Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
diy_rfc2136_dyndns_with_bind [29.10.2013 13:56] – Pascal Suter | diy_rfc2136_dyndns_with_bind [25.06.2021 12:39] (current) – Pascal Suter | ||
---|---|---|---|
Line 2: | Line 2: | ||
ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) | ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) | ||
- | there is a [[https:// | + | this is an improved version, now that i know more about bind, over my [[diy_rfc2136_dyndns_with_bind& |
this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch. | this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch. | ||
Line 22: | Line 22: | ||
900 | 900 | ||
600 | 600 | ||
- | 2600 ; expire (43 minutes 20 seconds) | + | 604800 |
30 | 30 | ||
) | ) | ||
Line 34: | Line 34: | ||
type master; | type master; | ||
file "/ | file "/ | ||
- | allow-update { | + | update-policy |
- | // | + | grant *.dyn.mydomain.ch. self *.dyn.mydomain.ch. A; |
+ | grant local-ddns zonesub any; | ||
}; | }; | ||
allow-query { | allow-query { | ||
Line 41: | Line 42: | ||
}; | }; | ||
}; | }; | ||
- | </ | + | </ |
- | * edit your main named.conf file, usually in / | + | |
- | * create the "add_new_host.sh" script that will add new hosts to our setup. here are the contents of the script: <code> | + | |
#!/bin/bash | #!/bin/bash | ||
if [ -z " | if [ -z " | ||
Line 51: | Line 51: | ||
fi | fi | ||
cd / | cd / | ||
- | mkdir tmp | ||
- | cd tmp | ||
hostname=${1}.dyn.mydomain.ch. | hostname=${1}.dyn.mydomain.ch. | ||
echo " | echo " | ||
- | keyfile=`dnssec-keygen -a HMAC-MD5 -b 128 -n HOST ${hostname}` | + | key=$(tsig-keygen -a hmac-md5 ${hostname}) |
- | key=`grep " | + | echo "here is the HMAC-MD5 |
- | echo "here is the key i have generated, use this to configure your client: | + | echo "-----------------8< |
- | cd .. | + | echo "${key}" | grep " |
- | rm -rf tmp | + | echo " |
- | echo "adding | + | echo "add key to bind config" |
- | cat named.conf | + | echo $(echo "$key" | tr -d "\r\n") >> keys.conf |
- | echo "key ${hostname} { algorithm hmac-md5; secret \"${key}\"; };" | + | |
- | echo " | + | |
echo " | echo " | ||
- | /etc/init.d/bind9 reload | + | /usr/sbin/rndc reload |
echo " | echo " | ||
- | grep "key " | + | grep "key " |
- | </ | + | |
* now set the permissions so that especially the keys.conf file is only readable by bind and editable by root. also the dyn directory must be writeable by bind or if you don't want that, touch a file called dyn.mydomain.ch.jnl and make it writeable for bind, as well as making the dyn.mydomain.ch file writeable for bind. here is how i've set the permissions on my server: < | * now set the permissions so that especially the keys.conf file is only readable by bind and editable by root. also the dyn directory must be writeable by bind or if you don't want that, touch a file called dyn.mydomain.ch.jnl and make it writeable for bind, as well as making the dyn.mydomain.ch file writeable for bind. here is how i've set the permissions on my server: < | ||
drwxrwxr-- 2 root bind 4096 Oct 29 13:45 ./ | drwxrwxr-- 2 root bind 4096 Oct 29 13:45 ./ | ||
Line 78: | Line 73: | ||
-rw-r--r-- 1 root bind 322 Oct 29 13:45 named.conf | -rw-r--r-- 1 root bind 322 Oct 29 13:45 named.conf | ||
</ | </ | ||
+ | * now use the script to add your first hostname. < | ||
+ | ===== script to remove hosts ===== | ||
+ | optionally you can also create a little script to remove hosts just as easily. create a file called remove_hosts.sh with the following contents< | ||
+ | #!/bin/bash | ||
+ | if [ -z " | ||
+ | echo " | ||
+ | echo " | ||
+ | exit 1 | ||
+ | fi | ||
+ | cd / | ||
+ | hostname=${1}.dyn.mydomain.ch. | ||
+ | echo "old keys.conf entry: " | ||
+ | grep -E '[ " | ||
+ | echo " | ||
+ | sed -i '/[ " | ||
+ | echo " | ||
+ | / | ||
+ | echo " | ||
+ | echo -e " | ||
+ | / | ||
+ | echo " | ||
+ | grep "key " keys.conf | awk '{ print $2; }' | tr -d ";" | ||
+ | </ | ||
+ | make it executable and run it to remove hotsts. **warning** make a backup of your keys.conf and your named.conf file before testing this :) | ||
+ | ./ | ||
+ |