Good FOSS software and reliable service providers? Etc.
What do you mean?
used a bash script and a cron job for a long time, now the whole topic is one of the projects i regularly rewrite whenever I want to get my hands dirty with a new programming language or framework.
Cloudflare DDNS updated by ddclient on my OpnSense router. Cloudflare happens to be my current domain registrar. Honestly, my IPv4 doesn’t change that often. And when I used to be on Comcast, they assigned a block of IPv6 addresses and the router dealt with that. Unfortunately, I now have Quantum Fiber who only assign a single IPv6 address, so I gave up on IPv6 for now.
Any registrar worth using has an API for updating DNS entries.
I just found this with a quick search: https://github.com/qdm12/ddns-updater
exactly. I literally have a bash script that calls the API triggered by cron every 30 minutes. That’s it. Are people seriously using a freaking docker container for this?
It’s easy to set up and also keeps a history
I just dump the changes with timestamps to a text file. Notifications for IP changes get sent to matrix after the DNS record is updated.
Ah, a history would be nice. I’ve been thinking of keeping some stats to monitor when the connection goes down, and how often my IP changes.
Fortunately I’ve kept the same IP since i changed ISPs a few months ago.
Personally I still think docker is overkill for something that can be done with a bash script. But I also use a Pi 4 as my home server, so I need to be a little more scrupulous of CPU and RAM and storage than most :-)
I would recommend OVH for DNS, they have an API and are on the list for that tool. Also you can use the API to get lets encrypt certificates
Looks good. Thanks!
Afraid has a curl update. Cron job. It’s that simple.
terraform and AWS route 53 on a self hosted gitlab pipeline.
cloudflare + the dynamic dns plugin for opnsense.
I use ddclient but in a docker container. Works great with minimal config
I solve it by paying way too much for a block of static IPs.
I use http://www.duckdns.org/
Me too. I use uptime kuma to send the api request. then I also get uptime status 🙂
That’s a great idea, I hadn’t thought of that
Ixury for people that can have public IPs! :)
I’m in the same situation.
Fortunately there’s a million companies that offer VPS with a static IP address for only few bucks a month. I set one up to run a wireguard VPN server which all my devices and home servers connect to as clients. I also configured everything to use a split tunnel to save bandwidth.
It’s an added layer of security too.
Can you detail the split tunnel part?
Normally when you’re on a VPN all the network traffic to and from your device is going through the connection to the VPN server, e.g. browsing the internet, online games, etc. It can cause issues with other online services and uses bandwidth (cheap as it is) many VPS provider charges for.
A split tunnel tells the VPN client to only send certain traffic through the tunnel. My wireguard setup assigns IP addresses for the VPN interfaces in the subnet 192.168.2.x, so only traffic addressed to IPs on that subnet get sent through the tunnel. In wireguard it’s a single line in the config file:
AllowedIPs = 192.168.2.0/24I am doing split tunnel since years without knowing :)
Thanks, I learned something new.
Yup, CGNAT blows.
It’s why IPv6 is important, but many didn’t listen.
@chronicledmonocle @sugar_in_your_tea This is why I love yggdrasil. Thanks to having a VPS running it that all of my hosts globally can connect to, I can just use IPv6 for everything and reverse proxy using those IPv6 addresses where I need to. Once hosts are connected and on my private yggdrasil network, I stop caring about CGNAT or IPv4 at all other than to maybe create public IPv4 access to a service.
IPv6 doesn’t help anything if you’re behind CGNAT, you can have internal-only IPv6. There are good reasons to not have every household directly accessible to the outside world, so I’m sympathetic to that, but they also seem to love charging extra for it.
CGNAT only applies to IPv4. You cannot NAT IPv6 effectively. It’s not designed to be NATed. While there IS provisions for private IPv6 addressing, nobody actually does it because it’s pointless.
Yeah, there are workarounds… And who knows, maybe its just safer than public ip… But definitely require some external fixture.
I guess you already know about the options, but for others:
Find the cheapest VPS out there and have a Wireguard tunnel between it and your home network. Run ddclient or similar on the VPS in case the public IP changes.
Yup, that’s what I did. I even have my TLS servers running on my LAN as well, so once my ISP no longer puts me behind CGNAT, I just need to change my DNS settings and set up some port forwards on my router.
Wireguard or ssh tunnel with port forwards, both works.
afraid still works like a charm. cloudflare is ok. duckdns is cool.
Ddclient has done the trick for me, and my registrar supports it with an API
I set it once like 6 years ago and forgot it wasn’t something pre-installed and configured until I saw your comment. I was reading through the comments looking for the “you don’t need to do anything, ddclient takes care of it”
Have done it via bash scripts for years. Never had a problem. Since a few months i use https://github.com/qdm12/ddns-updater
My ip updates maybe once every three months or so, but what i did was just write a script that checks the current ip and updates the domain registrar. My domain is on cloud flare, and they have an API through which I can do it. It’s literally one POST request. There are solutions out there but I wanted a really simple solution I fully understand so I just did this. Script runs in cron every few hours and that’s it.
