- Shell 100%
|
|
||
|---|---|---|
| LICENSE | ||
| README.md | ||
| updatedns.sh | ||
A simple bash script to grab either an IPv4 or IPv6 external address and update an A/AAAA DNS record to a DNS server using RFC 2136.
This script does make a curl call to the domain ifconfig.co for external IP discovery. I am not affiliated with them in any way; it's an open source project that returns a result I made this script to expect. This is so running an HTTP/HTTPS stack is not required but can easily be self-hosted with a HTTP 200 return of remote_addr. See below for an nginx example. Be sure to change the CHECKURL variable in the do_setvars() function accordingly.
Requirements
This requires the following packages that may not be previously installed:
dig, curl, base64 (for change alert emails), nsupdate (bind-utils/sambda-nsupdate)
Usage
At a minimum, edit the script and change the following variables at the top of the file:
TSIGKEY="/path/to/dns-tsig.key" # tsig-keygen -a hmac-sha512 ddnsupdatekey
DIGHOST="9.9.9.9" # DNS server to use when checking the current DNS record
DNSZONE="name.tld." # DNS zone expecting the DDNS update. Varies depending on DNS server configuration.
NSUPDATESERVER="ns.name.tld|x.x.x.x" # DNS server to send the record update request to
Usage: update.sh [A | AAAA] host.to.update.tld
Example IPv4: update.sh A dynamic.host.my.domain
Example IPv6: update.sh AAAA dynamic.host.my.domain
There is currently no syntax checking!
Change alert emails
This script can send a simple record change summary email-
From: alerts@domain.tld
Subj: Updated [A] DNS record for dyn.domain.tld
Dynamic DNS record for dyn.domain.tld have been updated! Below is a summary of the change-
Domain: dyn.domain.tld
Record type: A
Old record: 1.2.3.4
New record: 4.3.2.1
To enable these, change the following variables at the start of the script-
EMAILENABLED=1 # Enable sending email function after a record change
SMTPUSER # Username for SMTP authentication
SMTPPASSWORD # Password for SMTP authentication
SMTPSERVER # Server to use for SMTP. Must support StartTLS on 587.
MAILFROM # Address to use as the From address. Since most servers will not allow spoofing, this will end up being SMTPUSER.
MAILTO # Email address(es) to send alerts to
DNS server configuration examples
Example for KnotDNS 3.x-
...
key:
- id: ddnsupdatekey
algorithm: hmac-sha512
secret: w==
...
acl:
- id: ddnsupdate
key: ddnsupdatekey.
action: update
update-type: [A, AAAA]
...
zone:
- domain: domain.tld
...
acl: [..., ddnsupdate, ...]
...
Example for BIND 9.x-
...
key "ddnsupdatekey" {
algorithm hmac-sha256;
secret w==;
};
zone "domain.tld" {
...
allow-update {
key ddnsupdatekey;
};
...
}
...
Web server configuration examples
nginx-
server {
...
location / {
default_type text/plain;
return 200 "$remote_addr";
}
...
}