Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
diy_rfc2136_dyndns_with_bind [29.10.2013 13:44] – Pascal Suter | diy_rfc2136_dyndns_with_bind [25.06.2021 09:10] – Pascal Suter | ||
---|---|---|---|
Line 2: | Line 2: | ||
ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) | ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) | ||
- | there is a [[https:// | + | there is a [[https:// |
+ | |||
+ | this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch. | ||
+ | |||
+ | i can run | ||
+ | / | ||
+ | and it will add a new host called myhost.dyn.mydomain.ch to the configuration and return an authorization key which i can use on the client side. | ||
so here is how i did it: | so here is how i did it: | ||
+ | |||
first of all i wanted to be able to have a simple script that would allow me to add new hosts with a minimum amount of work. so i split my config into different files, so i could later edit them automatically. also, you want to make sure the file where the keys are stored is not world readable.. | first of all i wanted to be able to have a simple script that would allow me to add new hosts with a minimum amount of work. so i split my config into different files, so i could later edit them automatically. also, you want to make sure the file where the keys are stored is not world readable.. | ||
* create a directory that holds all the dynamic dns stuff: < | * create a directory that holds all the dynamic dns stuff: < | ||
Line 11: | Line 18: | ||
$ORIGIN . | $ORIGIN . | ||
$TTL 30 ; 30 seconds | $TTL 30 ; 30 seconds | ||
- | dyn.mydomain.ch IN SOA ns1.mydomain.ch. hostmaster.mydomain.ch. ( | + | dyn.mydomain.ch IN SOA ns1.mydomain.ch. hostmaster.mydomain.ch. ( |
2013102704 ; serial | 2013102704 ; serial | ||
900 | 900 | ||
600 | 600 | ||
- | 2600 ; expire (43 minutes 20 seconds) | + | 604800 |
30 | 30 | ||
) | ) | ||
NS ns1.mydomain.ch. | NS ns1.mydomain.ch. | ||
- | NS ns2.mydomain.ch. | + | NS ns3.mydomain.ch. |
</ | </ | ||
* create an empty keys.conf file < | * create an empty keys.conf file < | ||
Line 37: | Line 43: | ||
</ | </ | ||
* edit your main named.conf file, usually in / | * edit your main named.conf file, usually in / | ||
- | * create the " | + | * create the " |
+ | **Note**: this script works with older versions of bind9, i.e. versions 9.14 and older i think. in version 9.16 the '' | ||
+ | |||
+ | here are the contents of the script: < | ||
#!/bin/bash | #!/bin/bash | ||
if [ -z " | if [ -z " | ||
Line 63: | Line 72: | ||
grep "key " named.conf | awk '{ print $2; }' | tr -d ";" | grep "key " named.conf | awk '{ print $2; }' | tr -d ";" | ||
</ | </ | ||
+ | * now set the permissions so that especially the keys.conf file is only readable by bind and editable by root. also the dyn directory must be writeable by bind or if you don't want that, touch a file called dyn.mydomain.ch.jnl and make it writeable for bind, as well as making the dyn.mydomain.ch file writeable for bind. here is how i've set the permissions on my server: < | ||
+ | drwxrwxr-- 2 root bind 4096 Oct 29 13:45 ./ | ||
+ | drwxr-sr-x 3 root bind 4096 Oct 29 11:47 ../ | ||
+ | -rwx------ 1 root root 904 Oct 29 13:45 add_new_host.sh* | ||
+ | -rw-r--r-- 1 bind bind 434 Oct 29 13:20 dyn.mydomain.ch | ||
+ | -rw-r--r-- 1 bind bind 1230 Oct 29 13:15 dyn.mydomain.ch.jnl | ||
+ | -rw-r----- 1 root bind 356 Oct 29 13:45 keys.conf | ||
+ | -rw-r--r-- 1 root bind 322 Oct 29 13:45 named.conf | ||
+ | </ | ||
+ | * now use the script to add your first hostname. < | ||
+ | ===== script to remove hosts ===== | ||
+ | optionally you can also create a little script to remove hosts just as easily. create a file called remove_hosts.sh with the following contents< | ||
+ | #!/bin/bash | ||
+ | if [ -z " | ||
+ | echo " | ||
+ | echo " | ||
+ | exit 1 | ||
+ | fi | ||
+ | cd / | ||
+ | hostname=${1}.dyn.mydomain.ch. | ||
+ | echo "old keys.conf entry: " | ||
+ | grep ${hostname} keys.conf | ||
+ | echo " | ||
+ | cat named.conf | sed -e "/ | ||
+ | cat keys.conf | sed -e "/^key ${hostname}.*$/ | ||
+ | echo " | ||
+ | / | ||
+ | echo " | ||
+ | grep "key " named.conf | awk '{ print $2; }' | tr -d ";" | ||
+ | </ | ||
+ | make it executable and run it to remove hotsts. **warning** make a backup of your keys.conf and your named.conf file before testing this :) | ||
+ | ./ | ||