81 lines
2.8 KiB
Markdown
81 lines
2.8 KiB
Markdown
# homeserverdns: Dynamic DNS updater for home servers
|
|
homeserverdns monitors the IPv6 addresses (using the ip tool from [iproute2](https://wiki.linuxfoundation.org/networking/iproute2)). When it detects a change, it updates the A and AAAA records for a set of domains (and subdomains).
|
|
|
|
So far it has modules for these domain provider APIs:
|
|
|
|
- [gandi.net LiveDNS API](https://doc.livedns.gandi.net/)
|
|
- [http.net DNS API](https://www.http.net/docs/api/) (untested)
|
|
- [dyn.com API](https://help.dyn.com/remote-access-api/perform-update/) (untested)
|
|
|
|
## Dependencies
|
|
- iproute2
|
|
- curl
|
|
- miniupnpc (optional, see the Configuration section)
|
|
- bind (optional, when using the http.net DNS API)
|
|
|
|
## Installation
|
|
There's no automated installation yet. As an example we install the two scripts `homeserverdns-daemon` and `homeserverdns-update` to `/usr/bin` and the configuration file to `/etc`.
|
|
|
|
```shell
|
|
sudo cp homeserverdns-daemon homeserverdns-update /usr/bin
|
|
sudo cp homeserverdns.cfg /etc
|
|
```
|
|
|
|
We create a user and adjust the permissions of the config file, so only that user can read it (and the credentials in it).
|
|
|
|
```shell
|
|
sudo useradd --system homeserverdns
|
|
sudo chown homeserverdns:root /etc/homeserverdns.cfg
|
|
sudo chown 0600 /etc/homeserverdns.cfg
|
|
```
|
|
|
|
If we want to use systemd to control homeserverdns, we need to install the service file `homeserverdns.service`. We have to make sure that the path of the config file and the `User` variable are correct in that file.
|
|
|
|
```shell
|
|
sudo cp homeserverdns.service /etc/systemd/system
|
|
```
|
|
|
|
Once the configuration is done we can start homeserverdns using
|
|
|
|
```shell
|
|
sudo systemctl start homeserverdns
|
|
```
|
|
|
|
## Configuration
|
|
All configuration options are described in more detail in `homeserverdns.cfg`. This is only an overview on the most important options.
|
|
|
|
First a protocol has to be defined, e.g.
|
|
|
|
```shell
|
|
protocol=gandi
|
|
```
|
|
|
|
For authentication at the domain provider, an authentication token has to be given. Some protocols require a user name and an API address, too.
|
|
|
|
```shell
|
|
auth_key=g5Hdsfkj5J49li8HH3jfhsJp
|
|
user= # not required for gandi
|
|
api_address= # not required for gandi
|
|
```
|
|
|
|
Now the domains (and subdomains) we want to update A and AAAA records for have to be defined.
|
|
|
|
```shell
|
|
domains=mydomain.com sub.mydomain.com
|
|
```
|
|
|
|
By default `UPNP` is used for detecting the server's public IPv4 address. So we should check if upnp works and returns the correct IPv4 address.
|
|
|
|
```shell
|
|
$ upnpc -s
|
|
[...]
|
|
ExternalIPAddress = 85.98.82.44
|
|
[...]
|
|
```
|
|
|
|
If we don't get a value for `ExternalIPAddress`, we should check our router and firewall settings. If `UPNP` does not work for us (e.g. in case the server is behind a Carrier Grade NAT), we can define our own method for looking up our public IPv4 address using the `public_ip4_hook` config option, e.g.
|
|
|
|
```shell
|
|
public_ip4_hook=curl -s -4 https://ipecho.net/plain
|
|
```
|