TadaCloud DNS Manager
A Cloudflare extension for your code editor. Manage multiple accounts, migrate domains, edit DNS records, and manage team members without leaving your editor.
You can find my extensions on the VS Code Marketplace or the Open VSX
🆕 What's New in v1.4.0
� SSL/TLS Mode Management
Control your domain's encryption settings directly from your editor!
- Set SSL Mode: Right-click any domain → "Set SSL Mode"
- Automatic Mode: Let Cloudflare manage your SSL (recommended Full)
- Custom Modes: Choose from Full (Strict), Full, Flexible, or Off
- Current mode is highlighted in the menu
🧹 Cache Purge (Smart Purge)
Purge Cloudflare cache without leaving your editor!
Domain-Level (Purge Everything):
- Right-click any domain → "🧹 Purge Cache (Everything)"
- Removes ALL cached files for the entire zone
- Confirmation dialog prevents accidental purges
Subdomain-Level (Smart Purge):
- Right-click any DNS record → "🧹 Purge Subdomain Cache"
- Purges ONLY the specific subdomain (e.g.,
prueba.example.com)
- Surgical precision - doesn't affect other subdomains or root domain
🔐 New Permission Required
To use cache purge features, add this permission to your API Token:
- Go to Cloudflare API Tokens
- Click "Edit" on your existing token
- Add:
Zone → Cache Purge → Purge
- Save and update in extension (right-click account → "Update API Token")
Features
- 🔐 Multiple Accounts: Manage multiple Cloudflare accounts securely
- 🌐 Domain Management: View all your domains (zones) in one place
- 📝 DNS Records: Full CRUD operations for DNS records (21 record types supported)
- 👥 Team Management: Invite, edit, and remove team members with role-based access
- 🔒 SSL/TLS Control: Set encryption mode (Full Strict, Full, Flexible, Off)
- 🧹 Cache Purge: Purge entire domain or specific subdomains
- 🟠 Quick Proxy Toggle: Toggle Cloudflare proxy with one click
- 🔍 DNS Checker: Check DNS propagation status using Google and Cloudflare DNS
- ✅ Domain Validation: RDAP verification before adding domains
- 🎨 Native UI: Integrates seamlessly with VS Code's interface
Installation
- Open your Code Editor
- Go to Extensions (
Ctrl+Shift+X)
- Search for "TadaCloud DNS Manager"
- Click Install
🔐 Linux Security Requirements
🐧 Click here if you're using Linux
If you encounter the error "An OS keyring couldn't be identified" or extension secrets are not saving, follow these steps:
1️⃣ Install Dependencies
Choose the command for your distribution:
| Distribution |
Command |
| Arch Linux / Manjaro |
sudo pacman -S gnome-keyring libsecret seahorse |
| Debian / Ubuntu / Mint |
sudo apt install gnome-keyring libsecret-1-0 seahorse |
| Fedora |
sudo dnf install gnome-keyring libsecret seahorse |
2️⃣ Setup the Keyring (GUI)
- Open Seahorse (search for "Passwords and Keys" in your applications menu)
- Click the
+ button and select "Password Keyring"
- Name it exactly:
Login
- Right-click on the new "Login" keyring → "Set as default"
- Ensure the 🔓 padlock icon is open (Unlocked)
You must tell your editor to use the system keyring:
- Open the Command Palette (
Ctrl+Shift+P)
- Type:
Preferences: Configure Runtime Arguments
- This will open
argv.json
- Add the following line (ensure correct JSON commas):
"password-store": "gnome"
4️⃣ Restart your editor completely
Close and reopen your editor for changes to take effect.
✅ After completing these steps, your API tokens and credentials will be stored securely in your system keyring.
Getting Started
- Click the TadaCloud icon in the Activity Bar (left sidebar)
- Click the
+ button to add a Cloudflare account
- Enter a friendly name for your account
- Paste your Cloudflare Account ID (found on Dashboard sidebar)
- Paste your Cloudflare API Token
Creating an API Token
🔑 How to create a Cloudflare API Token:
- Go to Cloudflare Dashboard → Profile → API Tokens
- Click "Create Token" → "Create Custom Token"
- Set these 5 permissions (Critical for full functionality):
- Account → Account Settings → Edit
- Zone → Zone Settings → Edit
- Zone → Zone → Edit
- Zone → DNS → Edit
- Zone → Cache Purge → Purge
- Resources:
- Account Resources: Include → Your specific account
- Zone Resources: Include → All zones
- Client IP Filtering: Leave empty (do not add anything)
- TTL: Set Start Date to today and leave End Date empty
- Copy your API Token and your Account ID
(Account ID is on the right sidebar of your Dashboard)
🔒 Your credentials are encrypted and stored securely in your OS keychain via VS Code SecretStorage.
⚠️ Important: Both API Token and Account ID are required!
⚠️ Do NOT use Global API Key - use API Token only!
Managing Accounts
Right-click on an account to:
- ✏️ Rename Account
- 🔑 Update API Token
- 🔄 Refresh Domains
- 🌐 Migrate Domain to Cloudflare
- 👥 Invite Member
- 🗑️ Delete Account
Managing Team Members
The Team Members node appears under each account and shows all members with their roles and status.
Inviting Members:
- Right-click on your account → "Invite Member"
- Enter email addresses (comma-separated for multiple)
- Select access scope:
- "Entire Account" → Member gets account-level access
- "Specific Domains" → Member only accesses selected domains
- If specific domains, select which ones (multi-select)
- Select roles (multi-select - toggle on/off)
- Choose to send invitation or add directly
Available Roles:
- Account-level: Administrator, Analytics, Billing, DNS, Firewall, Workers, Zero Trust, etc.
- Domain-level: Domain DNS, Domain Administrator, Bot Management, Cache Purge, Page Shield, etc.
Managing Members:
Right-click on a team member to:
- ✏️ Edit Permissions - Change roles and domain access
- 📋 Copy Email - Copy member email to clipboard
- 📨 Resend Invitation - Resend email to pending members
- 🗑️ Remove Member - Remove from account with confirmation
Right-click on "Team Members" node to:
- 🔄 Refresh Members - Update the members list
Member Status Icons:
- ✅ Active member (accepted invitation)
- ⏳ Pending invitation (waiting for response)
- ❌ Rejected invitation
Migrating a Domain to Cloudflare
You can add new domains to Cloudflare directly from VS Code:
- Right-click on your account name
- Select "Migrate Domain to Cloudflare"
- Enter your domain name (e.g.,
example.com)
- Cloudflare will:
- Import existing DNS records automatically
- Assign nameservers for your domain
- Copy the nameservers and update them at your registrar
- Wait 24-48 hours for propagation
The domain will appear with 🟡 (pending) status until the nameservers are updated.
Managing DNS Records
Right-click on a domain to:
- ➕ Add DNS Record
- 🔄 Refresh Records
- 🌐 Open in Cloudflare
- 📋 Copy Zone ID
Right-click on a DNS record to:
- ✏️ Edit Record
- 🔀 Toggle Proxy
- 📋 Copy Content/IP
- 🔍 DNS Checker (check propagation status)
- 🗑️ Delete Record
DNS Checker
The DNS Checker feature allows you to verify if your DNS records have propagated globally. It queries Google DNS and Cloudflare DNS to check if your records are resolving correctly.
Supported record types for propagation checking:
- A, AAAA, CNAME, MX, TXT, NS
Status indicators:
- ✅ Propagated: All DNS servers return the expected value
- ⚠️ Partially Propagated: Some servers have the new value
- ⏳ Still Propagating: Servers haven't updated yet
Supported DNS Record Types
TadaCloud DNS Manager supports all 21 Cloudflare DNS record types:
| Type |
Description |
| A |
IPv4 Address |
| AAAA |
IPv6 Address |
| CAA |
Certificate Authority Authorization |
| CERT |
Certificate |
| CNAME |
Canonical Name |
| DNSKEY |
DNS Key |
| DS |
Delegation Signer |
| HTTPS |
HTTPS Service Binding |
| LOC |
Location |
| MX |
Mail Exchange |
| NAPTR |
Naming Authority Pointer |
| NS |
Name Server |
| OPENPGPKEY |
OpenPGP Key |
| PTR |
Pointer |
| SMIMEA |
S/MIME Certificate |
| SRV |
Service |
| SSHFP |
SSH Fingerprint |
| SVCB |
Service Binding |
| TLSA |
TLS Authentication |
| TXT |
Text Record |
| URI |
Uniform Resource Identifier |
Configuration
Open Settings and search for tadacloud-dns-manager:
| Setting |
Default |
Description |
defaultTTL |
auto |
Default TTL for new records |
defaultProxyEnabled |
true |
Enable proxy by default |
visibleRecordTypes |
["A", "AAAA", "CNAME", "MX", "TXT"] |
Record types to display |
confirmBeforeDelete |
true |
Show confirmation before deleting |
showRecordCount |
true |
Show record count on domains |
Security
- API tokens are stored securely using VS Code's SecretStorage (encrypted)
- Tokens are never exposed in logs or settings files
- All communication with Cloudflare uses HTTPS
Technical Transparency
This extension uses an internal system to ensure reliable member role assignment across all Cloudflare account types:
Why is this needed?
Cloudflare's public API sometimes returns Permission Group IDs that are not accepted by the Members API, particularly on Free and Pro accounts. This causes "invalid permission group" errors when inviting members.
How we solve it:
- Fallback ID System: The extension maintains an internal list of 50+ verified Permission Group IDs, reverse-engineered from the Cloudflare Dashboard
- Priority Logic: Hardcoded IDs are checked before API responses to ensure reliability
- Ad-Hoc Policies: For domain-specific permissions, we use a special "Ad-Hoc" scope structure that matches Cloudflare Dashboard behavior
This is completely transparent and does not modify any Cloudflare settings. It simply ensures that the correct IDs are used when making API requests.
Feedback & Support
If you find this extension useful, please consider:
⭐ Leave a star - it helps others discover this extension!
💬 Write a review - your feedback helps improve the extension
If you have any theme requests or issues, please open an issue.
📄 License
MIT © TadashiDevs
