Add documentation

2021-05-19 11:03:16 +02:00 · 2021-05-19 11:03:16 +02:00 · ca6c9a061c
parent 34f98de61d
commit ca6c9a061c
13 changed files with 66 additions and 151 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1 +0,0 @@
-DYN_ROOT_ZONE=
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,5 @@
 **/*.rs.bk
 ns_tests/*.key
 ns_tests/*
+.DS_Store
+bash
--- a/README.md
+++ b/README.md
@ -1,31 +1,33 @@
 # peach-dyndns-host

-a dynamic DNS server to host the names of guests with changing IP addresses. provides an http API 
-for updating bind9 configurations. 
+a dynamic DNS server to host the names of guests with changing IP addresses
+by providing an http API for updating bind9 configurations. 

-_work in progress_

-## demo
+## setup 

-```shell
-git clone git@github.com:peachcloud/peach-dyndns-host
-cd peach-dyndns-host
-cargo run -- -vvv # DEBUG log verbosity
+The code in this repo assumes the existence of an installed and running bind9 server on the same 
+server as is running peach-dyndns-server. Documentation for setting up bind9 can be found [here](docs/setup-bind-for-peach-dyndns.md).
+
+The peach-dyndns-server code can be compiled with
+```
+cargo build --release
 ```

-in another terminal
+## run

-```shell
-nslookup blue.dyn.peachcloud.org ns.peachcloud.org 
+```
+sudo su peach-dyndns; ./target/release/main -vv
 ```

-or
+## test

-```shell
-curl http://localhost:3000
+test peach-dyndns server is running,
+```
+curl http://localhost:8000
 ```

-
-## testing
-
-contains bash scripts for testing and debugging dynamic dns server behavior using nslookup
+test peach-bind9 is running,
+```
+nslookup blue.dyn.peachcloud.org ns.peachcloud.org
+```
--- a/bash/create_subdomain.sh
+++ b/bash/create_subdomain.sh
@ -1,12 +0,0 @@
-# For each subdomain,
-# - generate a new ddns key (tsig-keygen -a hmac-md5 {{subdomain}}.dyn.commoninternet.net) and append it to /etc/bind/dyn.commoninternet.net.keys
-# - add a zone section to /etc/bind/named.conf.local, associating the key with the subdomain
-# - add a minimal zone file to /var/lib/bind/subdomain.dyn.commoninternet.net
-# - reload bind and return the secret key to the client
-
-SUBDOMAIN=$1
-BASE_DOMAIN=dyn.commoninternet.net
-FULL_DOMAIN="${SUBDOMAIN}.${BASE_DOMAIN}"
-echo "[generating zone for ${FULL_DOMAIN}]"
-
-tsig-keygen -a hmac-md5 {{subdomain}}.dyn.commoninternet.net
--- a/bash/ns1.sh
+++ b/bash/ns1.sh
@ -1,16 +0,0 @@
-#!/bin/bash
-
-MYIP="1.1.1.9"
-
-KEY=ddns.key
-NS=ns.commoninternet.net
-DOMAIN=test2.time.commoninternet.net.
-ZONE=time.commoninternet.net
-
-nsupdate -k $KEY -v << EOF
-server $NS
-zone $ZONE
-update delete $DOMAIN A
-update add $DOMAIN 30 A $MYIP
-send
-EOF
--- a/bash/nsupdate.sh
+++ b/bash/nsupdate.sh
@ -1,37 +0,0 @@
-#!/usr/bin/env bash
-
-ECHO=$(which echo)
-NSUPDATE=$(which nsupdate)
-
-# Set the DNS entry you want to update, please notice the final dot.
-HOST="test.dyn.commoninternet.net"
-
-# Set the key provided by your DNS administrator
-KEY="/etc/named/Kmydomain.com.+157+19553.key"
-
-# Set the DNS server name or IP
-#SERVER="dyn.local:12323"
-SERVER="dyn.local 12323"
-
-# Set the zone to modify, it can be any zone previous key has permissions to modify
-ZONE="dyn.commoninternet.net"
-
-# Get your public IP address in the quickest and fanciest
-# way to if you have bind-tools installed
-#IP=`dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2}'`
-#OLDIP=`dig $HOST +short @8.8.8.8`
-IP="1.1.1.9"
-OLDIP="0.0.0.0"
-
-if [ "$IP" != "$OLDIP" ];
-then
-    $ECHO "server $SERVER" > /tmp/nsupdate
-    $ECHO "debug yes" >> /tmp/nsupdate
-    $ECHO "zone $ZONE" >> /tmp/nsupdate
-#    $ECHO "update delete $HOST" >> /tmp/nsupdate
-    $ECHO "update add $HOST 600 A $IP" >> /tmp/nsupdate
-    $ECHO "send" >> /tmp/nsupdate
-else
-    $ECHO "No update needed, exiting..."
-fi
-$NSUPDATE -k ${KEY} -v /tmp/nsupdate
--- a/bind_config/setup.md
+++ b/bind_config/setup.md
@ -1,17 +0,0 @@
-
-
-The following goes into `/etc/sudoers.d/bindctl` to enable peach-dyndns to reload bind. 
-```
-#
-# Allow server to reload bind
-#
-
-# User alias for bind-ctl which can reload bind
-User_Alias  BIND_CTRL = peach-dynds
-
-# Command alias for reboot and shutdown
-Cmnd_Alias  RELOADBIND = /bin/reloadbind
-
-# Allow BIND_CTRL users to execute RELOADBIND command without password
-BIND_CTRL  ALL=(ALL) NOPASSWD: RELOADBIND
-```
--- a/bind_config/setting-up-bind-specific-subdomain.md
+++ b/bind_config/setting-up-bind-specific-subdomain.md
@ -1,4 +1,5 @@
-
+This file contains notes which may be relevant for setting up bind, 
+and are not directly necessary for running the code in this repository.


 Add the following to /etc/bind/named.conf.local:
--- a/bind_config/setting-up-bind-with-wildcard-subdomain.md
+++ b/bind_config/setting-up-bind-with-wildcard-subdomain.md
@ -1,4 +1,5 @@
-
+This file contains notes which may be relevant for setting up bind, 
+and are not directly necessary for running the code in this repository.


 Add the following to /etc/bind/named.conf.local:
--- a/docs/setup-bind-for-peach-dyndns.md
+++ b/docs/setup-bind-for-peach-dyndns.md
@ -0,0 +1,40 @@
+The code in this repository assumes that a bind9 is installed and running on the same server as the peach-dyndns server. 
+The configuration of this bind9 server could be automated, but for now it is just done manually,
+with documentation of the server configuration here. 
+
+
+1. Sudoers File
+The following goes into `/etc/sudoers.d/bindctl` to enable peach-dyndns to reload bind. 
+```
+#
+# Allow server to reload bind
+#
+
+# User alias for bind-ctl which can reload bind
+User_Alias  BIND_CTRL = peach-dynds
+
+# Command alias for reboot and shutdown
+Cmnd_Alias  RELOADBIND = /bin/reloadbind
+
+# Allow BIND_CTRL users to execute RELOADBIND command without password
+BIND_CTRL  ALL=(ALL) NOPASSWD: RELOADBIND
+```
+
+2. /bin/reloadbind
+/bin/reloadbind is a script with the following content:
+```
+/bin/systemctl reload bind9
+```
+
+3. creation of peach-dyndns user, who also belongs to bind group
+
+
+4. bind9 configuration
+```apt-get install bind9```
+
+peach-dyndns then dynamically configures:
+/etc/bind/named.conf.local
+/etc/bind/peach-dyndns.keys
+/var/lib/bind/*
+
+All the files in /etc/bind and /var/lib/bind should have permissions as root:bind.
--- a/ns_tests/grayns.sh
+++ b/ns_tests/grayns.sh
@ -1,16 +0,0 @@
-#!/bin/bash
-
-MYIP="1.1.1.55"
-
-KEY=green.dyn.commoninternet.net.key
-NS=ns.commoninternet.net
-DOMAIN=gray.dyn.commoninternet.net.
-ZONE=gray.dyn.commoninternet.net
-
-nsupdate -k $KEY -v << EOF
-server $NS
-zone $ZONE
-update delete $DOMAIN A
-update add $DOMAIN 30 A $MYIP
-send
-EOF
--- a/ns_tests/greenns.sh
+++ b/ns_tests/greenns.sh
@ -1,16 +0,0 @@
-#!/bin/bash
-
-MYIP="1.1.1.44"
-
-KEY=green.dyn.commoninternet.net.key
-NS=ns.commoninternet.net
-DOMAIN=green.dyn.commoninternet.net.
-ZONE=green.dyn.commoninternet.net
-
-nsupdate -k $KEY -v << EOF
-server $NS
-zone $ZONE
-update delete $DOMAIN A
-update add $DOMAIN 30 A $MYIP
-send
-EOF
--- a/ns_tests/ns1.sh
+++ b/ns_tests/ns1.sh
@ -1,16 +0,0 @@
-#!/bin/bash
-
-MYIP="1.1.1.11"
-
-KEY=ddns.key
-NS=ns.commoninternet.net
-DOMAIN=orange.time.commoninternet.net.
-ZONE=time.commoninternet.net
-
-nsupdate -k $KEY -v << EOF
-server $NS
-zone $ZONE
-update delete $DOMAIN A
-update add $DOMAIN 30 A $MYIP
-send
-EOF