mirror of
https://github.com/fernwerker/ownDynDNS.git
synced 2025-07-10 14:15:14 +02:00
Merge pull request #3 from NiiWiiCamo/combined_dockerfile
Combined dockerfile
This commit is contained in:
commit
8262928014
15 changed files with 111 additions and 619 deletions
|
@ -1,70 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
scriptversion="1.0"
|
||||
srcfolder="src"
|
||||
updatephp="update.php"
|
||||
configuresh=".configure.sh"
|
||||
|
||||
### banner
|
||||
clear
|
||||
echo "##############################################"
|
||||
echo "### ownDynDNS multi-endpoint configuration ###"
|
||||
echo "### script version $scriptversion ###"
|
||||
echo "##############################################"
|
||||
echo ""
|
||||
|
||||
echo "This script will set up multiple endpoints within the same webspace.\
|
||||
That means you can use multiple sets of user credentials each with their own\
|
||||
permissions regarding which domains to update."
|
||||
echo ""
|
||||
echo "It is recommended you use the webroot of your desired webspace, although\
|
||||
you could place this directory structure anywhere you like, e.g. in a\
|
||||
subdirectory of your homepage like example.com/dyndns/[this tree] ."
|
||||
echo ""
|
||||
echo "This script assumes you have already downloaded the update.php script\
|
||||
and the src directory including its contents."
|
||||
echo ""
|
||||
|
||||
### set up dir variable for this script
|
||||
dir=$(pwd)
|
||||
while [ ! -d $dir/$srcfolder ]
|
||||
do
|
||||
echo "current directory does not contain ${srcfolder} !"
|
||||
read -p "enter directory where ownDynDNS is located: " dir
|
||||
done
|
||||
|
||||
### set up user and group for permissions later
|
||||
echo "This script will automatically set the necessary file permissions for\
|
||||
your webserver. This might be www-data:www-data, please check if you run\
|
||||
into any issues."
|
||||
echo ""
|
||||
read -p "enter the user the webserver is running as [www-data]: " wwwuserd
|
||||
read -p "enter the group the webserver is running as [www-data]: " wwwgroupd
|
||||
wwwuserd=${wwwuserd:-"www-data"}
|
||||
wwwgroupd=${wwwgroupd:-"www-data"}
|
||||
|
||||
|
||||
createEndpoint() {
|
||||
local endpoint=$1
|
||||
mkdir $dir/$endpoint
|
||||
cp $dir/$updatephp $dir/$endpoint
|
||||
chmod +x $dir/$configuresh
|
||||
$dir/$configuresh $dir/$endpoint
|
||||
chown $wwwuserd:$wwwgroupd $dir/$endpoint/$updatephp
|
||||
chmod 440 $dir/$endpoint/$updatephp
|
||||
chown $wwwuserd:$wwwgroupd $dir/$endpoint/.env
|
||||
chmod 440 $dir/$endpoint/.env
|
||||
}
|
||||
|
||||
echo "##############################################"
|
||||
echo "You will now start adding endpoints which are just subdirectories\
|
||||
that contain the update.php file as well as a customized .env file."
|
||||
echo ""
|
||||
|
||||
### endpoint creation loop
|
||||
while true
|
||||
do
|
||||
read -p "enter endpoint name [Empty to quit]: " endpoint
|
||||
if [ -z $endpoint ]; then break; fi
|
||||
createEndpoint $endpoint
|
||||
done
|
265
.configure.sh
265
.configure.sh
|
@ -1,265 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# set variables
|
||||
scriptversion="1.6"
|
||||
|
||||
defaultenvfile=".env.dist"
|
||||
|
||||
if [ ! -z $1 ]
|
||||
then
|
||||
dir=$1
|
||||
endpoint=$(basename ${dir})
|
||||
|
||||
# set up log file location suggestion
|
||||
log1="/var/log/dnsupdater/${endpoint}.json"
|
||||
log2="${dir}/log.json"
|
||||
|
||||
else
|
||||
echo "### ownDynDNS configuration script"
|
||||
|
||||
wwwuserd="www-data"
|
||||
wwwgroupd="www-data"
|
||||
|
||||
dir=$(pwd)
|
||||
while [ ! -f $dir/$defaultenvfile ]
|
||||
do
|
||||
echo "current directory does not contain ${defaultenvfile} !"
|
||||
read -p "enter directory where ownDynDNS is located: " dir
|
||||
done
|
||||
|
||||
# source .env.dist
|
||||
source $dir/$defaultenvfile
|
||||
|
||||
# set up log file location suggestions
|
||||
log1="$logFile"
|
||||
log2="/var/log/dnsupdater/log.json"
|
||||
fi
|
||||
|
||||
|
||||
envfile="${dir}/.env"
|
||||
|
||||
|
||||
### main script
|
||||
#echo "found ${defaultenvfile}. using current directory"
|
||||
|
||||
read -p "enter a custom username for dns updates [random]: " user
|
||||
user=${user:-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)}
|
||||
echo "using username: ${user}"
|
||||
|
||||
read -s -p "enter a custom password for dns updates [random]: " pass
|
||||
pass=${pass:-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)}
|
||||
echo ""
|
||||
echo "using password: ${pass}"
|
||||
|
||||
if [ -z $DDNS_NETCUP_API_KEY ]
|
||||
then
|
||||
read -s -p "enter your netcup DNS API Key: " apikey
|
||||
echo ""
|
||||
else
|
||||
echo -e "Found DDNS_NETCUP_API_KEY. Leave empty to use or enter new DNS API Key\n"
|
||||
read -p "DNS API Key [${DDNS_NETCUP_API_KEY}]: " apikey
|
||||
apikey=${apikey:-$DDNS_NETCUP_API_KEY}
|
||||
fi
|
||||
|
||||
if [ -z $DDNS_NETCUP_API_PASSWORD ]
|
||||
then
|
||||
read -s -p "enter your netcup API Password: " apipass
|
||||
echo ""
|
||||
else
|
||||
echo "Found DDNS_NETCUP_API_PASSWORD. Leave empty to use or enter new DNS API Password"
|
||||
read -p "DNS API Password [${DDNS_NETCUP_API_PASSWORD}]: " apipass
|
||||
echo ""
|
||||
apipass=${apipass:-$DDNS_NETCUP_API_PASSWORD}
|
||||
fi
|
||||
|
||||
if [ -z $DDNS_NETCUP_CUSTOMER_ID ]
|
||||
then
|
||||
read -s -p "enter your netcup customer ID: " custid
|
||||
echo ""
|
||||
else
|
||||
echo "Found DDNS_NETCUP_CUSTOMER_ID. Leave empty to use or enter new customer ID"
|
||||
read -p "Netcup customer ID [${DDNS_NETCUP_CUSTOMER_ID}]: " custid
|
||||
echo ""
|
||||
custid=${custid:-$DDNS_NETCUP_CUSTOMER_ID}
|
||||
fi
|
||||
|
||||
read -p "do you wish to enable debugging? [y/N]: " debug
|
||||
echo ""
|
||||
if [[ ${debug,,::1} == "y" ]]
|
||||
then
|
||||
#echo "enabling debugging"
|
||||
debug="true"
|
||||
else
|
||||
#echo "disabling debugging"
|
||||
debug="false"
|
||||
fi
|
||||
|
||||
read -p "do you want to enable logging? [Y/n]: " log
|
||||
echo ""
|
||||
if [[ ${log,,::1} != "n" ]]
|
||||
then
|
||||
#echo "enabling logging"
|
||||
log="true"
|
||||
else
|
||||
#echo "disabling logging"
|
||||
log="false"
|
||||
fi
|
||||
|
||||
echo "the logfile is created in this directory by default. your ip history is thereby publically available."
|
||||
echo "select where the logfile should be created if enabled:"
|
||||
echo "[1] default: ${log1}"
|
||||
echo "[2] private: ${log2}"
|
||||
echo "[3] custom location"
|
||||
|
||||
read -p "select from the choices above [1]: " choice
|
||||
echo ""
|
||||
case $choice in
|
||||
2)
|
||||
logfile=${log2}
|
||||
;;
|
||||
3)
|
||||
read -p "enter logfile location: " logfile
|
||||
echo ""
|
||||
logfile=${logfile:-$log1}
|
||||
;;
|
||||
*)
|
||||
logfile=${log1}
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -z ${endpoint} ]
|
||||
then
|
||||
echo "the logfile needs to be writable by the webserver if logging is enabled."
|
||||
read -p "which user does the webserver run as? [${wwwuserd}]: " wwwuser
|
||||
echo ""
|
||||
wwwuser=${wwwuser:-$wwwuserd}
|
||||
|
||||
read -p "which group does the webserver run as? [${wwwgroupd}]: " wwwgroup
|
||||
echo ""
|
||||
wwwgroup=${wwwgroup:-$wwwgroupd}
|
||||
|
||||
mkdir -p $(dirname $logfile) && touch $logfile || echo "### could not create logfile!"
|
||||
echo ""
|
||||
chown $wwwuser:$wwwgroup $logfile
|
||||
chmod 0640 $logfile
|
||||
#echo "logfile will be created at: ${logfile}"
|
||||
fi
|
||||
|
||||
|
||||
### Apache htaccess file config
|
||||
echo "if you are using apache it is recommended to enable the .htaccess file to prevent unauthorized access to the .env file and any logfile."
|
||||
echo "select if you want to enable the .htaccess file:"
|
||||
echo "[1] no .htaccess file. (e.g. using nginx)"
|
||||
echo "[2] block access to .env file only (default log location accessible)"
|
||||
echo "[3] block access to .env file and log file"
|
||||
echo ""
|
||||
|
||||
read -p "select from the choices above [1]: " choice
|
||||
echo ""
|
||||
case $choice in
|
||||
2)
|
||||
cat > $htaccess << EOM
|
||||
<FilesMatch "\.env$">
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</FilesMatch>envfile
|
||||
EOM
|
||||
if [ -z $endpoint ]
|
||||
then
|
||||
rm .htaccess.example
|
||||
fi
|
||||
;;
|
||||
3)
|
||||
mv .htaccess{.example,}
|
||||
;;
|
||||
*)
|
||||
if [ -z $endpoint ]
|
||||
then
|
||||
rm .htaccess.example
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
### nginx htaccess equivalent message
|
||||
echo "if you are using nginx please read the docs about how to disable access to certain files and folders.\nyou might add a location block to the beginning of your site config as follows:"
|
||||
echo -e " location ~* (env|log|json) {\n deny all;\n return 404;\n }"
|
||||
|
||||
read -p "do you wish to enable result return? [y/N]: " returnip
|
||||
echo ""
|
||||
if [[ ${returnip,,::1} == "y" ]]
|
||||
then
|
||||
#echo "enabling return ip"
|
||||
returnip="true"
|
||||
else
|
||||
#echo "disabling return ip"
|
||||
returnip="false"
|
||||
fi
|
||||
|
||||
read -p "do you want to allow creation of new entries on the fly? [y/N]: " allowcreate
|
||||
echo ""
|
||||
if [[ ${allowcreate,,::1} == "y" ]]
|
||||
then
|
||||
#echo "enabling return ip"
|
||||
allowcreate="true"
|
||||
else
|
||||
#echo "disabling return ip"
|
||||
allowcreate="false"
|
||||
fi
|
||||
|
||||
read -p "do you want to restrict updates to a specific domain entry? [Y/n]: " restrictdomain
|
||||
echo ""
|
||||
if [[ ${restrictdomain,,::1} == "n" ]]
|
||||
then
|
||||
restrictdomain="false"
|
||||
else
|
||||
restrictdomain="true"
|
||||
echo "enter the FQDN you want to restrict updates to. If you are using third\
|
||||
level domains, e.g. nas.home.example.com you should only enter example.com"
|
||||
echo "use the \"host\" variable for nas.home in that case."
|
||||
echo ""
|
||||
read -p "domain or FQDN: " domain
|
||||
echo ""
|
||||
read -p "host if third level domain: " host
|
||||
echo ""
|
||||
fi
|
||||
|
||||
|
||||
### create the .env file
|
||||
if [ -f $envfile ]
|
||||
then
|
||||
echo "${envfile} already exists!"
|
||||
read -p "overwrite? [y/N]: " overwrite
|
||||
echo ""
|
||||
if [[ ! ${overwrite,,::1} == y ]]
|
||||
then
|
||||
echo "script cancelled. exiting"
|
||||
echo ""
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
touch $envfile
|
||||
echo "# file created at $(date)" >$envfile
|
||||
echo "# by configuration script version ${scriptversion}" >> $envfile
|
||||
echo "username=\"${user}\"" >> $envfile
|
||||
echo "password=\"${pass}\"" >> $envfile
|
||||
echo "apiKey=\"${apikey}\"" >> $envfile
|
||||
echo "apiPassword=\"${apipass}\"" >> $envfile
|
||||
echo "customerId=\"${custid}\"" >> $envfile
|
||||
echo "debug=${debug}" >> $envfile
|
||||
echo "log=${log}" >> $envfile
|
||||
echo "logFile=${logfile}" >> $envfile
|
||||
echo "returnIp=${returnip}" >> $envfile
|
||||
echo "allowCreate=${allowcreate}" >> $envfile
|
||||
echo "restrictDomain=${restrictdomain}" >> $envfile
|
||||
if [ ! -z ${domain} ]
|
||||
then
|
||||
echo "domain=${domain}" >> $envfile
|
||||
fi
|
||||
if [ ! -z ${host} ]
|
||||
then
|
||||
echo "host=${host}" >> $envfile
|
||||
fi
|
||||
|
||||
echo "created .env file at: ${envfile}"
|
||||
echo ""
|
|
@ -1,4 +0,0 @@
|
|||
<FilesMatch "\.(env|json)$">
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</FilesMatch>
|
10
Dockerfile
Normal file
10
Dockerfile
Normal file
|
@ -0,0 +1,10 @@
|
|||
FROM serversideup/php:8.3-fpm-nginx-alpine
|
||||
USER root
|
||||
RUN mkdir -p /var/www/html/public/src &&\
|
||||
install-php-extensions soap
|
||||
USER www-data
|
||||
WORKDIR /var/www/html/public
|
||||
COPY --chown=www-data:www-data ./data/src/ /var/www/html/public/src
|
||||
COPY --chown=www-data:www-data ./data/update.php /var/www/html/public
|
||||
COPY --chown=www-data:www-data ./data/.env.dist /var/www/html/public/.env
|
||||
HEALTHCHECK --interval= --timeout=5s --start-period=10s CMD curl --insecure --silent --location --show-error --fail http://localhost:8080$HEALTHCHECK_PATH || exit 1
|
99
README.md
99
README.md
|
@ -1,5 +1,5 @@
|
|||
# ownDynDNS
|
||||
Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM FRITZ!Box
|
||||
Self-hosted dynamic DNS php-based Docker container to update netcup DNS API from consumer routers etc.
|
||||
|
||||
## Authors
|
||||
* Felix Kretschmer [@fernwerker](https://github.com/fernwerker)
|
||||
|
@ -8,64 +8,51 @@ Self-hosted dynamic DNS php script to update netcup DNS API from Router like AVM
|
|||
* Nils Blume [@niiwiicamo](https://github.com/niiwiicamo)
|
||||
|
||||
## Usage
|
||||
### Install using configure scripts
|
||||
* Copy `update.php`, `src/*`, `.env.dist`, `.configure.sh` and `.configure-endpoints.sh` to your webspace
|
||||
* If you want multiple endpoints use .configure-endpoints.sh
|
||||
* If you want a single endpoint use .configure.sh
|
||||
|
||||
### Manual Installation
|
||||
* Copy all files to your webspace
|
||||
* If you want multiple endpoints that each can only update one domain look at the mydomain folder.<br>
|
||||
The update URL would be https://`url`/mydomain/update.php?(...)
|
||||
* create a copy of `.env.dist` as `.env` and configure:
|
||||
This docker image only provides a basic http server as default. You should never expose this to the internet!
|
||||
Use a reverse proxy or run everything locally.
|
||||
|
||||
Parameter | Example | Explanation
|
||||
### docker-compose.yaml
|
||||
Take a look at docker-compose.yaml for inspiration.
|
||||
|
||||
#### The following environment variables are `required`:
|
||||
env | description
|
||||
---: | :---
|
||||
DDNS_USER <br> DDNS_PASS | The username and password that the DynDNS client (e.g. your router) uses to authenticate to this container
|
||||
NETCUP_APIKEY <br> NETCUP_APIPASS <br> NETCUP_CUSTOMERID | Your netcup credentials so this container can authorize against netcup
|
||||
|
||||
|
||||
#### The following environment variables are `optional`:
|
||||
env | default | description
|
||||
---: | :--- | :---
|
||||
`username` | dnsupdater | The username for your Router to authenticate (so not everyone can update your DNS)
|
||||
`password` | secretpleasechange | password for your Router
|
||||
`apiKey` | 18neqwd91e21onei1p23841 | API key which is generated in netcup CCP
|
||||
`apiPassword` | 82jewqde9m30 | API password which is generated in netcup CCP
|
||||
`customerId` | 12345 | your netcup Customer ID
|
||||
`log` | `true` / false | enables logging
|
||||
`logFile` | log.json | configures logfile location if enabled
|
||||
`debug` | true / `false` | enables debug mode and generates more output from update.php (normal operation has no output). Needed to receive stack traces from errors.
|
||||
`returnIp` | `true` / false | enables return of result if a record was changed
|
||||
`allowCreate` | true/`false` | allows creation of entries if parameter `create=true` in URL
|
||||
`restrictDomain` | true / `false` | allows admin to restrict the domain to update to a given value `domain` and/or `host`. See URL parameters for host parameter explanation
|
||||
`allowNetcupCreds` | true / `false` | allows the user to pass netcup credentials directly via the URL. URL creds will be preferred if any still exist in .env file
|
||||
`allowAnonymous` | true / `false` | allows anonymous login, recommended only if you do not store any credentials and disable logging
|
||||
|
||||
* alternatively you can use .configure.sh to create your .env file for you (if you are on a *NIX system)
|
||||
|
||||
* Create each host record in your netcup CCP (DNS settings) before using the script. <s>The script does not create any missing records.</s><br>
|
||||
You can now set `allowCreate=true` in .env and pass `create=true` as URL parameter to create entries on the fly.
|
||||
DDNS_DEBUG | 0 | Includes debug information in the web response
|
||||
DDNS_LOG | 1 | Creates a json log file
|
||||
DDNS_LOGFILE | log.json | Log file location, relative to webroot
|
||||
DDNS_RETURNIP | 1 | Returns the updated DNS record (IPv4, IPv6, TXT)
|
||||
DDNS_ALLOWCREATE | 0 | Allows for a new DNS entry to be created and set instead of only updating existing
|
||||
DDNS_RESTRICTDOMAIN | 0 | Allows you to override the DNS entry to be updated
|
||||
DDNS_FORCEDDOMAIN | "" | When DDNS_RESTRICTDOMAIN is set, enter the registered domain name (e.g. example.com)
|
||||
DDNS_FORCEDHOST | "" | When DDNS_RESTRICTDOMAIN is set, enter the DNS entry host name (e.g. _acme-challenge.test.home)
|
||||
|
||||
|
||||
## URL possible uses:
|
||||
### Required parameters in URL:
|
||||
### URL contents:
|
||||
|
||||
<b>user, password and domain</b> are <i> always needed</i>, as well as at least one of the following: <br>
|
||||
<b>ipv4, ipv6, txt</b>
|
||||
#### The following parameters are supported
|
||||
|
||||
`You must include: user, password, domain and one of ipv4, ipv6 and txt`
|
||||
|
||||
Parameter | Example | Explanation
|
||||
parameter | example | description
|
||||
---: | :--- | :---
|
||||
user | dnsupdater | username to authenticate against this script as defined in .env file. If anonymous login is allowed in .env: `anonymous`
|
||||
password | secretpleasechange | password for that user as defined in .env file
|
||||
domain | home.example.com | `case A)` If `host` is not specified: the FQDN for your host
|
||||
domain | example.com | `case B)` If you want to update the @ or * record
|
||||
domain | example.com | `case C)` If `host`is specified: only the domain part as registered at netcup "nas.home.example.com"
|
||||
host | nas.home | `case C)` If your domain contains more than 3 levels "nas.home.example.com"
|
||||
ipv4 | 1.2.3.4 | the ipv4 address to update an existing A record
|
||||
ipv6 | fe80::12:34:56 | the ipv6 address to update an existing AAAA record
|
||||
txt | acme-challenge-text | the content to update an existing TXT record
|
||||
force | true | ignore checking if the record needs to be updated, just do it anyways. Default: `false`
|
||||
mode | * | `case B)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@`
|
||||
create | true | create all entries if none exist. e.g. will not create A if AAAA exists. Needs `allowCreate=true` in .env
|
||||
customerId | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
|
||||
apiKey | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
|
||||
apiPassword | 12345 | uses the URL provided credentials instead of the ones stored in .env. Needs `allowNetcupCreds=true` in .env
|
||||
|
||||
user | dnsupdater | The DDNS_USER
|
||||
password | secretpleasechange | The DDNS_PASS
|
||||
domain | `a)` home.example.com <br> `b)` example.com <br> `c)` example.com | `a)` The FQDN to update <br> `b)` The registered domain only, for multi part host names <br> `c)` The domain if you want to update the @ or * record
|
||||
host | nas.home | optional; `case b)` If your domain contains more than 3 levels, e.g. "nas.home.example.com"
|
||||
ipv4 | 1.2.3.4 | the ipv4 address to update a A record
|
||||
ipv6 | fe80::12:34:56 | the ipv6 address to update a AAAA record
|
||||
txt | acme-challenge-text | the content to update a TXT record
|
||||
force | true | optional; ignore checking if the record needs to be updated, just do it anyways. Default: `false`
|
||||
mode | * | optional; `case c)` If domain is your registered domain "example.com". Possible values: `*` or `both`. Default: `@`
|
||||
create | true | optional; create all entries if none exist. e.g. will not create A if AAAA exists. Needs `DDNS_ALLOWCREATE=1`
|
||||
|
||||
|
||||
#### Example URL to update A record (IPv4) of home.example.com:
|
||||
|
@ -100,8 +87,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
|||
* Domainname: `<host record that is supposed to be updated>`
|
||||
* Multiple Domains:
|
||||
* Domainname: `<first host record that is supposed to be updated>,<second host record that is supposed to be updated>,....`
|
||||
* Username: `<username as defined in .env file>`
|
||||
* Password: `<password as definied in .env file>`
|
||||
* Username: `<DDNS_USER>`
|
||||
* Password: `<DDNS_PASS>`
|
||||
|
||||
### Synology DSM Settings
|
||||
* Go to "Control Panel" -> "External Access" -> "DDNS"
|
||||
|
@ -114,8 +101,8 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
|||
* Click on "Add" to create a DDNS job
|
||||
* Select your custom provider. Notice that an asterisk [*] has appeared in front of the name to signify that this is a custom provider.
|
||||
* Hostname: `<host record that is supposed to be updated>`
|
||||
* Username/Email: `<username as defined in .env file>`
|
||||
* Password/Key: `<password as defined in .env file>`
|
||||
* Username/Email: `<DDNS_USER>`
|
||||
* Password/Key: `<DDNS_PASS>`
|
||||
* External Address (IPv4): probably "Auto", uses Synology service to find own external IP
|
||||
* External Address (IPv6): doesn't matter, currently not supported by Synology
|
||||
|
||||
|
@ -125,7 +112,7 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
|||
* Service Type: "Custom"
|
||||
* Interface to monitor: `<select you WAN interface>`
|
||||
* Interface to send update from: `<select your WAN interface>`
|
||||
* Update URL: `https://<url of your webspace>/update.php?user=<user from .env>&password=<password from .env>&ipv4=%IP%&domain=<host record to update>`
|
||||
* Update URL: `https://<url of your webspace>/update.php?user=<DDNS_USER>&password=<DDNS_PASS>&ipv4=%IP%&domain=<host record to update>`
|
||||
* Leave all other fields empty / default
|
||||
|
||||
# run as cronjob on a **nix based device
|
||||
|
@ -137,4 +124,4 @@ https://`dyndns.example.com`/update.php?user=`username`&password=`password`&doma
|
|||
|
||||
## License
|
||||
Published under GNU General Public License v3.0
|
||||
© Felix Kretschmer, 2021
|
||||
Original: © Felix Kretschmer, 2021
|
||||
|
|
|
@ -17,4 +17,44 @@ if (!file_exists('.env')) {
|
|||
|
||||
$config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
|
||||
|
||||
if (getenv('DDNS_USER') !== false) {
|
||||
$config['username'] = getenv('DDNS_USER');
|
||||
}
|
||||
if (getenv('DDNS_PASS') !== false) {
|
||||
$config['password'] = getenv('DDNS_PASS');
|
||||
}
|
||||
if (getenv('NETCUP_APIKEY') !== false) {
|
||||
$config['apiKey'] = getenv('NETCUP_APIKEY');
|
||||
}
|
||||
if (getenv('NETCUP_APIPASS') !== false) {
|
||||
$config['apiPassword'] = getenv('NETCUP_APIPASS');
|
||||
}
|
||||
if (getenv('NETCUP_CUSTOMERID') !== false) {
|
||||
$config['customerId'] = getenv('NETCUP_CUSTOMERID');
|
||||
}
|
||||
if (getenv('DDNS_DEBUG') !== false) {
|
||||
$config['debug'] = getenv('DDNS_DEBUG');
|
||||
}
|
||||
if (getenv('DDNS_LOG') !== false) {
|
||||
$config['log'] = getenv('DDNS_LOG');
|
||||
}
|
||||
if (getenv('DDNS_LOGFILE') !== false) {
|
||||
$config['logFile'] = getenv('DDNS_LOGFILE');
|
||||
}
|
||||
if (getenv('DDNS_RETURNIP') !== false) {
|
||||
$config['returnIp'] = getenv('DDNS_RETURNIP');
|
||||
}
|
||||
if (getenv('DDNS_ALLOWCREATE') !== false) {
|
||||
$config['allowCreate'] = getenv('DDNS_ALLOWCREATE');
|
||||
}
|
||||
if (getenv('DDNS_RESTRICTDOMAIN') !== false) {
|
||||
$config['restrictDomain'] = getenv('DDNS_RESTRICTDOMAIN');
|
||||
}
|
||||
if (getenv('DDNS_FORCEDDOMAIN') !== false) {
|
||||
$config['domain'] = getenv('DDNS_FORCEDDOMAIN');
|
||||
}
|
||||
if (getenv('DDNS_FORCEDHOST') !== false) {
|
||||
$config['host'] = getenv('DDNS_FORCEDHOST');
|
||||
}
|
||||
|
||||
(new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
|
||||
|
|
|
@ -1,23 +1,20 @@
|
|||
version: "3"
|
||||
services:
|
||||
|
||||
nginx:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: nginx/Dockerfile
|
||||
owndyndns:
|
||||
container_name: dyndns
|
||||
image: niiwiicamo/owndyndns
|
||||
environment:
|
||||
DDNS_USER: changeme
|
||||
DDNS_PASS: changeme
|
||||
NETCUP_APIKEY: 12345asdf
|
||||
NETCUP_APIPASS: asdf12345
|
||||
NETCUP_CUSTOMERID: 01234
|
||||
DDNS_DEBUG: 0 # optional, default: 0
|
||||
DDNS_LOG: 0 # optional, default: 1
|
||||
# DDNS_LOGFILE: log.json # optional, default: log.json
|
||||
DDNS_RETURNIP: 0 # optional, default: 1
|
||||
DDNS_ALLOWCREATE: 1 # optional, default: 0
|
||||
# DDNS_RESTRICTDOMAIN: 0 # optional, default: 0
|
||||
# DDNS_FORCEDDOMAIN: example.net # optional, default empty
|
||||
# DDNS_FORCEDHOST: hostname # optional, default empty
|
||||
ports:
|
||||
- "8180:80"
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
|
||||
php:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: php/Dockerfile
|
||||
depends_on:
|
||||
- nginx
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
|
||||
volumes:
|
||||
data:
|
||||
- 8080:8080
|
||||
|
|
|
@ -1,67 +0,0 @@
|
|||
# Multiple Endpoints with separate credentials
|
||||
For advanced use you might want to have separate users that can each only update one domain entry.
|
||||
|
||||
In that case it might be beneficial to habe multiple endpoints, e.g. `https://dyndns.example.com/endpointN/update.php` where endpointN is any directory name you wish.
|
||||
|
||||
## Setting up multiple endpoints
|
||||
The directory structure of your webroot might look like this:
|
||||
<pre>
|
||||
├── index.html
|
||||
├── src
|
||||
│ ├── Config.php
|
||||
│ ├── Handler.php
|
||||
│ ├── Payload.php
|
||||
│ └── Soap.php
|
||||
├── fritzbox # this is a subdomain
|
||||
│ ├── .env
|
||||
│ └── update.php
|
||||
├── nas # this is another
|
||||
│ ├── .env
|
||||
│ └── update.php
|
||||
├── examplenet # uses another netcup account
|
||||
│ ├── .env
|
||||
│ └── update.php
|
||||
└── subdomain1 # and another subdomain
|
||||
├── .env
|
||||
└── update.php
|
||||
</pre>
|
||||
|
||||
Here the update.php files are copied from the mydomain example directory. All .env files contain different user credentials and may even use different netcup credentials.
|
||||
|
||||
## Setting up domain restrictions per .env file
|
||||
It is nice to have multiple sets of credentials, but if anyone can update any entry of any domain this defeats the purpose.
|
||||
|
||||
That is why you can enable domain restriction per .env file and thereby per set of user credentials.
|
||||
|
||||
In these cases you the domain you send in your url will be ignored in favour of the one configured in the .env file. <b>You still need to send a placeholder for validation purposes.</b>
|
||||
|
||||
Example .env file for fritzbox.example.com.<br>
|
||||
Callable by: `https://dyndns.example.com/fritzbox/update.php?user=fritzbox&password=changeme&domain=placeholder&ipv4=1.2.3.4`
|
||||
<pre>
|
||||
username="fritzbox"
|
||||
password="changemeplease"
|
||||
apiKey="j1meo213em823jd2q9"
|
||||
apiPassword="12345secret"
|
||||
customerId="12345"
|
||||
debug=false
|
||||
log=true
|
||||
logFile=/var/log/dnsupdater/fritzbox.json
|
||||
restrictDomain=true
|
||||
domain=fritzbox.example.com
|
||||
</pre>
|
||||
|
||||
Example .env file for nas.home.example.com.<br>
|
||||
Callable by: `https://dyndns.example.com/nas/update.php?user=nas&password=changeme&domain=placeholder&ipv4=1.2.3.4`
|
||||
<pre>
|
||||
username="nas"
|
||||
password="changemeplease"
|
||||
apiKey="j1meo213em823jd2q9"
|
||||
apiPassword="12345secret"
|
||||
customerId="12345"
|
||||
debug=false
|
||||
log=true
|
||||
logFile=/var/log/dnsupdater/nas.json
|
||||
restrictDomain=true
|
||||
domain=example.com # for explicit use of third-level domain
|
||||
host=nas.home # we use the optional host parameter
|
||||
</pre>
|
|
@ -1,12 +0,0 @@
|
|||
username="only-mydomain"
|
||||
password="changemeplease"
|
||||
apiKey="netcup DNS API Key"
|
||||
apiPassword="netcup DNS API Password"
|
||||
customerId="netcup customer ID"
|
||||
debug=false
|
||||
log=true
|
||||
logFile=mydomain.json
|
||||
returnIp=true
|
||||
allowCreate=false
|
||||
restrictDomain=true
|
||||
domain="mydomain.example.com"
|
|
@ -1,20 +0,0 @@
|
|||
<?php
|
||||
|
||||
error_reporting(-1);
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('html_errors', 0);
|
||||
|
||||
header('Content-Type: text/plain; charset=utf-8');
|
||||
|
||||
require_once __DIR__ . '/../src/Soap.php';
|
||||
require_once __DIR__ . '/../src/Config.php';
|
||||
require_once __DIR__ . '/../src/Payload.php';
|
||||
require_once __DIR__ . '/../src/Handler.php';
|
||||
|
||||
if (!file_exists('.env')) {
|
||||
throw new RuntimeException('.env file missing');
|
||||
}
|
||||
|
||||
$config = parse_ini_file('.env', false, INI_SCANNER_TYPED);
|
||||
|
||||
(new netcup\DNS\API\Handler($config, $_REQUEST))->doRun();
|
|
@ -1,54 +0,0 @@
|
|||
#
|
||||
# This assumes you already have the html { block configured
|
||||
#
|
||||
|
||||
server {
|
||||
|
||||
listen 80; # highly recommend to use 443 and ssl, look into using certbot
|
||||
|
||||
server_name dyndns.example.com;
|
||||
root /var/www/dnydns.example.com;
|
||||
|
||||
# if you are using a dedicated site remove everythin except update.php
|
||||
# update.php;
|
||||
update.php index index.html index.htm index.nginx-debian.html index.php;
|
||||
|
||||
# deny all access to any file containing "env", "log" or "json"
|
||||
# returns 404 as if file did not exist
|
||||
location ~* (env|log|json) {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
# deny access to any file .ht* like .htaccess or .htpasswd
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
|
||||
# pass PHP scripts to FastCGI server
|
||||
location ~ \.php$ {
|
||||
|
||||
# FastCGI config, might be in another file that is included
|
||||
|
||||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
|
||||
# Check that the PHP script exists before passing it
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
# Bypass the fact that try_files resets $fastcgi_path_info
|
||||
# see: http://trac.nginx.org/nginx/ticket/321
|
||||
set $path_info $fastcgi_path_info;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
|
||||
fastcgi_index index.php;
|
||||
include fastcgi.conf;
|
||||
|
||||
|
||||
# With php-fpm (or other unix sockets):
|
||||
fastcgi_pass unix:/run/php/php-fpm.sock;
|
||||
# With php-cgi (or other tcp sockets):
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# you can run this script from **ix bases device to update (different) Records
|
||||
|
||||
USER="max_mustermann"
|
||||
PASS="s3cr3t"
|
||||
DOMAIN="my-home-nas.de"
|
||||
#DOMAIN="nas.my-home.de"
|
||||
SCRIPT="https://<url of your webspace>/update.php"
|
||||
FORCE=0
|
||||
MODE="both" # can be undefined, "@", "*" or "both"
|
||||
|
||||
IPV4=$(curl -4 -q v4.ident.me)
|
||||
IPV6=$(curl -6 -q v6.ident.me)
|
||||
|
||||
echo ${IPV4}
|
||||
echo ${IPV6}
|
||||
|
||||
# PAYLOAD_IPV4="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&domain=${DOMAIN}&mode=${MODE}"
|
||||
# curl -X POST --data "${PAYLOAD_IPV4}" ${SCRIPT}
|
||||
|
||||
# PAYLOAD_IPV6="force=${FORCE}&user=${USER}&password=${PASS}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE"}
|
||||
# curl -X POST --data "${PAYLOAD_IPV6}" ${SCRIPT}
|
||||
|
||||
PAYLOAD_BOTH="force=${FORCE}&user=${USER}&password=${PASS}&ipv4=${IPV4}&ipv6=${IPV6}&domain=${DOMAIN}&mode=${MODE}"
|
||||
curl -X POST --data "${PAYLOAD_BOTH}" ${SCRIPT}
|
|
@ -1,7 +0,0 @@
|
|||
FROM nginx:alpine
|
||||
RUN mkdir -p /var/www/html/src
|
||||
COPY ./nginx/default.conf /etc/nginx/conf.d/
|
||||
COPY ./data/src/ /var/www/html/src
|
||||
COPY ./data/update.php /var/www/html
|
||||
COPY ./data/.env.dist /var/www/html/.env
|
||||
VOLUME /var/www/html
|
|
@ -1,13 +0,0 @@
|
|||
server {
|
||||
listen 0.0.0.0:80;
|
||||
root /var/www/html;
|
||||
location / {
|
||||
return 302 https://github.com/NiiWiiCamo/ownDynDNS;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php:9000;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
||||
}
|
||||
}
|
|
@ -1,4 +0,0 @@
|
|||
FROM php:fpm-alpine
|
||||
RUN apk add --no-cache libxml2-dev \
|
||||
&& docker-php-ext-install soap
|
||||
VOLUME /var/www/html
|
Loading…
Add table
Add a link
Reference in a new issue