From 465c7447f32f5f1592e39c0cba5f2d79b954f2d1 Mon Sep 17 00:00:00 2001 From: niiwiicamo Date: Tue, 23 Jul 2024 16:07:21 +0200 Subject: [PATCH 1/5] moved nginx into php dockerfile, start not automatic yet --- Dockerfile | 11 ++++++++ data/update.php | 41 ++++++++++++++++++++++++++++++ nginx/default.conf => default.conf | 2 +- nginx/Dockerfile | 7 ----- php/Dockerfile | 4 --- 5 files changed, 53 insertions(+), 12 deletions(-) create mode 100644 Dockerfile rename nginx/default.conf => default.conf (89%) delete mode 100644 nginx/Dockerfile delete mode 100644 php/Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..5060c46 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,11 @@ +FROM php:fpm-alpine +RUN apk add --no-cache nginx libxml2-dev \ + && docker-php-ext-install soap \ + && mkdir -p /var/www/html/src +COPY ./default.conf /etc/nginx/http.d/default.conf +COPY ./data/src/ /var/www/html/src +COPY ./data/update.php /var/www/html +COPY ./data/.env.dist /var/www/html/.env +VOLUME /var/www/html +WORKDIR /var/www/html +EXPOSE 80 \ No newline at end of file diff --git a/data/update.php b/data/update.php index 24bac06..238bd24 100755 --- a/data/update.php +++ b/data/update.php @@ -17,4 +17,45 @@ if (!file_exists('.env')) { $config = parse_ini_file('.env', false, INI_SCANNER_TYPED); +if (getenv('DDNS_USER') !== false) { + $config['username'] = getenv('DDNS_USER'); +} +if (getenv('DDNS_PASS') !== false) { + $config['password'] = getenv('DDNS_PASS'); +} +if (getenv('NETCUP_APIKEY') !== false) { + $config['apiKey'] = getenv('NETCUP_APIKEY'); +} +if (getenv('NETCUP_APIPASS') !== false) { + $config['apiPassword'] = getenv('NETCUP_APIPASS'); +} +if (getenv('NETCUP_CUSTOMERID') !== false) { + $config['customerId'] = getenv('NETCUP_CUSTOMERID'); +} +if (getenv('DDNS_DEBUG') !== false) { + $config['debug'] = getenv('DDNS_DEBUG'); +} +if (getenv('DDNS_LOG') !== false) { + $config['log'] = getenv('DDNS_LOG'); +} +if (getenv('DDNS_LOGFILE') !== false) { + $config['logFile'] = getenv('DDNS_LOGFILE'); +} +if (getenv('DDNS_RETURNIP') !== false) { + $config['returnIp'] = getenv('DDNS_RETURNIP'); +} +if (getenv('DDNS_ALLOWCREATE') !== false) { + $config['allowCreate'] = getenv('DDNS_ALLOWCREATE'); +} +if (getenv('DDNS_RESTRICTDOMAIN') !== false) { + $config['restrictDomain'] = getenv('DDNS_RESTRICTDOMAIN'); +} +if (getenv('DDNS_FORCEDDOMAIN') !== false) { + $config['domain'] = getenv('DDNS_FORCEDDOMAIN'); +} +if (getenv('DDNS_FORCEDHOST') !== false) { + $config['host'] = getenv('DDNS_FORCEDHOST'); +} + +print_r ($config); (new netcup\DNS\API\Handler($config, $_REQUEST))->doRun(); diff --git a/nginx/default.conf b/default.conf similarity index 89% rename from nginx/default.conf rename to default.conf index 03ad75d..7a79ba2 100644 --- a/nginx/default.conf +++ b/default.conf @@ -6,7 +6,7 @@ server { } location ~ \.php$ { include fastcgi_params; - fastcgi_pass php:9000; + fastcgi_pass localhost:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; } diff --git a/nginx/Dockerfile b/nginx/Dockerfile deleted file mode 100644 index 7b2361d..0000000 --- a/nginx/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM nginx:alpine -RUN mkdir -p /var/www/html/src -COPY ./nginx/default.conf /etc/nginx/conf.d/ -COPY ./data/src/ /var/www/html/src -COPY ./data/update.php /var/www/html -COPY ./data/.env.dist /var/www/html/.env -VOLUME /var/www/html diff --git a/php/Dockerfile b/php/Dockerfile deleted file mode 100644 index 0462875..0000000 --- a/php/Dockerfile +++ /dev/null @@ -1,4 +0,0 @@ -FROM php:fpm-alpine -RUN apk add --no-cache libxml2-dev \ - && docker-php-ext-install soap -VOLUME /var/www/html \ No newline at end of file From 7fdc642a544f062c949ef01ff90fe4ec972ba69e Mon Sep 17 00:00:00 2001 From: niiwiicamo Date: Tue, 23 Jul 2024 16:36:38 +0200 Subject: [PATCH 2/5] rebased to serversideup image --- Dockerfile | 17 +++++++++-------- data/update.php | 1 - 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5060c46..b89bdab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,12 @@ -FROM php:fpm-alpine -RUN apk add --no-cache nginx libxml2-dev \ - && docker-php-ext-install soap \ - && mkdir -p /var/www/html/src -COPY ./default.conf /etc/nginx/http.d/default.conf -COPY ./data/src/ /var/www/html/src -COPY ./data/update.php /var/www/html -COPY ./data/.env.dist /var/www/html/.env +FROM serversideup/php:8.3-fpm-nginx-alpine +USER root +RUN mkdir -p /var/www/html/src &&\ + install-php-extensions soap +USER www-data +COPY --chown=www-data:www-data ./default.conf /etc/nginx/conf.d/default.conf +COPY --chown=www-data:www-data ./data/src/ /var/www/html/src +COPY --chown=www-data:www-data ./data/update.php /var/www/html +COPY --chown=www-data:www-data ./data/.env.dist /var/www/html/.env VOLUME /var/www/html WORKDIR /var/www/html EXPOSE 80 \ No newline at end of file diff --git a/data/update.php b/data/update.php index 238bd24..6f0cac7 100755 --- a/data/update.php +++ b/data/update.php @@ -57,5 +57,4 @@ if (getenv('DDNS_FORCEDHOST') !== false) { $config['host'] = getenv('DDNS_FORCEDHOST'); } -print_r ($config); (new netcup\DNS\API\Handler($config, $_REQUEST))->doRun(); From 9a71561ae63a81fb57aafef43a8543355abed800 Mon Sep 17 00:00:00 2001 From: niiwiicamo Date: Tue, 23 Jul 2024 17:56:50 +0200 Subject: [PATCH 3/5] cleanup --- .configure-endpoints.sh | 70 -------- .configure.sh | 265 ------------------------------- .htaccess.example | 4 - Dockerfile | 14 +- README.md | 35 +--- default.conf | 13 -- docker-compose.yml | 39 +++-- examples/multisite.md | 67 -------- examples/mydomain/.env.dist | 12 -- examples/mydomain/update.php | 20 --- examples/nginx-server-block.conf | 54 ------- examples/update-dyndns.sh | 26 --- 12 files changed, 28 insertions(+), 591 deletions(-) delete mode 100755 .configure-endpoints.sh delete mode 100755 .configure.sh delete mode 100644 .htaccess.example delete mode 100644 default.conf delete mode 100644 examples/multisite.md delete mode 100644 examples/mydomain/.env.dist delete mode 100755 examples/mydomain/update.php delete mode 100644 examples/nginx-server-block.conf delete mode 100755 examples/update-dyndns.sh diff --git a/.configure-endpoints.sh b/.configure-endpoints.sh deleted file mode 100755 index 5fdbc3e..0000000 --- a/.configure-endpoints.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash - -scriptversion="1.0" -srcfolder="src" -updatephp="update.php" -configuresh=".configure.sh" - -### banner -clear -echo "##############################################" -echo "### ownDynDNS multi-endpoint configuration ###" -echo "### script version $scriptversion ###" -echo "##############################################" -echo "" - -echo "This script will set up multiple endpoints within the same webspace.\ - That means you can use multiple sets of user credentials each with their own\ - permissions regarding which domains to update." -echo "" -echo "It is recommended you use the webroot of your desired webspace, although\ - you could place this directory structure anywhere you like, e.g. in a\ - subdirectory of your homepage like example.com/dyndns/[this tree] ." -echo "" -echo "This script assumes you have already downloaded the update.php script\ - and the src directory including its contents." -echo "" - -### set up dir variable for this script -dir=$(pwd) -while [ ! -d $dir/$srcfolder ] -do - echo "current directory does not contain ${srcfolder} !" - read -p "enter directory where ownDynDNS is located: " dir -done - -### set up user and group for permissions later -echo "This script will automatically set the necessary file permissions for\ - your webserver. This might be www-data:www-data, please check if you run\ - into any issues." -echo "" -read -p "enter the user the webserver is running as [www-data]: " wwwuserd -read -p "enter the group the webserver is running as [www-data]: " wwwgroupd -wwwuserd=${wwwuserd:-"www-data"} -wwwgroupd=${wwwgroupd:-"www-data"} - - -createEndpoint() { - local endpoint=$1 - mkdir $dir/$endpoint - cp $dir/$updatephp $dir/$endpoint - chmod +x $dir/$configuresh - $dir/$configuresh $dir/$endpoint - chown $wwwuserd:$wwwgroupd $dir/$endpoint/$updatephp - chmod 440 $dir/$endpoint/$updatephp - chown $wwwuserd:$wwwgroupd $dir/$endpoint/.env - chmod 440 $dir/$endpoint/.env -} - -echo "##############################################" -echo "You will now start adding endpoints which are just subdirectories\ - that contain the update.php file as well as a customized .env file." -echo "" - -### endpoint creation loop -while true -do - read -p "enter endpoint name [Empty to quit]: " endpoint - if [ -z $endpoint ]; then break; fi - createEndpoint $endpoint -done diff --git a/.configure.sh b/.configure.sh deleted file mode 100755 index b89b8d0..0000000 --- a/.configure.sh +++ /dev/null @@ -1,265 +0,0 @@ -#!/bin/bash - -# set variables -scriptversion="1.6" - -defaultenvfile=".env.dist" - -if [ ! -z $1 ] -then - dir=$1 - endpoint=$(basename ${dir}) - - # set up log file location suggestion - log1="/var/log/dnsupdater/${endpoint}.json" - log2="${dir}/log.json" - -else - echo "### ownDynDNS configuration script" - - wwwuserd="www-data" - wwwgroupd="www-data" - - dir=$(pwd) - while [ ! -f $dir/$defaultenvfile ] - do - echo "current directory does not contain ${defaultenvfile} !" - read -p "enter directory where ownDynDNS is located: " dir - done - - # source .env.dist - source $dir/$defaultenvfile - - # set up log file location suggestions - log1="$logFile" - log2="/var/log/dnsupdater/log.json" -fi - - -envfile="${dir}/.env" - - -### main script -#echo "found ${defaultenvfile}. using current directory" - -read -p "enter a custom username for dns updates [random]: " user -user=${user:-$(tr -dc A-Za-z0-9 $htaccess << EOM - - Order allow,deny - Deny from all -envfile -EOM - if [ -z $endpoint ] - then - rm .htaccess.example - fi - ;; - 3) - mv .htaccess{.example,} - ;; - *) - if [ -z $endpoint ] - then - rm .htaccess.example - fi - ;; -esac - -### nginx htaccess equivalent message -echo "if you are using nginx please read the docs about how to disable access to certain files and folders.\nyou might add a location block to the beginning of your site config as follows:" -echo -e " location ~* (env|log|json) {\n deny all;\n return 404;\n }" - -read -p "do you wish to enable result return? [y/N]: " returnip -echo "" -if [[ ${returnip,,::1} == "y" ]] -then - #echo "enabling return ip" - returnip="true" -else - #echo "disabling return ip" - returnip="false" -fi - -read -p "do you want to allow creation of new entries on the fly? [y/N]: " allowcreate -echo "" -if [[ ${allowcreate,,::1} == "y" ]] -then - #echo "enabling return ip" - allowcreate="true" -else - #echo "disabling return ip" - allowcreate="false" -fi - -read -p "do you want to restrict updates to a specific domain entry? [Y/n]: " restrictdomain -echo "" -if [[ ${restrictdomain,,::1} == "n" ]] -then - restrictdomain="false" -else - restrictdomain="true" - echo "enter the FQDN you want to restrict updates to. If you are using third\ - level domains, e.g. nas.home.example.com you should only enter example.com" - echo "use the \"host\" variable for nas.home in that case." - echo "" - read -p "domain or FQDN: " domain - echo "" - read -p "host if third level domain: " host - echo "" -fi - - -### create the .env file -if [ -f $envfile ] -then - echo "${envfile} already exists!" - read -p "overwrite? [y/N]: " overwrite - echo "" - if [[ ! ${overwrite,,::1} == y ]] - then - echo "script cancelled. exiting" - echo "" - exit 1 - fi -fi - -touch $envfile -echo "# file created at $(date)" >$envfile -echo "# by configuration script version ${scriptversion}" >> $envfile -echo "username=\"${user}\"" >> $envfile -echo "password=\"${pass}\"" >> $envfile -echo "apiKey=\"${apikey}\"" >> $envfile -echo "apiPassword=\"${apipass}\"" >> $envfile -echo "customerId=\"${custid}\"" >> $envfile -echo "debug=${debug}" >> $envfile -echo "log=${log}" >> $envfile -echo "logFile=${logfile}" >> $envfile -echo "returnIp=${returnip}" >> $envfile -echo "allowCreate=${allowcreate}" >> $envfile -echo "restrictDomain=${restrictdomain}" >> $envfile -if [ ! -z ${domain} ] -then - echo "domain=${domain}" >> $envfile -fi -if [ ! -z ${host} ] -then - echo "host=${host}" >> $envfile -fi - -echo "created .env file at: ${envfile}" -echo "" diff --git a/.htaccess.example b/.htaccess.example deleted file mode 100644 index 3da7edf..0000000 --- a/.htaccess.example +++ /dev/null @@ -1,4 +0,0 @@ - - Order allow,deny - Deny from all - diff --git a/Dockerfile b/Dockerfile index b89bdab..f967795 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,10 @@ FROM serversideup/php:8.3-fpm-nginx-alpine USER root -RUN mkdir -p /var/www/html/src &&\ +RUN mkdir -p /var/www/html/public/src &&\ install-php-extensions soap USER www-data -COPY --chown=www-data:www-data ./default.conf /etc/nginx/conf.d/default.conf -COPY --chown=www-data:www-data ./data/src/ /var/www/html/src -COPY --chown=www-data:www-data ./data/update.php /var/www/html -COPY --chown=www-data:www-data ./data/.env.dist /var/www/html/.env -VOLUME /var/www/html -WORKDIR /var/www/html -EXPOSE 80 \ No newline at end of file +WORKDIR /var/www/html/public +COPY --chown=www-data:www-data ./data/src/ /var/www/html/public/src +COPY --chown=www-data:www-data ./data/update.php /var/www/html/public +COPY --chown=www-data:www-data ./data/.env.dist /var/www/html/public/.env +HEALTHCHECK --interval= --timeout=5s --start-period=10s CMD curl --insecure --silent --location --show-error --fail http://localhost:8080$HEALTHCHECK_PATH || exit 1 diff --git a/README.md b/README.md index 1baea05..ae18751 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # ownDynDNS -Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM FRITZ!Box +Self-hosted dynamic DNS php-based Docker container to update netcup DNS API from consumer routers etc. ## Authors * Felix Kretschmer [@fernwerker](https://github.com/fernwerker) @@ -8,38 +8,11 @@ Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM * Nils Blume [@niiwiicamo](https://github.com/niiwiicamo) ## Usage -### Install using configure scripts -* Copy `update.php`, `src/*`, `.env.dist`, `.configure.sh` and `.configure-endpoints.sh` to your webspace -* If you want multiple endpoints use .configure-endpoints.sh -* If you want a single endpoint use .configure.sh -### Manual Installation -* Copy all files to your webspace -* If you want multiple endpoints that each can only update one domain look at the mydomain folder.
-The update URL would be https://`url`/mydomain/update.php?(...) -* create a copy of `.env.dist` as `.env` and configure: - -Parameter | Example | Explanation ----: | :--- | :--- -`username` | dnsupdater | The username for your Router to authenticate (so not everyone can update your DNS) -`password` | secretpleasechange | password for your Router -`apiKey` | 18neqwd91e21onei1p23841 | API key which is generated in netcup CCP -`apiPassword` | 82jewqde9m30 | API password which is generated in netcup CCP -`customerId` | 12345 | your netcup Customer ID -`log` | `true` / false | enables logging -`logFile` | log.json | configures logfile location if enabled -`debug` | true / `false` | enables debug mode and generates more output from update.php (normal operation has no output). Needed to receive stack traces from errors. -`returnIp` | `true` / false | enables return of result if a record was changed -`allowCreate` | true/`false` | allows creation of entries if parameter `create=true` in URL -`restrictDomain` | true / `false` | allows admin to restrict the domain to update to a given value `domain` and/or `host`. See URL parameters for host parameter explanation -`allowNetcupCreds` | true / `false` | allows the user to pass netcup credentials directly via the URL. URL creds will be preferred if any still exist in .env file -`allowAnonymous` | true / `false` | allows anonymous login, recommended only if you do not store any credentials and disable logging - -* alternatively you can use .configure.sh to create your .env file for you (if you are on a *NIX system) - -* Create each host record in your netcup CCP (DNS settings) before using the script. The script does not create any missing records.
-You can now set `allowCreate=true` in .env and pass `create=true` as URL parameter to create entries on the fly. +### docker-compose.yaml +``` +``` ## URL possible uses: ### Required parameters in URL: diff --git a/default.conf b/default.conf deleted file mode 100644 index 7a79ba2..0000000 --- a/default.conf +++ /dev/null @@ -1,13 +0,0 @@ -server { - listen 0.0.0.0:80; - root /var/www/html; - location / { - return 302 https://github.com/NiiWiiCamo/ownDynDNS; - } - location ~ \.php$ { - include fastcgi_params; - fastcgi_pass localhost:9000; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; - } -} \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 5c3f75f..39616f7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,23 +1,20 @@ -version: "3" services: - - nginx: - build: - context: . - dockerfile: nginx/Dockerfile + owndyndns: + container_name: dyndns + image: niiwiicamo/owndyndns + environment: + DDNS_USER: changeme + DDNS_PASS: changeme + NETCUP_APIKEY: 12345asdf + NETCUP_APIPASS: asdf12345 + NETCUP_CUSTOMERID: 01234 + DDNS_DEBUG: 0 # optional, default: 0 + DDNS_LOG: 0 # optional, default: 1 + # DDNS_LOGFILE: log.json # optional, default: log.json + DDNS_RETURNIP: 0 # optional, default: 1 + DDNS_ALLOWCREATE: 1 # optional, default: 0 + # DDNS_RESTRICTDOMAIN: 0 # optional, default: 0 + # DDNS_FORCEDDOMAIN: example.net # optional, default empty + # DDNS_FORCEDHOST: hostname # optional, default empty ports: - - "8180:80" - volumes: - - data:/var/www/html - - php: - build: - context: . - dockerfile: php/Dockerfile - depends_on: - - nginx - volumes: - - data:/var/www/html - -volumes: - data: \ No newline at end of file + - 8080:8080 diff --git a/examples/multisite.md b/examples/multisite.md deleted file mode 100644 index fcbf073..0000000 --- a/examples/multisite.md +++ /dev/null @@ -1,67 +0,0 @@ -# Multiple Endpoints with separate credentials -For advanced use you might want to have separate users that can each only update one domain entry. - -In that case it might be beneficial to habe multiple endpoints, e.g. `https://dyndns.example.com/endpointN/update.php` where endpointN is any directory name you wish. - -## Setting up multiple endpoints -The directory structure of your webroot might look like this: -
-├── index.html
-├── src
-│   ├── Config.php
-│   ├── Handler.php
-│   ├── Payload.php
-│   └── Soap.php
-├── fritzbox        # this is a subdomain
-│   ├── .env
-│   └── update.php
-├── nas             # this is another
-│   ├── .env
-│   └── update.php
-├── examplenet      # uses another netcup account
-│   ├── .env
-│   └── update.php
-└── subdomain1      # and another subdomain
-    ├── .env
-    └── update.php
-
- -Here the update.php files are copied from the mydomain example directory. All .env files contain different user credentials and may even use different netcup credentials. - -## Setting up domain restrictions per .env file -It is nice to have multiple sets of credentials, but if anyone can update any entry of any domain this defeats the purpose. - -That is why you can enable domain restriction per .env file and thereby per set of user credentials. - -In these cases you the domain you send in your url will be ignored in favour of the one configured in the .env file. You still need to send a placeholder for validation purposes. - -Example .env file for fritzbox.example.com.
-Callable by: `https://dyndns.example.com/fritzbox/update.php?user=fritzbox&password=changeme&domain=placeholder&ipv4=1.2.3.4` -
-username="fritzbox"
-password="changemeplease"
-apiKey="j1meo213em823jd2q9"
-apiPassword="12345secret"
-customerId="12345"
-debug=false
-log=true
-logFile=/var/log/dnsupdater/fritzbox.json
-restrictDomain=true
-domain=fritzbox.example.com
-
- -Example .env file for nas.home.example.com.
-Callable by: `https://dyndns.example.com/nas/update.php?user=nas&password=changeme&domain=placeholder&ipv4=1.2.3.4` -
-username="nas"
-password="changemeplease"
-apiKey="j1meo213em823jd2q9"
-apiPassword="12345secret"
-customerId="12345"
-debug=false
-log=true
-logFile=/var/log/dnsupdater/nas.json
-restrictDomain=true
-domain=example.com    # for explicit use of third-level domain
-host=nas.home         # we use the optional host parameter
-
\ No newline at end of file diff --git a/examples/mydomain/.env.dist b/examples/mydomain/.env.dist deleted file mode 100644 index 9162fbe..0000000 --- a/examples/mydomain/.env.dist +++ /dev/null @@ -1,12 +0,0 @@ -username="only-mydomain" -password="changemeplease" -apiKey="netcup DNS API Key" -apiPassword="netcup DNS API Password" -customerId="netcup customer ID" -debug=false -log=true -logFile=mydomain.json -returnIp=true -allowCreate=false -restrictDomain=true -domain="mydomain.example.com" diff --git a/examples/mydomain/update.php b/examples/mydomain/update.php deleted file mode 100755 index bbb8b8e..0000000 --- a/examples/mydomain/update.php +++ /dev/null @@ -1,20 +0,0 @@ -doRun(); diff --git a/examples/nginx-server-block.conf b/examples/nginx-server-block.conf deleted file mode 100644 index e444040..0000000 --- a/examples/nginx-server-block.conf +++ /dev/null @@ -1,54 +0,0 @@ -# -# This assumes you already have the html { block configured -# - -server { - - listen 80; # highly recommend to use 443 and ssl, look into using certbot - - server_name dyndns.example.com; - root /var/www/dnydns.example.com; - - # if you are using a dedicated site remove everythin except update.php - # update.php; - update.php index index.html index.htm index.nginx-debian.html index.php; - - # deny all access to any file containing "env", "log" or "json" - # returns 404 as if file did not exist - location ~* (env|log|json) { - deny all; - return 404; - } - - # deny access to any file .ht* like .htaccess or .htpasswd - location ~ /\.ht { - deny all; - } - - # pass PHP scripts to FastCGI server - location ~ \.php$ { - - # FastCGI config, might be in another file that is included - - # regex to split $uri to $fastcgi_script_name and $fastcgi_path - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - - # Check that the PHP script exists before passing it - try_files $fastcgi_script_name =404; - - # Bypass the fact that try_files resets $fastcgi_path_info - # see: http://trac.nginx.org/nginx/ticket/321 - set $path_info $fastcgi_path_info; - fastcgi_param PATH_INFO $path_info; - - fastcgi_index index.php; - include fastcgi.conf; - - - # With php-fpm (or other unix sockets): - fastcgi_pass unix:/run/php/php-fpm.sock; - # With php-cgi (or other tcp sockets): - # fastcgi_pass 127.0.0.1:9000; - } - -} \ No newline at end of file diff --git a/examples/update-dyndns.sh b/examples/update-dyndns.sh deleted file mode 100755 index de54667..0000000 --- a/examples/update-dyndns.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash - -# you can run this script from **ix bases device to update (different) Records - -USER="max_mustermann" -PASS="s3cr3t" -DOMAIN="my-home-nas.de" -#DOMAIN="nas.my-home.de" -SCRIPT="https:///update.php" -FORCE=0 -MODE="both" # can be undefined, "@", "*" or "both" - -IPV4=$(curl -4 -q v4.ident.me) -IPV6=$(curl -6 -q v6.ident.me) - -echo ${IPV4} -echo ${IPV6} - -# PAYLOAD_IPV4="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&domain=${DOMAIN}&mode=${MODE}" -# curl -X POST --data "${PAYLOAD_IPV4}" ${SCRIPT} - -# PAYLOAD_IPV6="force=${FORCE}&user=${USER}&password=${PASS}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE"} -# curl -X POST --data "${PAYLOAD_IPV6}" ${SCRIPT} - -PAYLOAD_BOTH="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE}" -curl -X POST --data "${PAYLOAD_BOTH}" ${SCRIPT} From 171aa7c2f063369b060261ef686240bc65e8f76d Mon Sep 17 00:00:00 2001 From: niiwiicamo Date: Wed, 24 Jul 2024 09:32:50 +0200 Subject: [PATCH 4/5] updated readme --- README.md | 74 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 44 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index ae18751..68ee725 100644 --- a/README.md +++ b/README.md @@ -9,37 +9,51 @@ Self-hosted dynamic DNS php-based Docker container to update netcup DNS API from ## Usage +This docker image only provides a basic http server as default. You should never expose this to the internet! +Use a reverse proxy or run everything locally. + ### docker-compose.yaml -``` +Take a look at docker-compose.yaml for inspiration. -``` - -## URL possible uses: -### Required parameters in URL: - -user, password and domain are always needed, as well as at least one of the following:
-ipv4, ipv6, txt +#### The following environment variables are `required`: +env | description +---: | :--- +DDNS_USER
DDNS_PASS | The username and password that the DynDNS client (e.g. your router) uses to authenticate to this container +NETCUP_APIKEY
NETCUP_APIPASS
NETCUP_CUSTOMERID | Your netcup credentials so this container can authorize against netcup -Parameter | Example | Explanation +#### The following environment variables are `optional`: +env | default | description ---: | :--- | :--- -user | dnsupdater | username to authenticate against this script as defined in .env file. If anonymous login is allowed in .env: `anonymous` -password | secretpleasechange | password for that user as defined in .env file -domain | home.example.com | `case A)` If `host` is not specified: the FQDN for your host -domain | example.com | `case B)` If you want to update the @ or * record -domain | example.com | `case C)` If `host`is specified: only the domain part as registered at netcup "nas.home.example.com" -host | nas.home | `case C)` If your domain contains more than 3 levels "nas.home.example.com" -ipv4 | 1.2.3.4 | the ipv4 address to update an existing A record -ipv6 | fe80::12:34:56 | the ipv6 address to update an existing AAAA record -txt | acme-challenge-text | the content to update an existing TXT record -force | true | ignore checking if the record needs to be updated, just do it anyways. Default: `false` -mode | * | `case B)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@` -create | true | create all entries if none exist. e.g. will not create A if AAAA exists. Needs `allowCreate=true` in .env -customerId | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env -apiKey | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env -apiPassword | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env +DDNS_DEBUG | 0 | Includes debug information in the web response +DDNS_LOG | 1 | Creates a json log file +DDNS_LOGFILE | log.json | Log file location, relative to webroot +DDNS_RETURNIP | 1 | Returns the updated DNS record (IPv4, IPv6, TXT) +DDNS_ALLOWCREATE | 0 | Allows for a new DNS entry to be created and set instead of only updating existing +DDNS_RESTRICTDOMAIN | 0 | Allows you to override the DNS entry to be updated +DDNS_FORCEDDOMAIN | "" | When DDNS_RESTRICTDOMAIN is set, enter the registered domain name (e.g. example.com) +DDNS_FORCEDHOST | "" | When DDNS_RESTRICTDOMAIN is set, enter the DNS entry host name (e.g. _acme-challenge.test.home) +### URL contents: + +#### The following parameters are supported + +`You must include: user, password, domain and one of ipv4, ipv6 and txt` + +parameter | example | description +---: | :--- | :--- +user | dnsupdater | The DDNS_USER +password | secretpleasechange | The DDNS_PASS +domain | `a)` home.example.com
`b)` example.com
`c)` | `a)` The FQDN to update
`b)` The registered domain only, for multi part host names
`c)` The domain if you want to update the @ or * record +host | nas.home | optional; `case b)` If your domain contains more than 3 levels, e.g. "nas.home.example.com" +ipv4 | 1.2.3.4 | the ipv4 address to update a A record +ipv6 | fe80::12:34:56 | the ipv6 address to update a AAAA record +txt | acme-challenge-text | the content to update a TXT record +force | true | optional; ignore checking if the record needs to be updated, just do it anyways. Default: `false` +mode | * | optional; `case c)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@` +create | true | optional; create all entries if none exist. e.g. will not create A if AAAA exists. Needs `DDNS_ALLOWCREATE=1` + #### Example URL to update A record (IPv4) of home.example.com: https://`dyndns.example.com`/update.php?user=`username`&password=`password`&domain=`home.example.com`&ipv4=`IPv4` @@ -73,8 +87,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma * Domainname: `` * Multiple Domains: * Domainname: `,,....` -* Username: `` -* Password: `` +* Username: `` +* Password: `` ### Synology DSM Settings * Go to "Control Panel" -> "External Access" -> "DDNS" @@ -87,8 +101,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma * Click on "Add" to create a DDNS job * Select your custom provider. Notice that an asterisk [*] has appeared in front of the name to signify that this is a custom provider. * Hostname: `` -* Username/Email: `` -* Password/Key: `` +* Username/Email: `` +* Password/Key: `` * External Address (IPv4): probably "Auto", uses Synology service to find own external IP * External Address (IPv6): doesn't matter, currently not supported by Synology @@ -98,7 +112,7 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma * Service Type: "Custom" * Interface to monitor: `` -* Update URL: `https:///update.php?user=&password=&ipv4=%IP%&domain=` +* Update URL: `https:///update.php?user=&password=&ipv4=%IP%&domain=` * Leave all other fields empty / default # run as cronjob on a **nix based device @@ -110,4 +124,4 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma ## License Published under GNU General Public License v3.0 -© Felix Kretschmer, 2021 +Original: © Felix Kretschmer, 2021 From 25e477328864ae1422eba811346761e06eddc8c1 Mon Sep 17 00:00:00 2001 From: niiwiicamo Date: Wed, 24 Jul 2024 09:34:03 +0200 Subject: [PATCH 5/5] typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 68ee725..24de1bd 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ parameter | example | description ---: | :--- | :--- user | dnsupdater | The DDNS_USER password | secretpleasechange | The DDNS_PASS -domain | `a)` home.example.com
`b)` example.com
`c)` | `a)` The FQDN to update
`b)` The registered domain only, for multi part host names
`c)` The domain if you want to update the @ or * record +domain | `a)` home.example.com
`b)` example.com
`c)` example.com | `a)` The FQDN to update
`b)` The registered domain only, for multi part host names
`c)` The domain if you want to update the @ or * record host | nas.home | optional; `case b)` If your domain contains more than 3 levels, e.g. "nas.home.example.com" ipv4 | 1.2.3.4 | the ipv4 address to update a A record ipv6 | fe80::12:34:56 | the ipv6 address to update a AAAA record