Merge pull request #3 from NiiWiiCamo/combined_dockerfile

Combined dockerfile
2025-07-10 14:15:14 +02:00 · 2024-07-24 09:40:24 +02:00 · 2024-07-24 09:40:24 +02:00 · 8262928014
commit 8262928014
parent 75cdfe319a 25e4773288
15 changed files with 111 additions and 619 deletions
--- a/.configure-endpoints.sh
+++ b/.configure-endpoints.sh
@ -1,70 +0,0 @@
 #!/bin/bash
 scriptversion="1.0"
 srcfolder="src"
 updatephp="update.php"
 configuresh=".configure.sh"
 ### banner
 clear
 echo "##############################################"
 echo "### ownDynDNS multi-endpoint configuration ###"
 echo "###           script version $scriptversion           ###"
 echo "##############################################"
 echo ""
 echo "This script will set up multiple endpoints within the same webspace.\
 That means you can use multiple sets of user credentials each with their own\
 permissions regarding which domains to update."
 echo ""
 echo "It is recommended you use the webroot of your desired webspace, although\
 you could place this directory structure anywhere you like, e.g. in a\
 subdirectory of your homepage like example.com/dyndns/[this tree] ."
 echo ""
 echo "This script assumes you have already downloaded the update.php script\
 and the src directory including its contents."
 echo ""
 ### set up dir variable for this script
 dir=$(pwd)
 while [ ! -d $dir/$srcfolder ]
 do
  echo "current directory does not contain ${srcfolder} !"
  read -p "enter directory where ownDynDNS is located: " dir
 done
 ### set up user and group for permissions later
 echo "This script will automatically set the necessary file permissions for\
 your webserver. This might be www-data:www-data, please check if you run\
 into any issues."
 echo ""
 read -p "enter the user the webserver is running as [www-data]: " wwwuserd
 read -p "enter the group the webserver is running as [www-data]: " wwwgroupd
 wwwuserd=${wwwuserd:-"www-data"}
 wwwgroupd=${wwwgroupd:-"www-data"}
 createEndpoint() {
  local endpoint=$1
  mkdir $dir/$endpoint
  cp $dir/$updatephp $dir/$endpoint
  chmod +x $dir/$configuresh
  $dir/$configuresh $dir/$endpoint
  chown $wwwuserd:$wwwgroupd $dir/$endpoint/$updatephp
  chmod 440 $dir/$endpoint/$updatephp
  chown $wwwuserd:$wwwgroupd $dir/$endpoint/.env
  chmod 440 $dir/$endpoint/.env
 }
 echo "##############################################"
 echo "You will now start adding endpoints which are just subdirectories\
 that contain the update.php file as well as a customized .env file."
 echo ""
 ### endpoint creation loop
 while true
 do
  read -p "enter endpoint name [Empty to quit]: " endpoint
  if [ -z $endpoint ]; then break; fi
  createEndpoint $endpoint
 done
--- a/.configure.sh
+++ b/.configure.sh
@ -1,265 +0,0 @@
 #!/bin/bash
 # set variables
 scriptversion="1.6"
 defaultenvfile=".env.dist"
 if [ ! -z $1 ]
 then
  dir=$1
  endpoint=$(basename ${dir})
  # set up log file location suggestion
  log1="/var/log/dnsupdater/${endpoint}.json"
  log2="${dir}/log.json"
 else
  echo "### ownDynDNS configuration script"
  wwwuserd="www-data"
  wwwgroupd="www-data"
  dir=$(pwd)
  while [ ! -f $dir/$defaultenvfile ]
  do
    echo "current directory does not contain ${defaultenvfile} !"
    read -p "enter directory where ownDynDNS is located: " dir
  done
  # source .env.dist
  source $dir/$defaultenvfile
  # set up log file location suggestions
  log1="$logFile"
  log2="/var/log/dnsupdater/log.json"
 fi
 envfile="${dir}/.env"
 ### main script
 #echo "found ${defaultenvfile}. using current directory"
 read -p "enter a custom username for dns updates [random]: " user
 user=${user:-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)}
 echo "using username: ${user}"
 read -s -p "enter a custom password for dns updates [random]: " pass
 pass=${pass:-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)}
 echo ""
 echo "using password: ${pass}"
 if [ -z $DDNS_NETCUP_API_KEY ]
 then
  read -s -p "enter your netcup DNS API Key: " apikey
  echo ""
 else
  echo -e "Found DDNS_NETCUP_API_KEY. Leave empty to use or enter new DNS API Key\n"
  read -p "DNS API Key [${DDNS_NETCUP_API_KEY}]: " apikey
  apikey=${apikey:-$DDNS_NETCUP_API_KEY}
 fi
 if [ -z $DDNS_NETCUP_API_PASSWORD ]
 then
  read -s -p "enter your netcup API Password: " apipass
  echo ""
 else
  echo "Found DDNS_NETCUP_API_PASSWORD. Leave empty to use or enter new DNS API Password"
  read -p "DNS API Password [${DDNS_NETCUP_API_PASSWORD}]: " apipass
  echo ""
  apipass=${apipass:-$DDNS_NETCUP_API_PASSWORD}
 fi
 if [ -z $DDNS_NETCUP_CUSTOMER_ID ]
 then
  read -s -p "enter your netcup customer ID: " custid
  echo ""
 else
  echo "Found DDNS_NETCUP_CUSTOMER_ID. Leave empty to use or enter new customer ID"
  read -p "Netcup customer ID [${DDNS_NETCUP_CUSTOMER_ID}]: " custid
  echo ""
  custid=${custid:-$DDNS_NETCUP_CUSTOMER_ID}
 fi
 read -p "do you wish to enable debugging? [y/N]: " debug
 echo ""
 if [[ ${debug,,::1} == "y" ]]
 then
  #echo "enabling debugging"
  debug="true"
 else
  #echo "disabling debugging"
  debug="false"
 fi
 read -p "do you want to enable logging? [Y/n]: " log
 echo ""
 if [[ ${log,,::1} != "n" ]]
 then
  #echo "enabling logging"
  log="true"
 else
  #echo "disabling logging"
  log="false"
 fi
 echo "the logfile is created in this directory by default. your ip history is thereby publically available."
 echo "select where the logfile should be created if enabled:"
 echo "[1] default: ${log1}"
 echo "[2] private: ${log2}"
 echo "[3] custom location"
 read -p "select from the choices above [1]: " choice
 echo ""
 case $choice in
  2)
    logfile=${log2}
    ;;
  3)
    read -p "enter logfile location: " logfile
    echo ""
    logfile=${logfile:-$log1}
    ;;
  *)
    logfile=${log1}
    ;;
 esac
 if [ -z ${endpoint} ]
 then
  echo "the logfile needs to be writable by the webserver if logging is enabled."
  read -p "which user does the webserver run as? [${wwwuserd}]: " wwwuser
  echo ""
  wwwuser=${wwwuser:-$wwwuserd}
  read -p "which group does the webserver run as? [${wwwgroupd}]: " wwwgroup
  echo ""
  wwwgroup=${wwwgroup:-$wwwgroupd}
  mkdir -p $(dirname $logfile) && touch $logfile || echo "### could not create logfile!"
  echo ""
  chown $wwwuser:$wwwgroup $logfile
  chmod 0640 $logfile
  #echo "logfile will be created at: ${logfile}"
 fi
 ### Apache htaccess file config
 echo "if you are using apache it is recommended to enable the .htaccess file to prevent unauthorized access to the .env file and any logfile."
 echo "select if you want to enable the .htaccess file:"
 echo "[1] no .htaccess file. (e.g. using nginx)"
 echo "[2] block access to .env file only (default log location accessible)"
 echo "[3] block access to .env file and log file"
 echo ""
 read -p "select from the choices above [1]: " choice
 echo ""
 case $choice in
  2)
    cat > $htaccess << EOM
 <FilesMatch "\.env$">
        Order allow,deny
        Deny from all
 </FilesMatch>envfile
 EOM
    if [ -z $endpoint ]
    then
      rm .htaccess.example
    fi
    ;;
  3)
    mv .htaccess{.example,}
    ;;
  *)
    if [ -z $endpoint ]
    then
      rm .htaccess.example
    fi
    ;;
 esac
 ### nginx htaccess equivalent message
 echo "if you are using nginx please read the docs about how to disable access to certain files and folders.\nyou might add a location block to the beginning of your site config as follows:"
 echo -e "  location ~* (env|log|json) {\n    deny all;\n    return 404;\n  }"
 read -p "do you wish to enable result return? [y/N]: " returnip
 echo ""
 if [[ ${returnip,,::1} == "y" ]]
 then
  #echo "enabling return ip"
  returnip="true"
 else
  #echo "disabling return ip"
  returnip="false"
 fi
 read -p "do you want to allow creation of new entries on the fly? [y/N]: " allowcreate
 echo ""
 if [[ ${allowcreate,,::1} == "y" ]]
 then
  #echo "enabling return ip"
  allowcreate="true"
 else
  #echo "disabling return ip"
  allowcreate="false"
 fi
 read -p "do you want to restrict updates to a specific domain entry? [Y/n]: " restrictdomain
 echo ""
 if [[ ${restrictdomain,,::1} == "n" ]]
 then
  restrictdomain="false"
 else
  restrictdomain="true"
  echo "enter the FQDN you want to restrict updates to. If you are using third\
 level domains, e.g. nas.home.example.com you should only enter example.com"
  echo "use the \"host\" variable for nas.home in that case."
  echo ""
  read -p "domain or FQDN: " domain
  echo ""
  read -p "host if third level domain: " host
  echo ""
 fi
 ### create the .env file
 if [ -f $envfile ]
 then
  echo "${envfile} already exists!"
  read -p "overwrite? [y/N]: " overwrite
  echo ""
  if [[ ! ${overwrite,,::1} == y ]]
  then
    echo "script cancelled. exiting"
    echo ""
    exit 1
  fi
 fi
 touch $envfile
 echo "# file created at $(date)" >$envfile
 echo "# by configuration script version ${scriptversion}" >> $envfile
 echo "username=\"${user}\"" >> $envfile
 echo "password=\"${pass}\"" >> $envfile
 echo "apiKey=\"${apikey}\"" >> $envfile
 echo "apiPassword=\"${apipass}\"" >> $envfile
 echo "customerId=\"${custid}\"" >> $envfile
 echo "debug=${debug}" >> $envfile
 echo "log=${log}" >> $envfile
 echo "logFile=${logfile}" >> $envfile
 echo "returnIp=${returnip}" >> $envfile
 echo "allowCreate=${allowcreate}" >> $envfile
 echo "restrictDomain=${restrictdomain}" >> $envfile
 if [ ! -z ${domain} ]
 then
  echo "domain=${domain}" >> $envfile
 fi
 if [ ! -z ${host} ]
 then
  echo "host=${host}" >> $envfile
 fi
 echo "created .env file at: ${envfile}"
 echo ""
--- a/.htaccess.example
+++ b/.htaccess.example
@ -1,4 +0,0 @@
 <FilesMatch "\.(env|json)$">
 	Order allow,deny
 	Deny from all
 </FilesMatch>
--- a/10
+++ b/10
@ -0,0 +1,10 @@
 FROM serversideup/php:8.3-fpm-nginx-alpine
 USER root
 RUN mkdir -p /var/www/html/public/src &&\
    install-php-extensions soap
 USER www-data
 WORKDIR /var/www/html/public
 COPY --chown=www-data:www-data ./data/src/ /var/www/html/public/src
 COPY --chown=www-data:www-data ./data/update.php /var/www/html/public
 COPY --chown=www-data:www-data ./data/.env.dist /var/www/html/public/.env
 HEALTHCHECK --interval= --timeout=5s --start-period=10s CMD curl --insecure --silent --location --show-error --fail http://localhost:8080$HEALTHCHECK_PATH || exit 1
--- a/README.md
+++ b/README.md
@ -1,5 +1,5 @@
 # ownDynDNS
-Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM FRITZ!Box  
+Self-hosted dynamic DNS php-based Docker container to update netcup DNS API from consumer routers etc.  
 ## Authors
 * Felix Kretschmer [@fernwerker](https://github.com/fernwerker)
@ -8,64 +8,51 @@ Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM
 * Nils Blume [@niiwiicamo](https://github.com/niiwiicamo)
 ## Usage
 ### Install using configure scripts
 * Copy `update.php`, `src/*`, `.env.dist`, `.configure.sh` and `.configure-endpoints.sh` to your webspace
 * If you want multiple endpoints use .configure-endpoints.sh
 * If you want a single endpoint use .configure.sh
-### Manual Installation
+This docker image only provides a basic http server as default. You should never expose this to the internet!
-* Copy all files to your webspace
+Use a reverse proxy or run everything locally.
 * If you want multiple endpoints that each can only update one domain look at the mydomain folder.<br>
 The update URL would be https://`url`/mydomain/update.php?(...)
 * create a copy of `.env.dist` as `.env` and configure:
-Parameter | Example | Explanation
+### docker-compose.yaml
 Take a look at docker-compose.yaml for inspiration.
 #### The following environment variables are `required`:
 env | description
 ---: | :--- 
 DDNS_USER <br> DDNS_PASS | The username and password that the DynDNS client (e.g. your router) uses to authenticate to this container
 NETCUP_APIKEY <br> NETCUP_APIPASS <br> NETCUP_CUSTOMERID | Your netcup credentials so this container can authorize against netcup
 #### The following environment variables are `optional`:
 env | default | description
 ---: | :--- | :---
-`username` | dnsupdater |  The username for your Router to authenticate (so not everyone can update your DNS)
+DDNS_DEBUG | 0 | Includes debug information in the web response
-`password` | secretpleasechange | password for your Router
+DDNS_LOG | 1 | Creates a json log file
-`apiKey` | 18neqwd91e21onei1p23841 | API key which is generated in netcup CCP
+DDNS_LOGFILE | log.json | Log file location, relative to webroot
-`apiPassword` | 82jewqde9m30 | API password which is generated in netcup CCP
+DDNS_RETURNIP | 1 | Returns the updated DNS record (IPv4, IPv6, TXT)
-`customerId` | 12345 | your netcup Customer ID
+DDNS_ALLOWCREATE | 0 | Allows for a new DNS entry to be created and set instead of only updating existing
-`log` | `true` / false | enables logging
+DDNS_RESTRICTDOMAIN | 0 | Allows you to override the DNS entry to be updated
-`logFile` | log.json | configures logfile location if enabled
+DDNS_FORCEDDOMAIN | "" | When DDNS_RESTRICTDOMAIN is set, enter the registered domain name (e.g. example.com)
-`debug` | true / `false` | enables debug mode and generates more output from update.php (normal operation has no output). Needed to receive stack traces from errors.
+DDNS_FORCEDHOST | "" | When DDNS_RESTRICTDOMAIN is set, enter the DNS entry host name (e.g. _acme-challenge.test.home)
 `returnIp` | `true` / false | enables return of result if a record was changed
 `allowCreate` | true/`false` | allows creation of entries if parameter `create=true` in URL
 `restrictDomain` | true / `false` | allows admin to restrict the domain to update to a given value `domain` and/or `host`. See URL parameters for host parameter explanation
 `allowNetcupCreds` | true / `false` | allows the user to pass netcup credentials directly via the URL. URL creds will be preferred if any still exist in .env file
 `allowAnonymous` | true / `false` | allows anonymous login, recommended only if you do not store any credentials and disable logging
 * alternatively you can use .configure.sh to create your .env file for you (if you are on a *NIX system)
 * Create each host record in your netcup CCP (DNS settings) before using the script. <s>The script does not create any missing records.</s><br>
 You can now set `allowCreate=true` in .env and pass `create=true` as URL parameter to create entries on the fly.
-## URL possible uses:
+### URL contents:
 ### Required parameters in URL:
-<b>user, password and domain</b> are <i> always needed</i>, as well as at least one of the following: <br>
+#### The following parameters are supported
 <b>ipv4, ipv6, txt</b>
 `You must include: user, password, domain and one of ipv4, ipv6 and txt`
-Parameter | Example | Explanation
+parameter | example | description
 ---: | :--- | :---
-user | dnsupdater | username to authenticate against this script as defined in .env file. If anonymous login is allowed in .env: `anonymous`
+user | dnsupdater | The DDNS_USER 
-password | secretpleasechange | password for that user as defined in .env file
+password | secretpleasechange | The DDNS_PASS
-domain | home.example.com | `case A)` If `host` is not specified: the FQDN for your host
+domain | `a)` home.example.com <br> `b)` example.com <br> `c)` example.com | `a)` The FQDN to update <br> `b)` The registered domain only, for multi part host names <br> `c)` The domain if you want to update the @ or * record
-domain | example.com | `case B)` If you want to update the @ or * record
+host | nas.home | optional; `case b)` If your domain contains more than 3 levels, e.g. "nas.home.example.com"
-domain | example.com | `case C)` If `host`is specified: only the domain part as registered at netcup "nas.home.example.com"
+ipv4 | 1.2.3.4 | the ipv4 address to update a A record
-host | nas.home | `case C)` If your domain contains more than 3 levels "nas.home.example.com"
+ipv6 | fe80::12:34:56 | the ipv6 address to update a AAAA record
-ipv4 | 1.2.3.4 | the ipv4 address to update an existing A record
+txt | acme-challenge-text | the content to update a TXT record
-ipv6 | fe80::12:34:56 | the ipv6 address to update an existing AAAA record
+force | true | optional; ignore checking if the record needs to be updated, just do it anyways. Default: `false`
-txt | acme-challenge-text | the content to update an existing TXT record
+mode | * | optional; `case c)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@`
-force | true | ignore checking if the record needs to be updated, just do it anyways. Default: `false`
+create | true | optional; create all entries if none exist. e.g. will not create A if AAAA exists. Needs `DDNS_ALLOWCREATE=1`
 mode | * | `case B)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@`
 create | true | create all entries if none exist. e.g. will not create A if AAAA exists. Needs `allowCreate=true` in .env
 customerId | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
 apiKey | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
 apiPassword | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
 #### Example URL to update A record (IPv4) of home.example.com:
@ -100,8 +87,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
  * Domainname: `<host record that is supposed to be updated>`
 * Multiple Domains:
  * Domainname: `<first host record that is supposed to be updated>,<second host record that is supposed to be updated>,....`
-* Username: `<username as defined in .env file>`
+* Username: `<DDNS_USER>`
-* Password: `<password as definied in .env file>`
+* Password: `<DDNS_PASS>`
 ### Synology DSM Settings
 * Go to "Control Panel" -> "External Access" -> "DDNS"
@ -114,8 +101,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
 * Click on "Add" to create a DDNS job
 * Select your custom provider. Notice that an asterisk [*] has appeared in front of the name to signify that this is a custom provider.
 * Hostname: `<host record that is supposed to be updated>`
-* Username/Email: `<username as defined in .env file>`
+* Username/Email: `<DDNS_USER>`
-* Password/Key: `<password as defined in .env file>`
+* Password/Key: `<DDNS_PASS>`
 * External Address (IPv4): probably "Auto", uses Synology service to find own external IP
 * External Address (IPv6): doesn't matter, currently not supported by Synology
@ -125,7 +112,7 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
 * Service Type: "Custom"
 * Interface to monitor: `<select you WAN interface>`
 * Interface to send update from: `<select your WAN interface>`
-* Update URL: `https://<url of your webspace>/update.php?user=<user from .env>&password=<password from .env>&ipv4=%IP%&domain=<host record to update>`
+* Update URL: `https://<url of your webspace>/update.php?user=<DDNS_USER>&password=<DDNS_PASS>&ipv4=%IP%&domain=<host record to update>`
 * Leave all other fields empty / default
 # run as cronjob on a **nix based device
@ -137,4 +124,4 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
 ## License
 Published under GNU General Public License v3.0  
-&copy; Felix Kretschmer, 2021
+Original: &copy; Felix Kretschmer, 2021
--- a/data/update.php
+++ b/data/update.php
@ -17,4 +17,44 @@ if (!file_exists('.env')) {
 $config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
 if (getenv('DDNS_USER') !== false) {
    $config['username'] = getenv('DDNS_USER');
 }
 if (getenv('DDNS_PASS') !== false) {
    $config['password'] = getenv('DDNS_PASS');
 }
 if (getenv('NETCUP_APIKEY') !== false) {
    $config['apiKey'] = getenv('NETCUP_APIKEY');
 }
 if (getenv('NETCUP_APIPASS') !== false) {
    $config['apiPassword'] = getenv('NETCUP_APIPASS');
 }
 if (getenv('NETCUP_CUSTOMERID') !== false) {
    $config['customerId'] = getenv('NETCUP_CUSTOMERID');
 }
 if (getenv('DDNS_DEBUG') !== false) {
    $config['debug'] = getenv('DDNS_DEBUG');
 }
 if (getenv('DDNS_LOG') !== false) {
    $config['log'] = getenv('DDNS_LOG');
 }
 if (getenv('DDNS_LOGFILE') !== false) {
    $config['logFile'] = getenv('DDNS_LOGFILE');
 }
 if (getenv('DDNS_RETURNIP') !== false) {
    $config['returnIp'] = getenv('DDNS_RETURNIP');
 }
 if (getenv('DDNS_ALLOWCREATE') !== false) {
    $config['allowCreate'] = getenv('DDNS_ALLOWCREATE');
 }
 if (getenv('DDNS_RESTRICTDOMAIN') !== false) {
    $config['restrictDomain'] = getenv('DDNS_RESTRICTDOMAIN');
 }
 if (getenv('DDNS_FORCEDDOMAIN') !== false) {
    $config['domain'] = getenv('DDNS_FORCEDDOMAIN');
 }
 if (getenv('DDNS_FORCEDHOST') !== false) {
    $config['host'] = getenv('DDNS_FORCEDHOST');
 }
 (new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,23 +1,20 @@
 version: "3"
 services:
-
+  owndyndns:
-  nginx:
+    container_name: dyndns
-    build:
+    image: niiwiicamo/owndyndns
-      context: .
+    environment:
-      dockerfile: nginx/Dockerfile
+      DDNS_USER: changeme
      DDNS_PASS: changeme
      NETCUP_APIKEY: 12345asdf
      NETCUP_APIPASS: asdf12345
      NETCUP_CUSTOMERID: 01234
      DDNS_DEBUG: 0  # optional, default: 0
      DDNS_LOG: 0  # optional, default: 1
      # DDNS_LOGFILE: log.json  # optional, default: log.json
      DDNS_RETURNIP: 0  # optional, default: 1
      DDNS_ALLOWCREATE: 1  # optional, default: 0
      # DDNS_RESTRICTDOMAIN: 0  # optional, default: 0
      # DDNS_FORCEDDOMAIN: example.net  # optional, default empty
      # DDNS_FORCEDHOST: hostname  # optional, default empty
    ports:
-      - "8180:80"
+      - 8080:8080
    volumes:
      - data:/var/www/html
  php:
    build:
      context: .
      dockerfile: php/Dockerfile
    depends_on:
      - nginx
    volumes:
      - data:/var/www/html
 volumes:
  data:
--- a/examples/multisite.md
+++ b/examples/multisite.md
@ -1,67 +0,0 @@
 # Multiple Endpoints with separate credentials
 For advanced use you might want to have separate users that can each only update one domain entry.
 In that case it might be beneficial to habe multiple endpoints, e.g. `https://dyndns.example.com/endpointN/update.php` where endpointN is any directory name you wish.
 ## Setting up multiple endpoints
 The directory structure of your webroot might look like this:
 <pre>
 ├── index.html
 ├── src
 │   ├── Config.php
 │   ├── Handler.php
 │   ├── Payload.php
 │   └── Soap.php
 ├── fritzbox        # this is a subdomain
 │   ├── .env
 │   └── update.php
 ├── nas             # this is another
 │   ├── .env
 │   └── update.php
 ├── examplenet      # uses another netcup account
 │   ├── .env
 │   └── update.php
 └── subdomain1      # and another subdomain
    ├── .env
    └── update.php
 </pre>
 Here the update.php files are copied from the mydomain example directory. All .env files contain different user credentials and may even use different netcup credentials.
 ## Setting up domain restrictions per .env file
 It is nice to have multiple sets of credentials, but if anyone can update any entry of any domain this defeats the purpose.
 That is why you can enable domain restriction per .env file and thereby per set of user credentials.
 In these cases you the domain you send in your url will be ignored in favour of the one configured in the .env file. <b>You still need to send a placeholder for validation purposes.</b>
 Example .env file for fritzbox.example.com.<br>
 Callable by: `https://dyndns.example.com/fritzbox/update.php?user=fritzbox&password=changeme&domain=placeholder&ipv4=1.2.3.4`
 <pre>
 username="fritzbox"
 password="changemeplease"
 apiKey="j1meo213em823jd2q9"
 apiPassword="12345secret"
 customerId="12345"
 debug=false
 log=true
 logFile=/var/log/dnsupdater/fritzbox.json
 restrictDomain=true
 domain=fritzbox.example.com
 </pre>
 Example .env file for nas.home.example.com.<br>
 Callable by: `https://dyndns.example.com/nas/update.php?user=nas&password=changeme&domain=placeholder&ipv4=1.2.3.4`
 <pre>
 username="nas"
 password="changemeplease"
 apiKey="j1meo213em823jd2q9"
 apiPassword="12345secret"
 customerId="12345"
 debug=false
 log=true
 logFile=/var/log/dnsupdater/nas.json
 restrictDomain=true
 domain=example.com    # for explicit use of third-level domain
 host=nas.home         # we use the optional host parameter
 </pre>
--- a/examples/mydomain/.env.dist
+++ b/examples/mydomain/.env.dist
@ -1,12 +0,0 @@
 username="only-mydomain"
 password="changemeplease"
 apiKey="netcup DNS API Key"
 apiPassword="netcup DNS API Password"
 customerId="netcup customer ID"
 debug=false
 log=true
 logFile=mydomain.json
 returnIp=true
 allowCreate=false
 restrictDomain=true
 domain="mydomain.example.com"
--- a/examples/mydomain/update.php
+++ b/examples/mydomain/update.php
@ -1,20 +0,0 @@
 <?php
 error_reporting(-1);
 ini_set('display_errors', 1);
 ini_set('html_errors', 0);
 header('Content-Type: text/plain; charset=utf-8');
 require_once __DIR__ . '/../src/Soap.php';
 require_once __DIR__ . '/../src/Config.php';
 require_once __DIR__ . '/../src/Payload.php';
 require_once __DIR__ . '/../src/Handler.php';
 if (!file_exists('.env')) {
    throw new RuntimeException('.env file missing');
 }
 $config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
 (new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
--- a/examples/nginx-server-block.conf
+++ b/examples/nginx-server-block.conf
@ -1,54 +0,0 @@
 #
 # This assumes you already have the html { block configured
 #
 server {
  listen 80; # highly recommend to use 443 and ssl, look into using certbot
  server_name dyndns.example.com;
  root /var/www/dnydns.example.com;
  # if you are using a dedicated site remove everythin except update.php
  # update.php;
  update.php index index.html index.htm index.nginx-debian.html index.php;
  # deny all access to any file containing "env", "log" or "json"
  # returns 404 as if file did not exist
  location ~* (env|log|json) {
    deny all;
    return 404;
  }
  # deny access to any file .ht* like .htaccess or .htpasswd
  location ~ /\.ht {
    deny all;
  }
  # pass PHP scripts to FastCGI server
  location ~ \.php$ {
    # FastCGI config, might be in another file that is included
    # regex to split $uri to $fastcgi_script_name and $fastcgi_path
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    # Check that the PHP script exists before passing it
    try_files $fastcgi_script_name =404;
    # Bypass the fact that try_files resets $fastcgi_path_info
    # see: http://trac.nginx.org/nginx/ticket/321
    set $path_info $fastcgi_path_info;
    fastcgi_param PATH_INFO $path_info;
    fastcgi_index index.php;
    include fastcgi.conf;
    # With php-fpm (or other unix sockets):
    fastcgi_pass unix:/run/php/php-fpm.sock;
    # With php-cgi (or other tcp sockets):
    # fastcgi_pass 127.0.0.1:9000;
  }
 }
--- a/examples/update-dyndns.sh
+++ b/examples/update-dyndns.sh
@ -1,26 +0,0 @@
 #!/usr/bin/env bash
 # you can run this script from **ix bases device to update (different) Records
 USER="max_mustermann"
 PASS="s3cr3t"
 DOMAIN="my-home-nas.de"
 #DOMAIN="nas.my-home.de"
 SCRIPT="https://<url of your webspace>/update.php"
 FORCE=0
 MODE="both" # can be undefined, "@", "*" or "both"
 IPV4=$(curl -4 -q v4.ident.me)
 IPV6=$(curl -6 -q v6.ident.me)
 echo ${IPV4}
 echo ${IPV6}
 # PAYLOAD_IPV4="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&domain=${DOMAIN}&mode=${MODE}"
 # curl -X POST --data "${PAYLOAD_IPV4}" ${SCRIPT}
 # PAYLOAD_IPV6="force=${FORCE}&user=${USER}&password=${PASS}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE"}
 # curl -X POST --data "${PAYLOAD_IPV6}" ${SCRIPT}
 PAYLOAD_BOTH="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE}"
 curl -X POST --data "${PAYLOAD_BOTH}" ${SCRIPT}
--- a/nginx/Dockerfile
+++ b/nginx/Dockerfile
@ -1,7 +0,0 @@
 FROM nginx:alpine
 RUN mkdir -p /var/www/html/src
 COPY ./nginx/default.conf /etc/nginx/conf.d/
 COPY ./data/src/ /var/www/html/src
 COPY ./data/update.php /var/www/html
 COPY ./data/.env.dist /var/www/html/.env
 VOLUME /var/www/html
--- a/nginx/default.conf
+++ b/nginx/default.conf
@ -1,13 +0,0 @@
 server {
    listen 0.0.0.0:80;
    root /var/www/html;
    location / {
        return 302 https://github.com/NiiWiiCamo/ownDynDNS;
    }
    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
    }
 }
--- a/php/Dockerfile
+++ b/php/Dockerfile
@ -1,4 +0,0 @@
 FROM php:fpm-alpine
 RUN apk add --no-cache libxml2-dev \
    && docker-php-ext-install soap
 VOLUME /var/www/html