{"id":23757095,"url":"https://github.com/mmitch/dns-update","last_synced_at":"2025-07-14T04:41:47.480Z","repository":{"id":15833590,"uuid":"18573540","full_name":"mmitch/dns-update","owner":"mmitch","description":"poor man's do-it-yourself DynDNS replacement","archived":false,"fork":false,"pushed_at":"2023-12-17T21:11:23.000Z","size":34,"stargazers_count":3,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-05T22:32:12.054Z","etag":null,"topics":["dns","dynamic-dns-updater","dynamic-dns-updates","nameserver","ssh","zone"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"initialstate/arduino_streamers","license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mmitch.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-04-08T20:16:26.000Z","updated_at":"2023-01-13T09:34:32.000Z","dependencies_parsed_at":"2023-01-11T20:24:03.437Z","dependency_job_id":null,"html_url":"https://github.com/mmitch/dns-update","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mmitch/dns-update","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmitch%2Fdns-update","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmitch%2Fdns-update/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmitch%2Fdns-update/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmitch%2Fdns-update/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mmitch","download_url":"https://codeload.github.com/mmitch/dns-update/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmitch%2Fdns-update/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265241154,"owners_count":23733189,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","dynamic-dns-updater","dynamic-dns-updates","nameserver","ssh","zone"],"created_at":"2024-12-31T19:37:47.116Z","updated_at":"2025-07-14T04:41:47.462Z","avatar_url":"https://github.com/mmitch.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"dns-update\n==========\n\n[![Build status](https://github.com/mmitch/dns-update/workflows/Tests/badge.svg)](https://github.com/mmitch/dns-update/actions?query=workflow%3ATests)\n[![GPL 3+](https://img.shields.io/badge/license-GPL%203%2B-blue.svg)](http://www.gnu.org/licenses/gpl-3.0-standalone.html)\n\n* dns-update - small dynamic DNS suite using SSH\n* Copyright (C) 2014,2019  Christian Garbs \u003cmitch@cgarbs.de\u003e\n* Licensed under GNU GPL v3 (or later)\n* Homepage: https://github.com/mmitch/dns-update\n\nABOUT\n-----\n\nThis is a small suite to enable dynamic DNS updates from remote hosts.\nIt's my personal replacement for the not-free-any-more DynDNS service.\nClients use SSH to update their IP.  While this won't work with\nJ. Random Router that has a DynDNS client built in, it works on all of\nmy systems (they have the capabilites for scripts and SSH\nconnections), it's very easy to build and use and it provides the full\nSSH possibilities of encryption and authentication - for free.\n\n\nHOW TO INSTALL ON THE SERVER\n----------------------------\n\n1. Install a nameserver of your choice and serve a zone dedicated to\n   your dynamical IPs.  You probably need a delegation for that zone\n   from somewhere else.  All this is NOT handled in this howto.\n\n   My setup works with nsd as nameserver but apart from \"please reload\n   the zonefile\" there is no interaction with the nameserver, so it\n   should be easily portable.\n\n   The example configuration creates the zone `dynip.example.com` in\n   the file `ZONEFILE=/home/dns-update/zones/dynip.example.com.zone`.\n   In `/etc/nsd/nsd.conf`, the zone paragraph would look like this:\n\n   ```\n   zone:\n           name: dynip.example.com\n           zonefile: /home/dns-update/zones/dynip.example.com.zone\n   ```\n\n\n2. Create a new user for the sole purpose of handling the dynamic DNS\n   updates.  This user needs a normal shell (`/bin/sh` should be\n   enough - with `/bin/false`, the SSH forced commands won't run…), a\n   home directory and SSH access (be sure to include him in\n   AllowUsers/AllowGroups if you use them to restrict access via SSH).\n   The password of the user can and should be disabled (either after\n   configuration is finished or you'll have to use su(1) while\n   configuring stuff).\n\n   This repository is configured for a user `dns-update` with a home\n   directory of `/home/dns-update`\n\n\n3. Allow this new user to reload your nameserver configuration when a\n   zonefile changes.\n   \n   My setup does this via sudo(8).  I created the file\n   `/etc/sudoers.d/local-dns-update` which just contains the line\n   `dns-update ALL =NOPASSWD: /bin/systemctl reload nsd`.  YMMV.\n\n\n4. Clone this git repository RIGHT INTO the home directory of the\n   dedicated user.  Log in as or su(1) to the user and do:\n\n   ```\n   $ git clone https://github.com/mmitch/dns-update.git /home/dns-update\n   ```\n\n\n5. Create a local branch (`git checkout -b local`).  Do your local\n   configuration:\n\n   * edit `.ssh/authorized_keys` (see notes in file)\n   * edit the parameters on the top of `update-client` e.g. zone file\n     name\n   * edit `config/zonefile.input` to your needs (`§SERIAL§` will be\n     replaced automatically)\n   * edit the bottom part of `update-client` if you used a different\n     sudo configuration than in this example\n\n   Check in your changes (`git commit -a`).\n\n   Fix the file permissions on `.ssh` and `.ssh/authorized_keys`?!\n   TODO: watch what git is doing there and what can be done against it.\n   \n   (In case you're wondering why a non-functional `authorized_keys`\n    file is part of this repository: That way it's automatically\n    tracked in your local branch and you can't forget to git-add it.\n    Also: inline help on first edit.)\n\n6. Basically, you're ready to go now!\n\n\n\nHOW TO UPDATE THE SERVER\n------------------------\n\n\n1. Log in/su(1) to user dns-update.\n\n2. Switch git branch back to master (be sure to have no pending local\n   changes):\n\n   ```\n   $ git checkout master\n   ```\n\n3. Get updates:\n\n   ```\n   $ get pull\n   ```\n\n4. Switch back to your local branch:\n\n   ```\n   $ git checkout local\n   ```\n\n5. Merge the updates.  It's best to do a rebase to keep a clean\n   history (of course, using `merge` instead of `rebase` is also\n   possible).  You might have to solve merge conflicts, be ready for\n   that:\n   \n   ```\n   $ git rebase master\n   ```\n\n\n\nLOGGING ON THE SERVER\n---------------------\n\nYour SSH server probably already logs to `/var/log/auth.log`.  There\nyou can find successful client logins as well as diagnostic error\nmessages when something goes wrong.\n\n\n\nHOW TO INSTALL ON A CLIENT\n--------------------------\n\n- create local SSH key\n- add pubkey to `.ssh/authorized_keys` on server\n  - copy existing line\n  - change hostname in `command=\"\"` string\n  - change public key\n- to update, call `ssh -i /path/to/new/identity.pub dns-update@ns.example.com update-client \u003cnew.ip.add.ress\u003e`\n  - or use `auto` instead of the ip address to use the ssl source ip\n    address automatically (useful if you're behind a router and don't\n    know your outside IP, but want to send exactly this IP to the\n    server)\n\n- ppp-update-script not finished yet (but at least on Debian based\n  distributions, you can simply write the `ssh` commandline\n  (preferably with `auto`) into a new file under `/etc/ppp/ip-up.d`\n  and you're set)\n\n\n\nIPV4 AND IPV6\n-------------\n\nA simple heuristic tries to tell apart IPv4 and IPv6 addresses and\ngenerate `A` or `AAAA` records automatically.  This allows a single\nclient to have two addresses (one of each).\n\nIf a client updates using the `auto` keyword, you can call the SSH\nclient (at least the OpenSSH client) with the additional parameters\n`-4` or `-6` to use the respective protocol.  To update both address\ntypes, two ssh invocations are needed:\n\n1. `ssh -4 -i /path/to/new/identity.pub dns-update@ns.example.com update-client auto`\n2. `ssh -6 -i /path/to/new/identity.pub dns-update@ns.example.com update-client auto`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmmitch%2Fdns-update","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmmitch%2Fdns-update","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmmitch%2Fdns-update/lists"}