the console URl when visiting the Firewall.
  • Create a Hetzner Cloud API Token and set it with wrangler secret put API_TOKEN.
  • (Optional) Secure your workers.dev domain by adding an extra secret to manual REST calls:
    • wrangler secret put WORKER_SECRET
    • This secret will need to be in the Authorization header to trigger the Worker manually over HTTPS, but only if the secret is defined. Cron triggers are automatic and unaffected.

Creativity

If allowing Cloudflare IPs is not your jam, it should be easy to edit index.js and replace the two URLs with any other URLs that produce a newline-seperated list of IP ranges, allowing you to allowlist any service you desire.

Remember to remove the rules.concat line if you only end up having one list.

You might also like...

Adds clap button (like medium) to any page for your Next.js apps.

Adds clap button (like medium) to any page for your Next.js apps.

@upstash/claps Add a claps button (like medium) to any page for your Next.js apps. Nothing to maintain, it is completely serverless 💯 Check out the d

Nov 23, 2022

Easily redirect one entire domain to another with a serverless Cloudflare Worker.

Easily redirect one entire domain to another with a serverless Cloudflare Worker.

Domain Redirecting with Cloudflare Workers Easily redirect one entire domain to another with a serverless Cloudflare Worker. All paths and other data

Dec 11, 2022

Send emails using Cloudflare Worker, for free.

Email API for Proselog. Not intended for use outside of Proselog, but it should work with any worker, without any configuration. import { sendEmail }

Nov 7, 2022

Cloudflare Worker to make a R2 Bucket public!

r2-public-worker A Cloudflare Worker to make your R2 bucket public! Minimum Requirements Cloudflare Account wrangler = 2.0.2 Note: Ensure you are usi

Sep 19, 2022

This project demonstrates how you can use the multi-model capabilities of Redis to create a real-time stock watchlist application.

This project demonstrates how you can use the multi-model capabilities of Redis to create a real-time stock watchlist application.

Introduction This project demonstrates how you can use Redis Stack to create a real-time stock watchlist application. It uses several different featur

Jan 2, 2023

Cache is easy to use data caching Node.js package. It supports Memcached, Redis, and In-Memory caching engines.

Cache Cache NPM implements wrapper over multiple caching engines - Memcached, Redis and In-memory (use with single threaded process in development mod

Oct 24, 2022

generate statistics on the number of audience minutes your site is generating, and if readers make it to the end of your screeds

generate statistics on the number of audience minutes your site is generating, and if readers make it to the end of your screeds

audience-minutes generate statistics on the number of audience minutes your site is receiving, and if readers make it to the end of your screeds. “If

Dec 28, 2022

Build and deploy a roadmap voting app for your porject

Build and deploy a roadmap voting app for your porject

Roadmap Voting App You can deploy Roadmap application yourself and get feedback from your users about your roadmap features. See the live example. In

Jan 3, 2023

⚡️ Supercharge your ViewComponent development process 🚀

⚡️ Supercharge  your ViewComponent development process 🚀

L 👀 kbook ⚡️ Supercharge your ViewComponent development process 🚀 About Lookbook provides a ready-to-go UI for navigating, inspecting and interactin

Dec 26, 2022
Owner
Erisa A
22 y.o. female weirdo with a passion for making a mess of things. Avatar credit: https://picrew.me/image_maker/1315158
Erisa A
A simple Node.js APIBAN client for downloading banned IPs and inserting them into a redis set

apiban-redis A simple Node.js APIBAN client for downloading banned IPs and inserting them into a redis set. Installation This utility can be run as a

jambonz 4 Apr 5, 2022
Using Cloudflare worker to generate host list from firebog to keep updated.

AdGuardCloudflareHostGenerator Use a cloudflare worker to generate a up to date list from FireBog's ticked list found at https://v.firebog.net/hosts/l

Jake Steele 14 Nov 30, 2022
Build your Cloudflare Workers with esbuild.

build-worker Bundle your Cloudflare Worker with esbuild instead of webpack. (It's ridiculously faster!) Wrangler v1 uses webpack. Wrangler v2 is using

Rom 7 Oct 24, 2022
slash-create with Cloudflare Workers template

/create with Cloudflare Workers A slash-create template, using Cloudflare Workers. Getting Started Cloning the repo You can either use degit to locall

Snazzah 13 Jan 3, 2023
Airtable + Cloudflare Workers URL Shortener 🌤

tableflare Airtable + Cloudflare Workers URL Shortener ?? Quick Start Airtable Generate your Airtable API key from your account dashboard: https://air

Griko Nibras 10 Oct 16, 2022
Store and Deliver images with R2 backend Cloudflare Workers.

r2-image-worker Store and Deliver images with Cloudflare R2 backend Cloudflare Workers. Synopsis Deploy r2-image-worker to Cloudflare Make a base64 st

Yusuke Wada 62 Jan 3, 2023
Cloudflare Worker that will allow you to progressively migrate files from an S3-compatible object store to Cloudflare R2.

A Cloudflare Worker for Progressive S3 to R2 Blog Post: https://kian.org.uk/progressive-s3-to-cloudflare-r2-migration-using-workers/ This is a Cloudfl

Kian 29 Dec 30, 2022
Making service workers easy so that your app is fast and reliable, even offline.

tulo.js Making service workers easy to use so that your app can be fast and reliable, even offline. Welcome to tulo.js, a service worker library that

OSLabs Beta 37 Nov 16, 2022
Example repo for getting NextJS, Rust via wasm-pack, and web workers all playing nicely together.

Example of integrating WASM & web workers with a Typescript NextJS project. Running yarn yarn dev Open localhost:3000 Layout Rust code is in ./rust, g

Studio Lagier 63 Dec 23, 2022
Cloud Run Jobs Demos - A collection of samples to show you how and when to run a container to completion without a server

Cloud Run Jobs Demo Applications Cloud Run Jobs allows you to run a container to completion without a server. This repository contains a collection of

Google Cloud Platform 34 Dec 23, 2022