Add documentation
This commit is contained in:
parent
34f98de61d
commit
ca6c9a061c
|
@ -1 +0,0 @@
|
||||||
DYN_ROOT_ZONE=
|
|
|
@ -2,3 +2,5 @@
|
||||||
**/*.rs.bk
|
**/*.rs.bk
|
||||||
ns_tests/*.key
|
ns_tests/*.key
|
||||||
ns_tests/*
|
ns_tests/*
|
||||||
|
.DS_Store
|
||||||
|
bash
|
||||||
|
|
38
README.md
38
README.md
|
@ -1,31 +1,33 @@
|
||||||
# peach-dyndns-host
|
# peach-dyndns-host
|
||||||
|
|
||||||
a dynamic DNS server to host the names of guests with changing IP addresses. provides an http API
|
a dynamic DNS server to host the names of guests with changing IP addresses
|
||||||
for updating bind9 configurations.
|
by providing an http API for updating bind9 configurations.
|
||||||
|
|
||||||
_work in progress_
|
|
||||||
|
|
||||||
## demo
|
## setup
|
||||||
|
|
||||||
```shell
|
The code in this repo assumes the existence of an installed and running bind9 server on the same
|
||||||
git clone git@github.com:peachcloud/peach-dyndns-host
|
server as is running peach-dyndns-server. Documentation for setting up bind9 can be found [here](docs/setup-bind-for-peach-dyndns.md).
|
||||||
cd peach-dyndns-host
|
|
||||||
cargo run -- -vvv # DEBUG log verbosity
|
The peach-dyndns-server code can be compiled with
|
||||||
|
```
|
||||||
|
cargo build --release
|
||||||
```
|
```
|
||||||
|
|
||||||
in another terminal
|
## run
|
||||||
|
|
||||||
```shell
|
```
|
||||||
nslookup blue.dyn.peachcloud.org ns.peachcloud.org
|
sudo su peach-dyndns; ./target/release/main -vv
|
||||||
```
|
```
|
||||||
|
|
||||||
or
|
## test
|
||||||
|
|
||||||
```shell
|
test peach-dyndns server is running,
|
||||||
curl http://localhost:3000
|
```
|
||||||
|
curl http://localhost:8000
|
||||||
```
|
```
|
||||||
|
|
||||||
|
test peach-bind9 is running,
|
||||||
## testing
|
```
|
||||||
|
nslookup blue.dyn.peachcloud.org ns.peachcloud.org
|
||||||
contains bash scripts for testing and debugging dynamic dns server behavior using nslookup
|
```
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
# For each subdomain,
|
|
||||||
# - generate a new ddns key (tsig-keygen -a hmac-md5 {{subdomain}}.dyn.commoninternet.net) and append it to /etc/bind/dyn.commoninternet.net.keys
|
|
||||||
# - add a zone section to /etc/bind/named.conf.local, associating the key with the subdomain
|
|
||||||
# - add a minimal zone file to /var/lib/bind/subdomain.dyn.commoninternet.net
|
|
||||||
# - reload bind and return the secret key to the client
|
|
||||||
|
|
||||||
SUBDOMAIN=$1
|
|
||||||
BASE_DOMAIN=dyn.commoninternet.net
|
|
||||||
FULL_DOMAIN="${SUBDOMAIN}.${BASE_DOMAIN}"
|
|
||||||
echo "[generating zone for ${FULL_DOMAIN}]"
|
|
||||||
|
|
||||||
tsig-keygen -a hmac-md5 {{subdomain}}.dyn.commoninternet.net
|
|
16
bash/ns1.sh
16
bash/ns1.sh
|
@ -1,16 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
MYIP="1.1.1.9"
|
|
||||||
|
|
||||||
KEY=ddns.key
|
|
||||||
NS=ns.commoninternet.net
|
|
||||||
DOMAIN=test2.time.commoninternet.net.
|
|
||||||
ZONE=time.commoninternet.net
|
|
||||||
|
|
||||||
nsupdate -k $KEY -v << EOF
|
|
||||||
server $NS
|
|
||||||
zone $ZONE
|
|
||||||
update delete $DOMAIN A
|
|
||||||
update add $DOMAIN 30 A $MYIP
|
|
||||||
send
|
|
||||||
EOF
|
|
|
@ -1,37 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
ECHO=$(which echo)
|
|
||||||
NSUPDATE=$(which nsupdate)
|
|
||||||
|
|
||||||
# Set the DNS entry you want to update, please notice the final dot.
|
|
||||||
HOST="test.dyn.commoninternet.net"
|
|
||||||
|
|
||||||
# Set the key provided by your DNS administrator
|
|
||||||
KEY="/etc/named/Kmydomain.com.+157+19553.key"
|
|
||||||
|
|
||||||
# Set the DNS server name or IP
|
|
||||||
#SERVER="dyn.local:12323"
|
|
||||||
SERVER="dyn.local 12323"
|
|
||||||
|
|
||||||
# Set the zone to modify, it can be any zone previous key has permissions to modify
|
|
||||||
ZONE="dyn.commoninternet.net"
|
|
||||||
|
|
||||||
# Get your public IP address in the quickest and fanciest
|
|
||||||
# way to if you have bind-tools installed
|
|
||||||
#IP=`dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2}'`
|
|
||||||
#OLDIP=`dig $HOST +short @8.8.8.8`
|
|
||||||
IP="1.1.1.9"
|
|
||||||
OLDIP="0.0.0.0"
|
|
||||||
|
|
||||||
if [ "$IP" != "$OLDIP" ];
|
|
||||||
then
|
|
||||||
$ECHO "server $SERVER" > /tmp/nsupdate
|
|
||||||
$ECHO "debug yes" >> /tmp/nsupdate
|
|
||||||
$ECHO "zone $ZONE" >> /tmp/nsupdate
|
|
||||||
# $ECHO "update delete $HOST" >> /tmp/nsupdate
|
|
||||||
$ECHO "update add $HOST 600 A $IP" >> /tmp/nsupdate
|
|
||||||
$ECHO "send" >> /tmp/nsupdate
|
|
||||||
else
|
|
||||||
$ECHO "No update needed, exiting..."
|
|
||||||
fi
|
|
||||||
$NSUPDATE -k ${KEY} -v /tmp/nsupdate
|
|
|
@ -1,17 +0,0 @@
|
||||||
|
|
||||||
|
|
||||||
The following goes into `/etc/sudoers.d/bindctl` to enable peach-dyndns to reload bind.
|
|
||||||
```
|
|
||||||
#
|
|
||||||
# Allow server to reload bind
|
|
||||||
#
|
|
||||||
|
|
||||||
# User alias for bind-ctl which can reload bind
|
|
||||||
User_Alias BIND_CTRL = peach-dynds
|
|
||||||
|
|
||||||
# Command alias for reboot and shutdown
|
|
||||||
Cmnd_Alias RELOADBIND = /bin/reloadbind
|
|
||||||
|
|
||||||
# Allow BIND_CTRL users to execute RELOADBIND command without password
|
|
||||||
BIND_CTRL ALL=(ALL) NOPASSWD: RELOADBIND
|
|
||||||
```
|
|
|
@ -1,4 +1,5 @@
|
||||||
|
This file contains notes which may be relevant for setting up bind,
|
||||||
|
and are not directly necessary for running the code in this repository.
|
||||||
|
|
||||||
|
|
||||||
Add the following to /etc/bind/named.conf.local:
|
Add the following to /etc/bind/named.conf.local:
|
|
@ -1,4 +1,5 @@
|
||||||
|
This file contains notes which may be relevant for setting up bind,
|
||||||
|
and are not directly necessary for running the code in this repository.
|
||||||
|
|
||||||
|
|
||||||
Add the following to /etc/bind/named.conf.local:
|
Add the following to /etc/bind/named.conf.local:
|
|
@ -0,0 +1,40 @@
|
||||||
|
The code in this repository assumes that a bind9 is installed and running on the same server as the peach-dyndns server.
|
||||||
|
The configuration of this bind9 server could be automated, but for now it is just done manually,
|
||||||
|
with documentation of the server configuration here.
|
||||||
|
|
||||||
|
|
||||||
|
1. Sudoers File
|
||||||
|
The following goes into `/etc/sudoers.d/bindctl` to enable peach-dyndns to reload bind.
|
||||||
|
```
|
||||||
|
#
|
||||||
|
# Allow server to reload bind
|
||||||
|
#
|
||||||
|
|
||||||
|
# User alias for bind-ctl which can reload bind
|
||||||
|
User_Alias BIND_CTRL = peach-dynds
|
||||||
|
|
||||||
|
# Command alias for reboot and shutdown
|
||||||
|
Cmnd_Alias RELOADBIND = /bin/reloadbind
|
||||||
|
|
||||||
|
# Allow BIND_CTRL users to execute RELOADBIND command without password
|
||||||
|
BIND_CTRL ALL=(ALL) NOPASSWD: RELOADBIND
|
||||||
|
```
|
||||||
|
|
||||||
|
2. /bin/reloadbind
|
||||||
|
/bin/reloadbind is a script with the following content:
|
||||||
|
```
|
||||||
|
/bin/systemctl reload bind9
|
||||||
|
```
|
||||||
|
|
||||||
|
3. creation of peach-dyndns user, who also belongs to bind group
|
||||||
|
|
||||||
|
|
||||||
|
4. bind9 configuration
|
||||||
|
```apt-get install bind9```
|
||||||
|
|
||||||
|
peach-dyndns then dynamically configures:
|
||||||
|
/etc/bind/named.conf.local
|
||||||
|
/etc/bind/peach-dyndns.keys
|
||||||
|
/var/lib/bind/*
|
||||||
|
|
||||||
|
All the files in /etc/bind and /var/lib/bind should have permissions as root:bind.
|
|
@ -1,16 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
MYIP="1.1.1.55"
|
|
||||||
|
|
||||||
KEY=green.dyn.commoninternet.net.key
|
|
||||||
NS=ns.commoninternet.net
|
|
||||||
DOMAIN=gray.dyn.commoninternet.net.
|
|
||||||
ZONE=gray.dyn.commoninternet.net
|
|
||||||
|
|
||||||
nsupdate -k $KEY -v << EOF
|
|
||||||
server $NS
|
|
||||||
zone $ZONE
|
|
||||||
update delete $DOMAIN A
|
|
||||||
update add $DOMAIN 30 A $MYIP
|
|
||||||
send
|
|
||||||
EOF
|
|
|
@ -1,16 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
MYIP="1.1.1.44"
|
|
||||||
|
|
||||||
KEY=green.dyn.commoninternet.net.key
|
|
||||||
NS=ns.commoninternet.net
|
|
||||||
DOMAIN=green.dyn.commoninternet.net.
|
|
||||||
ZONE=green.dyn.commoninternet.net
|
|
||||||
|
|
||||||
nsupdate -k $KEY -v << EOF
|
|
||||||
server $NS
|
|
||||||
zone $ZONE
|
|
||||||
update delete $DOMAIN A
|
|
||||||
update add $DOMAIN 30 A $MYIP
|
|
||||||
send
|
|
||||||
EOF
|
|
|
@ -1,16 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
MYIP="1.1.1.11"
|
|
||||||
|
|
||||||
KEY=ddns.key
|
|
||||||
NS=ns.commoninternet.net
|
|
||||||
DOMAIN=orange.time.commoninternet.net.
|
|
||||||
ZONE=time.commoninternet.net
|
|
||||||
|
|
||||||
nsupdate -k $KEY -v << EOF
|
|
||||||
server $NS
|
|
||||||
zone $ZONE
|
|
||||||
update delete $DOMAIN A
|
|
||||||
update add $DOMAIN 30 A $MYIP
|
|
||||||
send
|
|
||||||
EOF
|
|
Loading…
Reference in New Issue