mirror of
https://github.com/fernwerker/ownDynDNS.git
synced 2025-07-10 14:15:14 +02:00
Merge pull request #3 from NiiWiiCamo/combined_dockerfile
Combined dockerfile
This commit is contained in:
commit
8262928014
15 changed files with 111 additions and 619 deletions
|
@ -1,70 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
scriptversion="1.0"
|
|
||||||
srcfolder="src"
|
|
||||||
updatephp="update.php"
|
|
||||||
configuresh=".configure.sh"
|
|
||||||
|
|
||||||
### banner
|
|
||||||
clear
|
|
||||||
echo "##############################################"
|
|
||||||
echo "### ownDynDNS multi-endpoint configuration ###"
|
|
||||||
echo "### script version $scriptversion ###"
|
|
||||||
echo "##############################################"
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
echo "This script will set up multiple endpoints within the same webspace.\
|
|
||||||
That means you can use multiple sets of user credentials each with their own\
|
|
||||||
permissions regarding which domains to update."
|
|
||||||
echo ""
|
|
||||||
echo "It is recommended you use the webroot of your desired webspace, although\
|
|
||||||
you could place this directory structure anywhere you like, e.g. in a\
|
|
||||||
subdirectory of your homepage like example.com/dyndns/[this tree] ."
|
|
||||||
echo ""
|
|
||||||
echo "This script assumes you have already downloaded the update.php script\
|
|
||||||
and the src directory including its contents."
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
### set up dir variable for this script
|
|
||||||
dir=$(pwd)
|
|
||||||
while [ ! -d $dir/$srcfolder ]
|
|
||||||
do
|
|
||||||
echo "current directory does not contain ${srcfolder} !"
|
|
||||||
read -p "enter directory where ownDynDNS is located: " dir
|
|
||||||
done
|
|
||||||
|
|
||||||
### set up user and group for permissions later
|
|
||||||
echo "This script will automatically set the necessary file permissions for\
|
|
||||||
your webserver. This might be www-data:www-data, please check if you run\
|
|
||||||
into any issues."
|
|
||||||
echo ""
|
|
||||||
read -p "enter the user the webserver is running as [www-data]: " wwwuserd
|
|
||||||
read -p "enter the group the webserver is running as [www-data]: " wwwgroupd
|
|
||||||
wwwuserd=${wwwuserd:-"www-data"}
|
|
||||||
wwwgroupd=${wwwgroupd:-"www-data"}
|
|
||||||
|
|
||||||
|
|
||||||
createEndpoint() {
|
|
||||||
local endpoint=$1
|
|
||||||
mkdir $dir/$endpoint
|
|
||||||
cp $dir/$updatephp $dir/$endpoint
|
|
||||||
chmod +x $dir/$configuresh
|
|
||||||
$dir/$configuresh $dir/$endpoint
|
|
||||||
chown $wwwuserd:$wwwgroupd $dir/$endpoint/$updatephp
|
|
||||||
chmod 440 $dir/$endpoint/$updatephp
|
|
||||||
chown $wwwuserd:$wwwgroupd $dir/$endpoint/.env
|
|
||||||
chmod 440 $dir/$endpoint/.env
|
|
||||||
}
|
|
||||||
|
|
||||||
echo "##############################################"
|
|
||||||
echo "You will now start adding endpoints which are just subdirectories\
|
|
||||||
that contain the update.php file as well as a customized .env file."
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
### endpoint creation loop
|
|
||||||
while true
|
|
||||||
do
|
|
||||||
read -p "enter endpoint name [Empty to quit]: " endpoint
|
|
||||||
if [ -z $endpoint ]; then break; fi
|
|
||||||
createEndpoint $endpoint
|
|
||||||
done
|
|
265
.configure.sh
265
.configure.sh
|
@ -1,265 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# set variables
|
|
||||||
scriptversion="1.6"
|
|
||||||
|
|
||||||
defaultenvfile=".env.dist"
|
|
||||||
|
|
||||||
if [ ! -z $1 ]
|
|
||||||
then
|
|
||||||
dir=$1
|
|
||||||
endpoint=$(basename ${dir})
|
|
||||||
|
|
||||||
# set up log file location suggestion
|
|
||||||
log1="/var/log/dnsupdater/${endpoint}.json"
|
|
||||||
log2="${dir}/log.json"
|
|
||||||
|
|
||||||
else
|
|
||||||
echo "### ownDynDNS configuration script"
|
|
||||||
|
|
||||||
wwwuserd="www-data"
|
|
||||||
wwwgroupd="www-data"
|
|
||||||
|
|
||||||
dir=$(pwd)
|
|
||||||
while [ ! -f $dir/$defaultenvfile ]
|
|
||||||
do
|
|
||||||
echo "current directory does not contain ${defaultenvfile} !"
|
|
||||||
read -p "enter directory where ownDynDNS is located: " dir
|
|
||||||
done
|
|
||||||
|
|
||||||
# source .env.dist
|
|
||||||
source $dir/$defaultenvfile
|
|
||||||
|
|
||||||
# set up log file location suggestions
|
|
||||||
log1="$logFile"
|
|
||||||
log2="/var/log/dnsupdater/log.json"
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
envfile="${dir}/.env"
|
|
||||||
|
|
||||||
|
|
||||||
### main script
|
|
||||||
#echo "found ${defaultenvfile}. using current directory"
|
|
||||||
|
|
||||||
read -p "enter a custom username for dns updates [random]: " user
|
|
||||||
user=${user:-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)}
|
|
||||||
echo "using username: ${user}"
|
|
||||||
|
|
||||||
read -s -p "enter a custom password for dns updates [random]: " pass
|
|
||||||
pass=${pass:-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)}
|
|
||||||
echo ""
|
|
||||||
echo "using password: ${pass}"
|
|
||||||
|
|
||||||
if [ -z $DDNS_NETCUP_API_KEY ]
|
|
||||||
then
|
|
||||||
read -s -p "enter your netcup DNS API Key: " apikey
|
|
||||||
echo ""
|
|
||||||
else
|
|
||||||
echo -e "Found DDNS_NETCUP_API_KEY. Leave empty to use or enter new DNS API Key\n"
|
|
||||||
read -p "DNS API Key [${DDNS_NETCUP_API_KEY}]: " apikey
|
|
||||||
apikey=${apikey:-$DDNS_NETCUP_API_KEY}
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z $DDNS_NETCUP_API_PASSWORD ]
|
|
||||||
then
|
|
||||||
read -s -p "enter your netcup API Password: " apipass
|
|
||||||
echo ""
|
|
||||||
else
|
|
||||||
echo "Found DDNS_NETCUP_API_PASSWORD. Leave empty to use or enter new DNS API Password"
|
|
||||||
read -p "DNS API Password [${DDNS_NETCUP_API_PASSWORD}]: " apipass
|
|
||||||
echo ""
|
|
||||||
apipass=${apipass:-$DDNS_NETCUP_API_PASSWORD}
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z $DDNS_NETCUP_CUSTOMER_ID ]
|
|
||||||
then
|
|
||||||
read -s -p "enter your netcup customer ID: " custid
|
|
||||||
echo ""
|
|
||||||
else
|
|
||||||
echo "Found DDNS_NETCUP_CUSTOMER_ID. Leave empty to use or enter new customer ID"
|
|
||||||
read -p "Netcup customer ID [${DDNS_NETCUP_CUSTOMER_ID}]: " custid
|
|
||||||
echo ""
|
|
||||||
custid=${custid:-$DDNS_NETCUP_CUSTOMER_ID}
|
|
||||||
fi
|
|
||||||
|
|
||||||
read -p "do you wish to enable debugging? [y/N]: " debug
|
|
||||||
echo ""
|
|
||||||
if [[ ${debug,,::1} == "y" ]]
|
|
||||||
then
|
|
||||||
#echo "enabling debugging"
|
|
||||||
debug="true"
|
|
||||||
else
|
|
||||||
#echo "disabling debugging"
|
|
||||||
debug="false"
|
|
||||||
fi
|
|
||||||
|
|
||||||
read -p "do you want to enable logging? [Y/n]: " log
|
|
||||||
echo ""
|
|
||||||
if [[ ${log,,::1} != "n" ]]
|
|
||||||
then
|
|
||||||
#echo "enabling logging"
|
|
||||||
log="true"
|
|
||||||
else
|
|
||||||
#echo "disabling logging"
|
|
||||||
log="false"
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "the logfile is created in this directory by default. your ip history is thereby publically available."
|
|
||||||
echo "select where the logfile should be created if enabled:"
|
|
||||||
echo "[1] default: ${log1}"
|
|
||||||
echo "[2] private: ${log2}"
|
|
||||||
echo "[3] custom location"
|
|
||||||
|
|
||||||
read -p "select from the choices above [1]: " choice
|
|
||||||
echo ""
|
|
||||||
case $choice in
|
|
||||||
2)
|
|
||||||
logfile=${log2}
|
|
||||||
;;
|
|
||||||
3)
|
|
||||||
read -p "enter logfile location: " logfile
|
|
||||||
echo ""
|
|
||||||
logfile=${logfile:-$log1}
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
logfile=${log1}
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
if [ -z ${endpoint} ]
|
|
||||||
then
|
|
||||||
echo "the logfile needs to be writable by the webserver if logging is enabled."
|
|
||||||
read -p "which user does the webserver run as? [${wwwuserd}]: " wwwuser
|
|
||||||
echo ""
|
|
||||||
wwwuser=${wwwuser:-$wwwuserd}
|
|
||||||
|
|
||||||
read -p "which group does the webserver run as? [${wwwgroupd}]: " wwwgroup
|
|
||||||
echo ""
|
|
||||||
wwwgroup=${wwwgroup:-$wwwgroupd}
|
|
||||||
|
|
||||||
mkdir -p $(dirname $logfile) && touch $logfile || echo "### could not create logfile!"
|
|
||||||
echo ""
|
|
||||||
chown $wwwuser:$wwwgroup $logfile
|
|
||||||
chmod 0640 $logfile
|
|
||||||
#echo "logfile will be created at: ${logfile}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
### Apache htaccess file config
|
|
||||||
echo "if you are using apache it is recommended to enable the .htaccess file to prevent unauthorized access to the .env file and any logfile."
|
|
||||||
echo "select if you want to enable the .htaccess file:"
|
|
||||||
echo "[1] no .htaccess file. (e.g. using nginx)"
|
|
||||||
echo "[2] block access to .env file only (default log location accessible)"
|
|
||||||
echo "[3] block access to .env file and log file"
|
|
||||||
echo ""
|
|
||||||
|
|
||||||
read -p "select from the choices above [1]: " choice
|
|
||||||
echo ""
|
|
||||||
case $choice in
|
|
||||||
2)
|
|
||||||
cat > $htaccess << EOM
|
|
||||||
<FilesMatch "\.env$">
|
|
||||||
Order allow,deny
|
|
||||||
Deny from all
|
|
||||||
</FilesMatch>envfile
|
|
||||||
EOM
|
|
||||||
if [ -z $endpoint ]
|
|
||||||
then
|
|
||||||
rm .htaccess.example
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
3)
|
|
||||||
mv .htaccess{.example,}
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
if [ -z $endpoint ]
|
|
||||||
then
|
|
||||||
rm .htaccess.example
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
### nginx htaccess equivalent message
|
|
||||||
echo "if you are using nginx please read the docs about how to disable access to certain files and folders.\nyou might add a location block to the beginning of your site config as follows:"
|
|
||||||
echo -e " location ~* (env|log|json) {\n deny all;\n return 404;\n }"
|
|
||||||
|
|
||||||
read -p "do you wish to enable result return? [y/N]: " returnip
|
|
||||||
echo ""
|
|
||||||
if [[ ${returnip,,::1} == "y" ]]
|
|
||||||
then
|
|
||||||
#echo "enabling return ip"
|
|
||||||
returnip="true"
|
|
||||||
else
|
|
||||||
#echo "disabling return ip"
|
|
||||||
returnip="false"
|
|
||||||
fi
|
|
||||||
|
|
||||||
read -p "do you want to allow creation of new entries on the fly? [y/N]: " allowcreate
|
|
||||||
echo ""
|
|
||||||
if [[ ${allowcreate,,::1} == "y" ]]
|
|
||||||
then
|
|
||||||
#echo "enabling return ip"
|
|
||||||
allowcreate="true"
|
|
||||||
else
|
|
||||||
#echo "disabling return ip"
|
|
||||||
allowcreate="false"
|
|
||||||
fi
|
|
||||||
|
|
||||||
read -p "do you want to restrict updates to a specific domain entry? [Y/n]: " restrictdomain
|
|
||||||
echo ""
|
|
||||||
if [[ ${restrictdomain,,::1} == "n" ]]
|
|
||||||
then
|
|
||||||
restrictdomain="false"
|
|
||||||
else
|
|
||||||
restrictdomain="true"
|
|
||||||
echo "enter the FQDN you want to restrict updates to. If you are using third\
|
|
||||||
level domains, e.g. nas.home.example.com you should only enter example.com"
|
|
||||||
echo "use the \"host\" variable for nas.home in that case."
|
|
||||||
echo ""
|
|
||||||
read -p "domain or FQDN: " domain
|
|
||||||
echo ""
|
|
||||||
read -p "host if third level domain: " host
|
|
||||||
echo ""
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
### create the .env file
|
|
||||||
if [ -f $envfile ]
|
|
||||||
then
|
|
||||||
echo "${envfile} already exists!"
|
|
||||||
read -p "overwrite? [y/N]: " overwrite
|
|
||||||
echo ""
|
|
||||||
if [[ ! ${overwrite,,::1} == y ]]
|
|
||||||
then
|
|
||||||
echo "script cancelled. exiting"
|
|
||||||
echo ""
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
touch $envfile
|
|
||||||
echo "# file created at $(date)" >$envfile
|
|
||||||
echo "# by configuration script version ${scriptversion}" >> $envfile
|
|
||||||
echo "username=\"${user}\"" >> $envfile
|
|
||||||
echo "password=\"${pass}\"" >> $envfile
|
|
||||||
echo "apiKey=\"${apikey}\"" >> $envfile
|
|
||||||
echo "apiPassword=\"${apipass}\"" >> $envfile
|
|
||||||
echo "customerId=\"${custid}\"" >> $envfile
|
|
||||||
echo "debug=${debug}" >> $envfile
|
|
||||||
echo "log=${log}" >> $envfile
|
|
||||||
echo "logFile=${logfile}" >> $envfile
|
|
||||||
echo "returnIp=${returnip}" >> $envfile
|
|
||||||
echo "allowCreate=${allowcreate}" >> $envfile
|
|
||||||
echo "restrictDomain=${restrictdomain}" >> $envfile
|
|
||||||
if [ ! -z ${domain} ]
|
|
||||||
then
|
|
||||||
echo "domain=${domain}" >> $envfile
|
|
||||||
fi
|
|
||||||
if [ ! -z ${host} ]
|
|
||||||
then
|
|
||||||
echo "host=${host}" >> $envfile
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "created .env file at: ${envfile}"
|
|
||||||
echo ""
|
|
|
@ -1,4 +0,0 @@
|
||||||
<FilesMatch "\.(env|json)$">
|
|
||||||
Order allow,deny
|
|
||||||
Deny from all
|
|
||||||
</FilesMatch>
|
|
10
Dockerfile
Normal file
10
Dockerfile
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
FROM serversideup/php:8.3-fpm-nginx-alpine
|
||||||
|
USER root
|
||||||
|
RUN mkdir -p /var/www/html/public/src &&\
|
||||||
|
install-php-extensions soap
|
||||||
|
USER www-data
|
||||||
|
WORKDIR /var/www/html/public
|
||||||
|
COPY --chown=www-data:www-data ./data/src/ /var/www/html/public/src
|
||||||
|
COPY --chown=www-data:www-data ./data/update.php /var/www/html/public
|
||||||
|
COPY --chown=www-data:www-data ./data/.env.dist /var/www/html/public/.env
|
||||||
|
HEALTHCHECK --interval= --timeout=5s --start-period=10s CMD curl --insecure --silent --location --show-error --fail http://localhost:8080$HEALTHCHECK_PATH || exit 1
|
99
README.md
99
README.md
|
@ -1,5 +1,5 @@
|
||||||
# ownDynDNS
|
# ownDynDNS
|
||||||
Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM FRITZ!Box
|
Self-hosted dynamic DNS php-based Docker container to update netcup DNS API from consumer routers etc.
|
||||||
|
|
||||||
## Authors
|
## Authors
|
||||||
* Felix Kretschmer [@fernwerker](https://github.com/fernwerker)
|
* Felix Kretschmer [@fernwerker](https://github.com/fernwerker)
|
||||||
|
@ -8,64 +8,51 @@ Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM
|
||||||
* Nils Blume [@niiwiicamo](https://github.com/niiwiicamo)
|
* Nils Blume [@niiwiicamo](https://github.com/niiwiicamo)
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
### Install using configure scripts
|
|
||||||
* Copy `update.php`, `src/*`, `.env.dist`, `.configure.sh` and `.configure-endpoints.sh` to your webspace
|
|
||||||
* If you want multiple endpoints use .configure-endpoints.sh
|
|
||||||
* If you want a single endpoint use .configure.sh
|
|
||||||
|
|
||||||
### Manual Installation
|
This docker image only provides a basic http server as default. You should never expose this to the internet!
|
||||||
* Copy all files to your webspace
|
Use a reverse proxy or run everything locally.
|
||||||
* If you want multiple endpoints that each can only update one domain look at the mydomain folder.<br>
|
|
||||||
The update URL would be https://`url`/mydomain/update.php?(...)
|
|
||||||
* create a copy of `.env.dist` as `.env` and configure:
|
|
||||||
|
|
||||||
Parameter | Example | Explanation
|
### docker-compose.yaml
|
||||||
|
Take a look at docker-compose.yaml for inspiration.
|
||||||
|
|
||||||
|
#### The following environment variables are `required`:
|
||||||
|
env | description
|
||||||
|
---: | :---
|
||||||
|
DDNS_USER <br> DDNS_PASS | The username and password that the DynDNS client (e.g. your router) uses to authenticate to this container
|
||||||
|
NETCUP_APIKEY <br> NETCUP_APIPASS <br> NETCUP_CUSTOMERID | Your netcup credentials so this container can authorize against netcup
|
||||||
|
|
||||||
|
|
||||||
|
#### The following environment variables are `optional`:
|
||||||
|
env | default | description
|
||||||
---: | :--- | :---
|
---: | :--- | :---
|
||||||
`username` | dnsupdater | The username for your Router to authenticate (so not everyone can update your DNS)
|
DDNS_DEBUG | 0 | Includes debug information in the web response
|
||||||
`password` | secretpleasechange | password for your Router
|
DDNS_LOG | 1 | Creates a json log file
|
||||||
`apiKey` | 18neqwd91e21onei1p23841 | API key which is generated in netcup CCP
|
DDNS_LOGFILE | log.json | Log file location, relative to webroot
|
||||||
`apiPassword` | 82jewqde9m30 | API password which is generated in netcup CCP
|
DDNS_RETURNIP | 1 | Returns the updated DNS record (IPv4, IPv6, TXT)
|
||||||
`customerId` | 12345 | your netcup Customer ID
|
DDNS_ALLOWCREATE | 0 | Allows for a new DNS entry to be created and set instead of only updating existing
|
||||||
`log` | `true` / false | enables logging
|
DDNS_RESTRICTDOMAIN | 0 | Allows you to override the DNS entry to be updated
|
||||||
`logFile` | log.json | configures logfile location if enabled
|
DDNS_FORCEDDOMAIN | "" | When DDNS_RESTRICTDOMAIN is set, enter the registered domain name (e.g. example.com)
|
||||||
`debug` | true / `false` | enables debug mode and generates more output from update.php (normal operation has no output). Needed to receive stack traces from errors.
|
DDNS_FORCEDHOST | "" | When DDNS_RESTRICTDOMAIN is set, enter the DNS entry host name (e.g. _acme-challenge.test.home)
|
||||||
`returnIp` | `true` / false | enables return of result if a record was changed
|
|
||||||
`allowCreate` | true/`false` | allows creation of entries if parameter `create=true` in URL
|
|
||||||
`restrictDomain` | true / `false` | allows admin to restrict the domain to update to a given value `domain` and/or `host`. See URL parameters for host parameter explanation
|
|
||||||
`allowNetcupCreds` | true / `false` | allows the user to pass netcup credentials directly via the URL. URL creds will be preferred if any still exist in .env file
|
|
||||||
`allowAnonymous` | true / `false` | allows anonymous login, recommended only if you do not store any credentials and disable logging
|
|
||||||
|
|
||||||
* alternatively you can use .configure.sh to create your .env file for you (if you are on a *NIX system)
|
|
||||||
|
|
||||||
* Create each host record in your netcup CCP (DNS settings) before using the script. <s>The script does not create any missing records.</s><br>
|
|
||||||
You can now set `allowCreate=true` in .env and pass `create=true` as URL parameter to create entries on the fly.
|
|
||||||
|
|
||||||
|
|
||||||
## URL possible uses:
|
### URL contents:
|
||||||
### Required parameters in URL:
|
|
||||||
|
|
||||||
<b>user, password and domain</b> are <i> always needed</i>, as well as at least one of the following: <br>
|
#### The following parameters are supported
|
||||||
<b>ipv4, ipv6, txt</b>
|
|
||||||
|
|
||||||
|
`You must include: user, password, domain and one of ipv4, ipv6 and txt`
|
||||||
|
|
||||||
Parameter | Example | Explanation
|
parameter | example | description
|
||||||
---: | :--- | :---
|
---: | :--- | :---
|
||||||
user | dnsupdater | username to authenticate against this script as defined in .env file. If anonymous login is allowed in .env: `anonymous`
|
user | dnsupdater | The DDNS_USER
|
||||||
password | secretpleasechange | password for that user as defined in .env file
|
password | secretpleasechange | The DDNS_PASS
|
||||||
domain | home.example.com | `case A)` If `host` is not specified: the FQDN for your host
|
domain | `a)` home.example.com <br> `b)` example.com <br> `c)` example.com | `a)` The FQDN to update <br> `b)` The registered domain only, for multi part host names <br> `c)` The domain if you want to update the @ or * record
|
||||||
domain | example.com | `case B)` If you want to update the @ or * record
|
host | nas.home | optional; `case b)` If your domain contains more than 3 levels, e.g. "nas.home.example.com"
|
||||||
domain | example.com | `case C)` If `host`is specified: only the domain part as registered at netcup "nas.home.example.com"
|
ipv4 | 1.2.3.4 | the ipv4 address to update a A record
|
||||||
host | nas.home | `case C)` If your domain contains more than 3 levels "nas.home.example.com"
|
ipv6 | fe80::12:34:56 | the ipv6 address to update a AAAA record
|
||||||
ipv4 | 1.2.3.4 | the ipv4 address to update an existing A record
|
txt | acme-challenge-text | the content to update a TXT record
|
||||||
ipv6 | fe80::12:34:56 | the ipv6 address to update an existing AAAA record
|
force | true | optional; ignore checking if the record needs to be updated, just do it anyways. Default: `false`
|
||||||
txt | acme-challenge-text | the content to update an existing TXT record
|
mode | * | optional; `case c)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@`
|
||||||
force | true | ignore checking if the record needs to be updated, just do it anyways. Default: `false`
|
create | true | optional; create all entries if none exist. e.g. will not create A if AAAA exists. Needs `DDNS_ALLOWCREATE=1`
|
||||||
mode | * | `case B)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@`
|
|
||||||
create | true | create all entries if none exist. e.g. will not create A if AAAA exists. Needs `allowCreate=true` in .env
|
|
||||||
customerId | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
|
|
||||||
apiKey | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
|
|
||||||
apiPassword | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### Example URL to update A record (IPv4) of home.example.com:
|
#### Example URL to update A record (IPv4) of home.example.com:
|
||||||
|
@ -100,8 +87,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
||||||
* Domainname: `<host record that is supposed to be updated>`
|
* Domainname: `<host record that is supposed to be updated>`
|
||||||
* Multiple Domains:
|
* Multiple Domains:
|
||||||
* Domainname: `<first host record that is supposed to be updated>,<second host record that is supposed to be updated>,....`
|
* Domainname: `<first host record that is supposed to be updated>,<second host record that is supposed to be updated>,....`
|
||||||
* Username: `<username as defined in .env file>`
|
* Username: `<DDNS_USER>`
|
||||||
* Password: `<password as definied in .env file>`
|
* Password: `<DDNS_PASS>`
|
||||||
|
|
||||||
### Synology DSM Settings
|
### Synology DSM Settings
|
||||||
* Go to "Control Panel" -> "External Access" -> "DDNS"
|
* Go to "Control Panel" -> "External Access" -> "DDNS"
|
||||||
|
@ -114,8 +101,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
||||||
* Click on "Add" to create a DDNS job
|
* Click on "Add" to create a DDNS job
|
||||||
* Select your custom provider. Notice that an asterisk [*] has appeared in front of the name to signify that this is a custom provider.
|
* Select your custom provider. Notice that an asterisk [*] has appeared in front of the name to signify that this is a custom provider.
|
||||||
* Hostname: `<host record that is supposed to be updated>`
|
* Hostname: `<host record that is supposed to be updated>`
|
||||||
* Username/Email: `<username as defined in .env file>`
|
* Username/Email: `<DDNS_USER>`
|
||||||
* Password/Key: `<password as defined in .env file>`
|
* Password/Key: `<DDNS_PASS>`
|
||||||
* External Address (IPv4): probably "Auto", uses Synology service to find own external IP
|
* External Address (IPv4): probably "Auto", uses Synology service to find own external IP
|
||||||
* External Address (IPv6): doesn't matter, currently not supported by Synology
|
* External Address (IPv6): doesn't matter, currently not supported by Synology
|
||||||
|
|
||||||
|
@ -125,7 +112,7 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
||||||
* Service Type: "Custom"
|
* Service Type: "Custom"
|
||||||
* Interface to monitor: `<select you WAN interface>`
|
* Interface to monitor: `<select you WAN interface>`
|
||||||
* Interface to send update from: `<select your WAN interface>`
|
* Interface to send update from: `<select your WAN interface>`
|
||||||
* Update URL: `https://<url of your webspace>/update.php?user=<user from .env>&password=<password from .env>&ipv4=%IP%&domain=<host record to update>`
|
* Update URL: `https://<url of your webspace>/update.php?user=<DDNS_USER>&password=<DDNS_PASS>&ipv4=%IP%&domain=<host record to update>`
|
||||||
* Leave all other fields empty / default
|
* Leave all other fields empty / default
|
||||||
|
|
||||||
# run as cronjob on a **nix based device
|
# run as cronjob on a **nix based device
|
||||||
|
@ -137,4 +124,4 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
||||||
|
|
||||||
## License
|
## License
|
||||||
Published under GNU General Public License v3.0
|
Published under GNU General Public License v3.0
|
||||||
© Felix Kretschmer, 2021
|
Original: © Felix Kretschmer, 2021
|
||||||
|
|
|
@ -17,4 +17,44 @@ if (!file_exists('.env')) {
|
||||||
|
|
||||||
$config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
|
$config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
|
||||||
|
|
||||||
|
if (getenv('DDNS_USER') !== false) {
|
||||||
|
$config['username'] = getenv('DDNS_USER');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_PASS') !== false) {
|
||||||
|
$config['password'] = getenv('DDNS_PASS');
|
||||||
|
}
|
||||||
|
if (getenv('NETCUP_APIKEY') !== false) {
|
||||||
|
$config['apiKey'] = getenv('NETCUP_APIKEY');
|
||||||
|
}
|
||||||
|
if (getenv('NETCUP_APIPASS') !== false) {
|
||||||
|
$config['apiPassword'] = getenv('NETCUP_APIPASS');
|
||||||
|
}
|
||||||
|
if (getenv('NETCUP_CUSTOMERID') !== false) {
|
||||||
|
$config['customerId'] = getenv('NETCUP_CUSTOMERID');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_DEBUG') !== false) {
|
||||||
|
$config['debug'] = getenv('DDNS_DEBUG');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_LOG') !== false) {
|
||||||
|
$config['log'] = getenv('DDNS_LOG');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_LOGFILE') !== false) {
|
||||||
|
$config['logFile'] = getenv('DDNS_LOGFILE');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_RETURNIP') !== false) {
|
||||||
|
$config['returnIp'] = getenv('DDNS_RETURNIP');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_ALLOWCREATE') !== false) {
|
||||||
|
$config['allowCreate'] = getenv('DDNS_ALLOWCREATE');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_RESTRICTDOMAIN') !== false) {
|
||||||
|
$config['restrictDomain'] = getenv('DDNS_RESTRICTDOMAIN');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_FORCEDDOMAIN') !== false) {
|
||||||
|
$config['domain'] = getenv('DDNS_FORCEDDOMAIN');
|
||||||
|
}
|
||||||
|
if (getenv('DDNS_FORCEDHOST') !== false) {
|
||||||
|
$config['host'] = getenv('DDNS_FORCEDHOST');
|
||||||
|
}
|
||||||
|
|
||||||
(new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
|
(new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
|
||||||
|
|
|
@ -1,23 +1,20 @@
|
||||||
version: "3"
|
|
||||||
services:
|
services:
|
||||||
|
owndyndns:
|
||||||
nginx:
|
container_name: dyndns
|
||||||
build:
|
image: niiwiicamo/owndyndns
|
||||||
context: .
|
environment:
|
||||||
dockerfile: nginx/Dockerfile
|
DDNS_USER: changeme
|
||||||
|
DDNS_PASS: changeme
|
||||||
|
NETCUP_APIKEY: 12345asdf
|
||||||
|
NETCUP_APIPASS: asdf12345
|
||||||
|
NETCUP_CUSTOMERID: 01234
|
||||||
|
DDNS_DEBUG: 0 # optional, default: 0
|
||||||
|
DDNS_LOG: 0 # optional, default: 1
|
||||||
|
# DDNS_LOGFILE: log.json # optional, default: log.json
|
||||||
|
DDNS_RETURNIP: 0 # optional, default: 1
|
||||||
|
DDNS_ALLOWCREATE: 1 # optional, default: 0
|
||||||
|
# DDNS_RESTRICTDOMAIN: 0 # optional, default: 0
|
||||||
|
# DDNS_FORCEDDOMAIN: example.net # optional, default empty
|
||||||
|
# DDNS_FORCEDHOST: hostname # optional, default empty
|
||||||
ports:
|
ports:
|
||||||
- "8180:80"
|
- 8080:8080
|
||||||
volumes:
|
|
||||||
- data:/var/www/html
|
|
||||||
|
|
||||||
php:
|
|
||||||
build:
|
|
||||||
context: .
|
|
||||||
dockerfile: php/Dockerfile
|
|
||||||
depends_on:
|
|
||||||
- nginx
|
|
||||||
volumes:
|
|
||||||
- data:/var/www/html
|
|
||||||
|
|
||||||
volumes:
|
|
||||||
data:
|
|
||||||
|
|
|
@ -1,67 +0,0 @@
|
||||||
# Multiple Endpoints with separate credentials
|
|
||||||
For advanced use you might want to have separate users that can each only update one domain entry.
|
|
||||||
|
|
||||||
In that case it might be beneficial to habe multiple endpoints, e.g. `https://dyndns.example.com/endpointN/update.php` where endpointN is any directory name you wish.
|
|
||||||
|
|
||||||
## Setting up multiple endpoints
|
|
||||||
The directory structure of your webroot might look like this:
|
|
||||||
<pre>
|
|
||||||
├── index.html
|
|
||||||
├── src
|
|
||||||
│ ├── Config.php
|
|
||||||
│ ├── Handler.php
|
|
||||||
│ ├── Payload.php
|
|
||||||
│ └── Soap.php
|
|
||||||
├── fritzbox # this is a subdomain
|
|
||||||
│ ├── .env
|
|
||||||
│ └── update.php
|
|
||||||
├── nas # this is another
|
|
||||||
│ ├── .env
|
|
||||||
│ └── update.php
|
|
||||||
├── examplenet # uses another netcup account
|
|
||||||
│ ├── .env
|
|
||||||
│ └── update.php
|
|
||||||
└── subdomain1 # and another subdomain
|
|
||||||
├── .env
|
|
||||||
└── update.php
|
|
||||||
</pre>
|
|
||||||
|
|
||||||
Here the update.php files are copied from the mydomain example directory. All .env files contain different user credentials and may even use different netcup credentials.
|
|
||||||
|
|
||||||
## Setting up domain restrictions per .env file
|
|
||||||
It is nice to have multiple sets of credentials, but if anyone can update any entry of any domain this defeats the purpose.
|
|
||||||
|
|
||||||
That is why you can enable domain restriction per .env file and thereby per set of user credentials.
|
|
||||||
|
|
||||||
In these cases you the domain you send in your url will be ignored in favour of the one configured in the .env file. <b>You still need to send a placeholder for validation purposes.</b>
|
|
||||||
|
|
||||||
Example .env file for fritzbox.example.com.<br>
|
|
||||||
Callable by: `https://dyndns.example.com/fritzbox/update.php?user=fritzbox&password=changeme&domain=placeholder&ipv4=1.2.3.4`
|
|
||||||
<pre>
|
|
||||||
username="fritzbox"
|
|
||||||
password="changemeplease"
|
|
||||||
apiKey="j1meo213em823jd2q9"
|
|
||||||
apiPassword="12345secret"
|
|
||||||
customerId="12345"
|
|
||||||
debug=false
|
|
||||||
log=true
|
|
||||||
logFile=/var/log/dnsupdater/fritzbox.json
|
|
||||||
restrictDomain=true
|
|
||||||
domain=fritzbox.example.com
|
|
||||||
</pre>
|
|
||||||
|
|
||||||
Example .env file for nas.home.example.com.<br>
|
|
||||||
Callable by: `https://dyndns.example.com/nas/update.php?user=nas&password=changeme&domain=placeholder&ipv4=1.2.3.4`
|
|
||||||
<pre>
|
|
||||||
username="nas"
|
|
||||||
password="changemeplease"
|
|
||||||
apiKey="j1meo213em823jd2q9"
|
|
||||||
apiPassword="12345secret"
|
|
||||||
customerId="12345"
|
|
||||||
debug=false
|
|
||||||
log=true
|
|
||||||
logFile=/var/log/dnsupdater/nas.json
|
|
||||||
restrictDomain=true
|
|
||||||
domain=example.com # for explicit use of third-level domain
|
|
||||||
host=nas.home # we use the optional host parameter
|
|
||||||
</pre>
|
|
|
@ -1,12 +0,0 @@
|
||||||
username="only-mydomain"
|
|
||||||
password="changemeplease"
|
|
||||||
apiKey="netcup DNS API Key"
|
|
||||||
apiPassword="netcup DNS API Password"
|
|
||||||
customerId="netcup customer ID"
|
|
||||||
debug=false
|
|
||||||
log=true
|
|
||||||
logFile=mydomain.json
|
|
||||||
returnIp=true
|
|
||||||
allowCreate=false
|
|
||||||
restrictDomain=true
|
|
||||||
domain="mydomain.example.com"
|
|
|
@ -1,20 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
error_reporting(-1);
|
|
||||||
ini_set('display_errors', 1);
|
|
||||||
ini_set('html_errors', 0);
|
|
||||||
|
|
||||||
header('Content-Type: text/plain; charset=utf-8');
|
|
||||||
|
|
||||||
require_once __DIR__ . '/../src/Soap.php';
|
|
||||||
require_once __DIR__ . '/../src/Config.php';
|
|
||||||
require_once __DIR__ . '/../src/Payload.php';
|
|
||||||
require_once __DIR__ . '/../src/Handler.php';
|
|
||||||
|
|
||||||
if (!file_exists('.env')) {
|
|
||||||
throw new RuntimeException('.env file missing');
|
|
||||||
}
|
|
||||||
|
|
||||||
$config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
|
|
||||||
|
|
||||||
(new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
|
|
|
@ -1,54 +0,0 @@
|
||||||
#
|
|
||||||
# This assumes you already have the html { block configured
|
|
||||||
#
|
|
||||||
|
|
||||||
server {
|
|
||||||
|
|
||||||
listen 80; # highly recommend to use 443 and ssl, look into using certbot
|
|
||||||
|
|
||||||
server_name dyndns.example.com;
|
|
||||||
root /var/www/dnydns.example.com;
|
|
||||||
|
|
||||||
# if you are using a dedicated site remove everythin except update.php
|
|
||||||
# update.php;
|
|
||||||
update.php index index.html index.htm index.nginx-debian.html index.php;
|
|
||||||
|
|
||||||
# deny all access to any file containing "env", "log" or "json"
|
|
||||||
# returns 404 as if file did not exist
|
|
||||||
location ~* (env|log|json) {
|
|
||||||
deny all;
|
|
||||||
return 404;
|
|
||||||
}
|
|
||||||
|
|
||||||
# deny access to any file .ht* like .htaccess or .htpasswd
|
|
||||||
location ~ /\.ht {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
|
|
||||||
# pass PHP scripts to FastCGI server
|
|
||||||
location ~ \.php$ {
|
|
||||||
|
|
||||||
# FastCGI config, might be in another file that is included
|
|
||||||
|
|
||||||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
|
|
||||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
|
||||||
|
|
||||||
# Check that the PHP script exists before passing it
|
|
||||||
try_files $fastcgi_script_name =404;
|
|
||||||
|
|
||||||
# Bypass the fact that try_files resets $fastcgi_path_info
|
|
||||||
# see: http://trac.nginx.org/nginx/ticket/321
|
|
||||||
set $path_info $fastcgi_path_info;
|
|
||||||
fastcgi_param PATH_INFO $path_info;
|
|
||||||
|
|
||||||
fastcgi_index index.php;
|
|
||||||
include fastcgi.conf;
|
|
||||||
|
|
||||||
|
|
||||||
# With php-fpm (or other unix sockets):
|
|
||||||
fastcgi_pass unix:/run/php/php-fpm.sock;
|
|
||||||
# With php-cgi (or other tcp sockets):
|
|
||||||
# fastcgi_pass 127.0.0.1:9000;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,26 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
# you can run this script from **ix bases device to update (different) Records
|
|
||||||
|
|
||||||
USER="max_mustermann"
|
|
||||||
PASS="s3cr3t"
|
|
||||||
DOMAIN="my-home-nas.de"
|
|
||||||
#DOMAIN="nas.my-home.de"
|
|
||||||
SCRIPT="https://<url of your webspace>/update.php"
|
|
||||||
FORCE=0
|
|
||||||
MODE="both" # can be undefined, "@", "*" or "both"
|
|
||||||
|
|
||||||
IPV4=$(curl -4 -q v4.ident.me)
|
|
||||||
IPV6=$(curl -6 -q v6.ident.me)
|
|
||||||
|
|
||||||
echo ${IPV4}
|
|
||||||
echo ${IPV6}
|
|
||||||
|
|
||||||
# PAYLOAD_IPV4="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&domain=${DOMAIN}&mode=${MODE}"
|
|
||||||
# curl -X POST --data "${PAYLOAD_IPV4}" ${SCRIPT}
|
|
||||||
|
|
||||||
# PAYLOAD_IPV6="force=${FORCE}&user=${USER}&password=${PASS}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE"}
|
|
||||||
# curl -X POST --data "${PAYLOAD_IPV6}" ${SCRIPT}
|
|
||||||
|
|
||||||
PAYLOAD_BOTH="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE}"
|
|
||||||
curl -X POST --data "${PAYLOAD_BOTH}" ${SCRIPT}
|
|
|
@ -1,7 +0,0 @@
|
||||||
FROM nginx:alpine
|
|
||||||
RUN mkdir -p /var/www/html/src
|
|
||||||
COPY ./nginx/default.conf /etc/nginx/conf.d/
|
|
||||||
COPY ./data/src/ /var/www/html/src
|
|
||||||
COPY ./data/update.php /var/www/html
|
|
||||||
COPY ./data/.env.dist /var/www/html/.env
|
|
||||||
VOLUME /var/www/html
|
|
|
@ -1,13 +0,0 @@
|
||||||
server {
|
|
||||||
listen 0.0.0.0:80;
|
|
||||||
root /var/www/html;
|
|
||||||
location / {
|
|
||||||
return 302 https://github.com/NiiWiiCamo/ownDynDNS;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php:9000;
|
|
||||||
fastcgi_index index.php;
|
|
||||||
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,4 +0,0 @@
|
||||||
FROM php:fpm-alpine
|
|
||||||
RUN apk add --no-cache libxml2-dev \
|
|
||||||
&& docker-php-ext-install soap
|
|
||||||
VOLUME /var/www/html
|
|
Loading…
Add table
Add a link
Reference in a new issue