Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
diy_rfc2136_dyndns_with_bind [29.10.2013 14:27] – Pascal Suter | diy_rfc2136_dyndns_with_bind [25.06.2021 12:39] (current) – Pascal Suter | ||
---|---|---|---|
Line 2: | Line 2: | ||
ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) | ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) | ||
- | there is a [[https:// | + | this is an improved version, now that i know more about bind, over my [[diy_rfc2136_dyndns_with_bind& |
this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch. | this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch. | ||
Line 22: | Line 22: | ||
900 | 900 | ||
600 | 600 | ||
- | 2600 ; expire (43 minutes 20 seconds) | + | 604800 |
30 | 30 | ||
) | ) | ||
Line 34: | Line 34: | ||
type master; | type master; | ||
file "/ | file "/ | ||
- | allow-update { | + | update-policy |
- | // | + | grant *.dyn.mydomain.ch. self *.dyn.mydomain.ch. A; |
+ | grant local-ddns zonesub any; | ||
}; | }; | ||
allow-query { | allow-query { | ||
Line 41: | Line 42: | ||
}; | }; | ||
}; | }; | ||
- | </ | + | </ |
- | * edit your main named.conf file, usually in / | + | |
- | * create the "add_new_host.sh" script that will add new hosts to our setup. here are the contents of the script: <code> | + | |
#!/bin/bash | #!/bin/bash | ||
if [ -z " | if [ -z " | ||
Line 51: | Line 51: | ||
fi | fi | ||
cd / | cd / | ||
- | mkdir tmp | ||
- | cd tmp | ||
hostname=${1}.dyn.mydomain.ch. | hostname=${1}.dyn.mydomain.ch. | ||
echo " | echo " | ||
- | keyfile=`dnssec-keygen -a HMAC-MD5 -b 128 -n HOST ${hostname}` | + | key=$(tsig-keygen -a hmac-md5 ${hostname}) |
- | key=`grep " | + | echo "here is the HMAC-MD5 |
- | echo "here is the key i have generated, use this to configure your client: | + | echo "-----------------8< |
- | cd .. | + | echo "${key}" | grep " |
- | rm -rf tmp | + | echo " |
- | echo "adding | + | echo "add key to bind config" |
- | cat named.conf | + | echo $(echo "$key" | tr -d "\r\n") >> keys.conf |
- | echo "key ${hostname} { algorithm hmac-md5; secret \"${key}\"; };" | + | |
- | echo " | + | |
echo " | echo " | ||
- | /etc/init.d/bind9 reload | + | /usr/sbin/rndc reload |
echo " | echo " | ||
- | grep "key " | + | grep "key " |
- | </ | + | |
* now set the permissions so that especially the keys.conf file is only readable by bind and editable by root. also the dyn directory must be writeable by bind or if you don't want that, touch a file called dyn.mydomain.ch.jnl and make it writeable for bind, as well as making the dyn.mydomain.ch file writeable for bind. here is how i've set the permissions on my server: < | * now set the permissions so that especially the keys.conf file is only readable by bind and editable by root. also the dyn directory must be writeable by bind or if you don't want that, touch a file called dyn.mydomain.ch.jnl and make it writeable for bind, as well as making the dyn.mydomain.ch file writeable for bind. here is how i've set the permissions on my server: < | ||
drwxrwxr-- 2 root bind 4096 Oct 29 13:45 ./ | drwxrwxr-- 2 root bind 4096 Oct 29 13:45 ./ | ||
Line 80: | Line 75: | ||
* now use the script to add your first hostname. < | * now use the script to add your first hostname. < | ||
===== script to remove hosts ===== | ===== script to remove hosts ===== | ||
- | optionally you can also create a little script to remove hosts just as easily. create a file called remove_hosts.sh with the following contents< | + | optionally you can also create a little script to remove hosts just as easily. create a file called remove_hosts.sh with the following contents< |
#!/bin/bash | #!/bin/bash | ||
if [ -z " | if [ -z " | ||
Line 90: | Line 85: | ||
hostname=${1}.dyn.mydomain.ch. | hostname=${1}.dyn.mydomain.ch. | ||
echo "old keys.conf entry: " | echo "old keys.conf entry: " | ||
- | grep ${hostname} keys.conf | + | grep -E '[ " |
echo " | echo " | ||
- | cat named.conf | sed -e "/ | + | sed -i '/[ " |
- | cat keys.conf | sed -e "/^key ${hostname}.*$/d" | tee keys.conf | + | |
echo " | echo " | ||
- | /etc/init.d/bind9 reload | + | /usr/sbin/rndc reload |
- | echo " | + | echo " |
- | grep "key " | + | echo -e " |
+ | / | ||
+ | echo " | ||
+ | grep "key " | ||
</ | </ | ||
make it executable and run it to remove hotsts. **warning** make a backup of your keys.conf and your named.conf file before testing this :) | make it executable and run it to remove hotsts. **warning** make a backup of your keys.conf and your named.conf file before testing this :) | ||
./ | ./ | ||