Copy settings of one site to another site

Hello,

Is it possible to copy the entire settings of one site to another site?

In the present case, I added a site and had to manually go through each & every section and change the settings. The ability to copy settings from one site to another site would save a lot of time.

Thanks in advance.

Cloudflare does not natively support that. The best workaround is to use Terraform to generate a configuration template of one site, make some changes to the configuration template (e.g. zone ID, account ID, etc), then apply the template to the new site. If you are new to Terraform, this process could take some time and sometimes it’s tricky to do so. If you don’t have a lot of settings (e.g. firewall rules and page rules) to replicate, it’s best to just do it manually rather than using Terraform.

1 Like

Thank you for your help.

I checked Terraform, and it’s indeed a complex thing to learn at first.

But if someone else has used Terraform earlier to make changes in Cloudflare, then maybe I can refer to that example configuration template to get a fair idea on getting started and then modify the configuration template.

1 Like

It’s a tough journey to use Terraform for such operations (I did that for one of our largest customers last year, which contains about 50 domains to migrate, and it took us days to complete). But I can share some experience with you on how I did that previously. Disclaimer: the information given is based on my experience dealing with Terraform in October 2020, so some of the information might be not relevant for now. Also I can’t guarantee 100% completeness of the information given.

First, you need to use cf-terraforming to generate a Terraform config file from your existing zone settings. The command to perform the action would be something like this:
cf-terraforming -e [email protected] -k GLOBAL_API_KEY -z SOURCE_ZONE_ID -a ACCOUNT_ID -v all > config.tf

After that, there are some changes needed to make inside the config.tf file. This includes adding the following to the beginning of the file:

terraform {
  required_providers {
    cloudflare = {
      source = "cloudflare/cloudflare"
      version = "2.11.0" #That was the version that I use in October 2020, you should use the latest version
    }
  }
}

provider "cloudflare" {
  email = "[email protected]"
  api_key = "GLOBAL_API_KEY"
  account_id = "ACCOUNT_ID"
}

And due to some bugs within the cf-terraforming itself, some of the items inside the generated config.tf needs to be removed or modified (again, this was based on my experience in October 2020, some information might be outdated e.g. the bugs might be already fixed while I am writing this reply). I did note down what should be removed and what should be changed, so it looks like this:

Things that we need to remove from terraform config file:
1. resource "cloudflare_account_member"
2. resource "cloudflare_custom_pages"
3. resource "cloudflare_waf_rule"
4. resource "cloudflare_worker_script"
5. resource "cloudflare_zone"
** run this regex for 5 resources above:
^resource\s"(cloudflare_account_member|cloudflare_custom_pages|cloudflare_waf_rule|cloudflare_worker_script|cloudflare_zone)[\s\S\r]*?\}\n\n
6. resource "cloudflare_zone_settings_override" - advanced_ddos, ciphers, edge_cache_ttl, orange_to_orange, tls_1_2_only

Things that we need to change inside terraform config file:
1. replace zone_id to the one inside new accounts
2. replace IP Access Rule configuration { to configuration = {
2. replace firewall rule filter ID to cloudflare_filter.filter_name.id
3. replace zone to zone_id
4. resource "cloudflare_worker_route" - modify script_name
5. resource "cloudflare_zone_settings_override" - replace name to zone_id

There were some items that cf-terraforming did not include in the Terraform config file, and they are listed below (again, things might change since October 2020, they might already fixed the cf-terraforming issue):

Things that we need to do manually:
1. Check WAF rules - enabled rulesets, OWASP ruleset settings
2. Check Access Applications, Groups, Policies, IdP
3. SSL/TLS - Edge Certificates
4. Logpush jobs
6. User Agent Blocking
7. Argo
8. Health Check
9. Enhanced HTTP2 Prioritization
10. AMP Real URL

Lastly, run terraform apply to apply all the configurations to the new zone.

As you can see, there was a lot of work to do during that time just to copy the settings from one zone to another. If you still think Terraform might help you speed up the process (if you have a lot of zones. firewall rules and page rules), then you may refer to the information above BUT I can’t guarantee 100% accuracy and completeness of the information given.

Good luck!

2 Likes

Thank you so much for all the valuable information, really appreciate it.

I will work on it on Sunday or Monday and see what best I can do.

Thank you once again :slight_smile:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.