Add documentation
This commit is contained in:
parent
34f98de61d
commit
ca6c9a061c
|
@ -1 +0,0 @@
|
|||
DYN_ROOT_ZONE=
|
|
@ -2,3 +2,5 @@
|
|||
**/*.rs.bk
|
||||
ns_tests/*.key
|
||||
ns_tests/*
|
||||
.DS_Store
|
||||
bash
|
||||
|
|
38
README.md
38
README.md
|
@ -1,31 +1,33 @@
|
|||
# peach-dyndns-host
|
||||
|
||||
a dynamic DNS server to host the names of guests with changing IP addresses. provides an http API
|
||||
for updating bind9 configurations.
|
||||
a dynamic DNS server to host the names of guests with changing IP addresses
|
||||
by providing an http API for updating bind9 configurations.
|
||||
|
||||
_work in progress_
|
||||
|
||||
## demo
|
||||
## setup
|
||||
|
||||
```shell
|
||||
git clone git@github.com:peachcloud/peach-dyndns-host
|
||||
cd peach-dyndns-host
|
||||
cargo run -- -vvv # DEBUG log verbosity
|
||||
The code in this repo assumes the existence of an installed and running bind9 server on the same
|
||||
server as is running peach-dyndns-server. Documentation for setting up bind9 can be found [here](docs/setup-bind-for-peach-dyndns.md).
|
||||
|
||||
The peach-dyndns-server code can be compiled with
|
||||
```
|
||||
cargo build --release
|
||||
```
|
||||
|
||||
in another terminal
|
||||
## run
|
||||
|
||||
```shell
|
||||
nslookup blue.dyn.peachcloud.org ns.peachcloud.org
|
||||
```
|
||||
sudo su peach-dyndns; ./target/release/main -vv
|
||||
```
|
||||
|
||||
or
|
||||
## test
|
||||
|
||||
```shell
|
||||
curl http://localhost:3000
|
||||
test peach-dyndns server is running,
|
||||
```
|
||||
curl http://localhost:8000
|
||||
```
|
||||
|
||||
|
||||
## testing
|
||||
|
||||
contains bash scripts for testing and debugging dynamic dns server behavior using nslookup
|
||||
test peach-bind9 is running,
|
||||
```
|
||||
nslookup blue.dyn.peachcloud.org ns.peachcloud.org
|
||||
```
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
# For each subdomain,
|
||||
# - generate a new ddns key (tsig-keygen -a hmac-md5 {{subdomain}}.dyn.commoninternet.net) and append it to /etc/bind/dyn.commoninternet.net.keys
|
||||
# - add a zone section to /etc/bind/named.conf.local, associating the key with the subdomain
|
||||
# - add a minimal zone file to /var/lib/bind/subdomain.dyn.commoninternet.net
|
||||
# - reload bind and return the secret key to the client
|
||||
|
||||
SUBDOMAIN=$1
|
||||
BASE_DOMAIN=dyn.commoninternet.net
|
||||
FULL_DOMAIN="${SUBDOMAIN}.${BASE_DOMAIN}"
|
||||
echo "[generating zone for ${FULL_DOMAIN}]"
|
||||
|
||||
tsig-keygen -a hmac-md5 {{subdomain}}.dyn.commoninternet.net
|
16
bash/ns1.sh
16
bash/ns1.sh
|
@ -1,16 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
MYIP="1.1.1.9"
|
||||
|
||||
KEY=ddns.key
|
||||
NS=ns.commoninternet.net
|
||||
DOMAIN=test2.time.commoninternet.net.
|
||||
ZONE=time.commoninternet.net
|
||||
|
||||
nsupdate -k $KEY -v << EOF
|
||||
server $NS
|
||||
zone $ZONE
|
||||
update delete $DOMAIN A
|
||||
update add $DOMAIN 30 A $MYIP
|
||||
send
|
||||
EOF
|
|
@ -1,37 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
ECHO=$(which echo)
|
||||
NSUPDATE=$(which nsupdate)
|
||||
|
||||
# Set the DNS entry you want to update, please notice the final dot.
|
||||
HOST="test.dyn.commoninternet.net"
|
||||
|
||||
# Set the key provided by your DNS administrator
|
||||
KEY="/etc/named/Kmydomain.com.+157+19553.key"
|
||||
|
||||
# Set the DNS server name or IP
|
||||
#SERVER="dyn.local:12323"
|
||||
SERVER="dyn.local 12323"
|
||||
|
||||
# Set the zone to modify, it can be any zone previous key has permissions to modify
|
||||
ZONE="dyn.commoninternet.net"
|
||||
|
||||
# Get your public IP address in the quickest and fanciest
|
||||
# way to if you have bind-tools installed
|
||||
#IP=`dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2}'`
|
||||
#OLDIP=`dig $HOST +short @8.8.8.8`
|
||||
IP="1.1.1.9"
|
||||
OLDIP="0.0.0.0"
|
||||
|
||||
if [ "$IP" != "$OLDIP" ];
|
||||
then
|
||||
$ECHO "server $SERVER" > /tmp/nsupdate
|
||||
$ECHO "debug yes" >> /tmp/nsupdate
|
||||
$ECHO "zone $ZONE" >> /tmp/nsupdate
|
||||
# $ECHO "update delete $HOST" >> /tmp/nsupdate
|
||||
$ECHO "update add $HOST 600 A $IP" >> /tmp/nsupdate
|
||||
$ECHO "send" >> /tmp/nsupdate
|
||||
else
|
||||
$ECHO "No update needed, exiting..."
|
||||
fi
|
||||
$NSUPDATE -k ${KEY} -v /tmp/nsupdate
|
|
@ -1,17 +0,0 @@
|
|||
|
||||
|
||||
The following goes into `/etc/sudoers.d/bindctl` to enable peach-dyndns to reload bind.
|
||||
```
|
||||
#
|
||||
# Allow server to reload bind
|
||||
#
|
||||
|
||||
# User alias for bind-ctl which can reload bind
|
||||
User_Alias BIND_CTRL = peach-dynds
|
||||
|
||||
# Command alias for reboot and shutdown
|
||||
Cmnd_Alias RELOADBIND = /bin/reloadbind
|
||||
|
||||
# Allow BIND_CTRL users to execute RELOADBIND command without password
|
||||
BIND_CTRL ALL=(ALL) NOPASSWD: RELOADBIND
|
||||
```
|
|
@ -1,4 +1,5 @@
|
|||
|
||||
This file contains notes which may be relevant for setting up bind,
|
||||
and are not directly necessary for running the code in this repository.
|
||||
|
||||
|
||||
Add the following to /etc/bind/named.conf.local:
|
|
@ -1,4 +1,5 @@
|
|||
|
||||
This file contains notes which may be relevant for setting up bind,
|
||||
and are not directly necessary for running the code in this repository.
|
||||
|
||||
|
||||
Add the following to /etc/bind/named.conf.local:
|
|
@ -0,0 +1,40 @@
|
|||
The code in this repository assumes that a bind9 is installed and running on the same server as the peach-dyndns server.
|
||||
The configuration of this bind9 server could be automated, but for now it is just done manually,
|
||||
with documentation of the server configuration here.
|
||||
|
||||
|
||||
1. Sudoers File
|
||||
The following goes into `/etc/sudoers.d/bindctl` to enable peach-dyndns to reload bind.
|
||||
```
|
||||
#
|
||||
# Allow server to reload bind
|
||||
#
|
||||
|
||||
# User alias for bind-ctl which can reload bind
|
||||
User_Alias BIND_CTRL = peach-dynds
|
||||
|
||||
# Command alias for reboot and shutdown
|
||||
Cmnd_Alias RELOADBIND = /bin/reloadbind
|
||||
|
||||
# Allow BIND_CTRL users to execute RELOADBIND command without password
|
||||
BIND_CTRL ALL=(ALL) NOPASSWD: RELOADBIND
|
||||
```
|
||||
|
||||
2. /bin/reloadbind
|
||||
/bin/reloadbind is a script with the following content:
|
||||
```
|
||||
/bin/systemctl reload bind9
|
||||
```
|
||||
|
||||
3. creation of peach-dyndns user, who also belongs to bind group
|
||||
|
||||
|
||||
4. bind9 configuration
|
||||
```apt-get install bind9```
|
||||
|
||||
peach-dyndns then dynamically configures:
|
||||
/etc/bind/named.conf.local
|
||||
/etc/bind/peach-dyndns.keys
|
||||
/var/lib/bind/*
|
||||
|
||||
All the files in /etc/bind and /var/lib/bind should have permissions as root:bind.
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
MYIP="1.1.1.55"
|
||||
|
||||
KEY=green.dyn.commoninternet.net.key
|
||||
NS=ns.commoninternet.net
|
||||
DOMAIN=gray.dyn.commoninternet.net.
|
||||
ZONE=gray.dyn.commoninternet.net
|
||||
|
||||
nsupdate -k $KEY -v << EOF
|
||||
server $NS
|
||||
zone $ZONE
|
||||
update delete $DOMAIN A
|
||||
update add $DOMAIN 30 A $MYIP
|
||||
send
|
||||
EOF
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
MYIP="1.1.1.44"
|
||||
|
||||
KEY=green.dyn.commoninternet.net.key
|
||||
NS=ns.commoninternet.net
|
||||
DOMAIN=green.dyn.commoninternet.net.
|
||||
ZONE=green.dyn.commoninternet.net
|
||||
|
||||
nsupdate -k $KEY -v << EOF
|
||||
server $NS
|
||||
zone $ZONE
|
||||
update delete $DOMAIN A
|
||||
update add $DOMAIN 30 A $MYIP
|
||||
send
|
||||
EOF
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
MYIP="1.1.1.11"
|
||||
|
||||
KEY=ddns.key
|
||||
NS=ns.commoninternet.net
|
||||
DOMAIN=orange.time.commoninternet.net.
|
||||
ZONE=time.commoninternet.net
|
||||
|
||||
nsupdate -k $KEY -v << EOF
|
||||
server $NS
|
||||
zone $ZONE
|
||||
update delete $DOMAIN A
|
||||
update add $DOMAIN 30 A $MYIP
|
||||
send
|
||||
EOF
|
Loading…
Reference in New Issue