Extends DDNS support for the Porkbun v3 JSON API with a custom update
script and service configuration.
See: https://porkbun.com/api/json/v3/documentation
Depends on cURL (with SSL) for transport. Porkbun authentication API keys
and secret keys are passed through the ddns-scripts "username" and
"password" variables, respectively. As Porkbun DNS is currently backed by
Cloudflare, also support ddns-scripts "rec_id" variable for specific
record targeting.
Signed-off-by: Ansel Horn <dev@cahorn.net>
The output format of `khost` has changed. This commit fixes the regexp
for IPv4. It fixes the issue of using a custom DNS to resolve current
address.
```bash
root@localhost:~# khost ns2.afraid.org
ns2.afraid.org. has IPv4 address 69.65.50.223
ns2.afraid.org. has IPv6 address 2001:1850:1:5:800::6b
Host ns2.afraid.org. has no MX record
root@localhost:~# khost --version
khost (Knot DNS), version 3.3.5
```
Signed-off-by: Denis Shulyaka <Shulyaka@gmail.com>
When the ddns update script is started, the system checks whether the
configured DNS server can be reached. This is checked with the 'netcat' tool.
The tool tries to establish a TCP connection on port 53 of the configured
DNS server.
The problem with this implementation is, that this call blocks the ddns
update script until 'netcat' returns from the call.
Verfification failed:
If the IP and the port cannot be reached, the netcat call returns
immediately.
Verfification successfull:
If the IP and the port of the DNS server can be reached, the connection
remains established and so the ddns update scripts blocks until the
configured TCP session timeout of the DNS server resets the connection.
The behavior in the event of an successfull verificataion is a problem
for the ddns update script if it is called via the hotplug. Since the ddns
update script runs too long! This blocking behavior also depends on
the TCP session timeout setting of the DNS server.
> time netcat 1.1.1.1 53
netcat 1.1.1.1 53 0.00s user 0.00s system 0% cpu 10.016 total
> time netcat 8.8.8.8 53
netcat 8.8.8.8 53 0.00s user 0.00s system 0% cpu 2.012 total
The TCP session timeout is for 1.1.1.1 10 seconds and for 8.8.8.8 2 seconds.
The '--wait' option of necat or the additional integration of the 'timeout'
function of busybox was implemented for this behavior. But the used '--wait'
function of netcat of the busybox shows no effect here.
Since the used implementation is not clean, the question arise why this
is necessary for the ddns update script at all? As the nslookup throws an
error anyway if it cannot resolve the IP. This check is only informative.
The check does not affect the script behavior.
The check is therefore removed on ddns update.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
When a "service ddns reload" is issued, the ddns processes are being
duplicated.
It seems the culprit is the -1 in the 'killall' command, and removing it
fixes the issue.
The -1 means to use SIGHUP, instead of the default SIGTERM.
In this case, the idea is to kill all other processes, so SIGTERM is
appropriate. In case the processes hang, SIGKILL may be another option.
Signed-off-by: Miguel Angel Mulero Martinez <migmul@gmail.com>
- Improved logging
- Log the executed curl command to be able to rerun and test it manually
- Log the curl exit status
- Added 30 second timeout timeout for clear-cut detection of flaky connections.
Signed-off-by: Pyry Kontio <pyry.kontio@drasa.eu>
The implementation uses a GCP service account. The user is expected to
create and secure a service account and generate a private key. The
"password" field can contain the key inline or be a file path pointing
to the key file on the router.
The GCP project name and Cloud DNS ManagedZone must also be provided.
These are taken as form-urlencoded key-value pairs in param_enc. The TTL
can optionally be supplied in param_opt.
Signed-off-by: Chris Barrick <chrisbarrick@google.com>
It was a bit confusing to use *verbosity* level for Dry Run mode. Add
explicity switch for it and designed DRY_RUN variable to make code
easier to understand.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rename variable to make code easier to understand. This variable
specifies how many times in row ddns script tried to update IP without a
success.
Previous name ("ERR_UPDATE") didn't suggest it was for counting
anything. It also didn't specify was error was it related to.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Local suggests something related to the local network or available
locally only. All that code related to the "local" IP was actually
dealing with *current* device external IP address. Using name "current"
should make code a bit easier to understand.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rename variable to make code easier to understand. This variable
specifies how many times ddns script should try to send a request.
Previous name ("retry_count") suggested it was for *counting* attempts.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
When zone id is explicitly provided, there is no need for the API token to have read permission. Inspired by acme.sh's cloudflare logic.
Signed-off-by: Glen Huang <heyhgl@gmail.com>
If pppoe is used for wan access. script set 'eth1' as interface for curl
call. The correct interface is however 'pppoe-wan'.
The script uses 'network_get_physdev' function to get real device for
bind_network but this is wrong. We need instead the l3_device of the the
logical interface.
In case if we don't use pppoe connection - 'l3_device' is equal to real device.
This was reported by the github user `welderpb` with P/R:
https://github.com/openwrt/packages/pull/14431
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The provider could also be read from the custom directory. To get always
the latest version of the provider config json file, we read first the custom
directory and after that we also check the default directory, if we could not
find the provider file
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Since we can also install custom ddns services, the name for the default
services is not optimally chosen. To emphasize this the folder with the
standard services for the package feed will be renamed to default.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
modified source directory structure
- files for production files
- samples for sample files (not installed in final build)
modified Makefile
- separate options for additional provider scripts
- remove comments and empty lines from final build
add IPv4 100.64/10 (RFC 6598) and 169.254/16 (RFC 5735) to the range of default blocked IP's.
new option "bind_network" to force GNU Wget or cURL to use specific network/interface for communication
new "domains.google.com" as IPv4 DDNS provider #822
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
restructure startup of dnymaic_dns_updater.sh
- first run load_all_config_options (it returns 1 if SECTION_ID not found) #779
- set all defaults if necessary
- verify if username and/or password is needed inside update_url #779
- remove wait - will be done by retry_interval and retry_count if communication fails
provider specific update scripts
- verify if username/password are needed
services_ipv6
- added freedns.afraid.org
- IPv6 should work due to their documentation
minor fixes
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
