1
0
mirror of https://github.com/cmur2/dyndnsd.git synced 2024-12-22 20:54:24 +01:00
dyndnsd/README.md

212 lines
8.2 KiB
Markdown
Raw Normal View History

2013-04-27 14:07:14 +02:00
# dyndnsd.rb
2018-03-26 19:40:11 +02:00
[![Build Status](https://travis-ci.org/cmur2/dyndnsd.svg?branch=master)](https://travis-ci.org/cmur2/dyndnsd) [![Dependencies](https://badges.depfu.com/badges/4f25da8493f7a29f652ac892fbf9227b/overview.svg)](https://depfu.com/github/cmur2/dyndnsd)
2013-04-27 14:07:14 +02:00
A small, lightweight and extensible DynDNS server written with Ruby and Rack.
2013-04-27 22:38:13 +02:00
## Description
2013-04-27 22:10:47 +02:00
2018-02-15 16:02:33 +01:00
dyndnsd.rb aims to implement a small [DynDNS-compliant](https://help.dyn.com/remote-access-api/) server in Ruby supporting IPv4 and IPv6 addresses. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke a so-called *updater*, a small Ruby module that takes care of supplying the current hostname => ip mapping to a DNS server.
2013-04-27 22:38:13 +02:00
2018-02-15 16:02:33 +01:00
There is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers, too) to reload it's zone configuration.
2013-04-27 22:38:13 +02:00
2018-02-15 16:02:33 +01:00
Because of the mechanisms used, dyndnsd.rb is known to work only on \*nix systems.
2018-03-26 19:40:11 +02:00
See the [changelog](CHANGELOG.md) before upgrading. The older version 1.x of dyndnsd.rb is still available on [branch dyndnsd-1.x](https://github.com/cmur2/dyndnsd/tree/dyndnsd-1.x).
2013-05-01 10:17:40 +02:00
2013-04-27 22:38:13 +02:00
## General Usage
Install the gem:
gem install dyndnsd
Create a configuration file in YAML format somewhere:
```yaml
# listen address and port
host: "0.0.0.0"
port: "80"
2013-04-30 23:19:08 +02:00
# optional: drop priviliges in case you want to but you may need sudo for external commands
user: "nobody"
group: "nogroup"
2013-04-27 22:38:13 +02:00
# logfile is optional, logs to STDOUT else
logfile: "dyndnsd.log"
# interal database file
db: "db.json"
# all hostnames are required to be cool-name.example.org
domain: "example.org"
# configure the updater, here we use command_with_bind_zone, params are updater-specific
updater:
name: "command_with_bind_zone"
params:
zone_file: "dyn.zone"
command: "echo 'Hello'"
ttl: "5m"
dns: "dns.example.org."
email_addr: "admin.example.org."
# user database with hostnames a user is allowed to update
users:
2013-04-27 22:56:25 +02:00
# 'foo' is username, 'secret' the password
2013-04-27 22:38:13 +02:00
foo:
password: "secret"
hosts:
- foo.example.org
- bar.example.org
2013-04-27 22:56:25 +02:00
test:
password: "ihavenohosts"
2013-04-27 22:38:13 +02:00
```
Run dyndnsd.rb by:
dyndnsd /path/to/config.yaml
## Using dyndnsd.rb with [NSD](https://www.nlnetlabs.nl/nsd/)
2013-04-27 22:56:25 +02:00
NSD is a nice opensource, authoritative-only, low-memory DNS server that reads BIND-style zone files (and converts them into it's own database) and has a simple config file.
2013-04-27 22:38:13 +02:00
A feature NSD is lacking is the [Dynamic DNS update](https://tools.ietf.org/html/rfc2136) functionality BIND offers but one can fake it using the following dyndnsd.rb config:
```yaml
host: "0.0.0.0"
port: "8245" # the DynDNS.com alternative HTTP port
db: "/opt/dyndnsd/db.json"
domain: "dyn.example.org"
updater:
name: "command_with_bind_zone"
params:
# make sure to register zone file in your nsd.conf
zone_file: "/etc/nsd3/dyn.example.org.zone"
# fake DNS update (discards NSD stats)
command: "nsdc rebuild; nsdc reload"
ttl: "5m"
dns: "dns.example.org."
email_addr: "admin.example.org."
# specify additional raw BIND-style zone content
2013-04-27 22:56:25 +02:00
# here: an A record for dyn.example.org itself
2013-04-27 22:38:13 +02:00
additional_zone_content: "@ IN A 1.2.3.4"
users:
foo:
password: "secret"
hosts:
- foo.example.org
```
2013-04-27 22:10:47 +02:00
2013-04-27 22:56:25 +02:00
Start dyndnsd.rb before NSD to make sure the zone file exists else NSD complains.
## Using dyndnsd.rb with X
Please provide ideas if you are using dyndnsd.rb with other DNS servers :)
## Advanced topics
### Update URL
The update URL you want to tell your clients (humans or scripts ^^) consists of the following
2018-02-15 16:02:33 +01:00
http[s]://[USER]:[PASSWORD]@[DOMAIN]:[PORT]/nic/update?hostname=[HOSTNAMES]&myip=[MYIP]&myip6=[MYIP6]
2013-04-27 22:56:25 +02:00
where:
* the protocol depends on your (webserver/proxy) settings
* USER and PASSWORD are needed for HTTP Basic Auth and valid combinations are defined in your config.yaml
* DOMAIN should match what you defined in your config.yaml as domain but may be anything else when using a webserver as proxy
* PORT depends on your (webserver/proxy) settings
* HOSTNAMES is a required list of comma separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
2018-02-15 16:02:33 +01:00
* MYIP is optional and the HTTP client's IP address will be used if missing
* MYIP6 is optional but if present also requires presence of MYIP
2013-04-27 22:56:25 +02:00
### IP address determination
The following rules apply:
* use any IP address provided via the myip parameter when present, or
* use any IP address provided via the X-Real-IP header e.g. when used behind HTTP reverse proxy such as nginx, or
* use any IP address used by the connecting HTTP client
If you want to provide an additional IPv6 address as myip6 parameter the myip parameter containing an IPv4 address has to be present, too! No automatism is applied then.
2013-04-27 22:56:25 +02:00
### SSL, multiple listen ports
Use a webserver as a proxy to handle SSL and/or multiple listen addresses and ports. DynDNS.com provides HTTP on port 80 and 8245 and HTTPS on port 443.
### Init scripts
2013-05-03 16:06:53 +02:00
The [Debian 6 init.d script](init.d/debian-6-dyndnsd) assumes that dyndnsd.rb is installed into the system ruby (no RVM support) and the config.yaml is at /opt/dyndnsd/config.yaml. Modify to your needs.
2013-04-27 22:56:25 +02:00
2018-02-15 16:02:33 +01:00
### Monitoring
For monitoring dyndnsd.rb uses the [metriks](https://github.com/eric/metriks) framework and exposes several metrics like the number of unauthenticated requests, requests that did (not) update a hostname, etc. By default the most important metrics are shown in the [proctitle](https://github.com/eric/metriks#proc-title-reporter) but you can also configure a [Graphite](https://graphiteapp.org/) backend for central monitoring.
```yaml
host: "0.0.0.0"
port: "8245" # the DynDNS.com alternative HTTP port
db: "/opt/dyndnsd/db.json"
domain: "dyn.example.org"
# configure the Graphite backend to be used instead of proctitle
graphite:
host: localhost # defaults for host and port of a carbon server
port: 2003
prefix: "my.graphite.metrics.naming.structure.dyndnsd"
# configure the updater, here we use command_with_bind_zone, params are updater-specific
updater:
name: "command_with_bind_zone"
params:
zone_file: "dyn.zone"
command: "echo 'Hello'"
ttl: "5m"
dns: "dns.example.org."
email_addr: "admin.example.org."
# user database with hostnames a user is allowed to update
users:
# 'foo' is username, 'secret' the password
foo:
password: "secret"
hosts:
- foo.example.org
- bar.example.org
test:
password: "ihavenohosts"
```
### Tracing (experimental)
For tracing dyndnsd.rb is instrumented using the [OpenTracing](http://opentracing.io/) framework and will emit span tracing data for the most important operations happening during the request/response cycle. Using a middleware for Rack allows handling incoming OpenTracing span information properly.
Currently only one OpenTracing-compatible tracer implementation named [CNCF Jaeger](https://github.com/jaegertracing/jaeger) can be configured to use with dyndnsd.rb.
```yaml
host: "0.0.0.0"
port: "8245" # the DynDNS.com alternative HTTP port
db: "/opt/dyndnsd/db.json"
domain: "dyn.example.org"
# enable and configure tracing using the (currently only) tracer jaeger
tracing:
trust_incoming_span: false # default value, change to accept incoming OpenTracing spans as parents
jaeger:
host: 127.0.0.1 # defaults for host and port of local jaeger-agent
port: 6831
service_name: "my.dyndnsd.identifier"
# configure the updater, here we use command_with_bind_zone, params are updater-specific
updater:
name: "command_with_bind_zone"
params:
zone_file: "dyn.zone"
command: "echo 'Hello'"
ttl: "5m"
dns: "dns.example.org."
email_addr: "admin.example.org."
# user database with hostnames a user is allowed to update
users:
# 'foo' is username, 'secret' the password
foo:
password: "secret"
hosts:
- foo.example.org
- bar.example.org
test:
password: "ihavenohosts"
```
2013-04-27 14:07:14 +02:00
## License
dyndnsd.rb is licensed under the Apache License, Version 2.0. See LICENSE for more information.