http://yourdomain.tld/?hostname=<domain>&myip=<ipaddr>
+To be able to dynamically update the BIND DNS server, a DNS key must be generated with the command:
-You may have to adjust your own DNS configuration to make "members.dyndns.org" point to your own
-Server and you Web Servers configuration to make "/nic/update" call the PHP script provided in this
-package.
+ ddns-confgen
+This command outputs instructions for your BIND installation. The generated key has to be added to the named.conf.local:
-Furthermore, to be able to dynamically update the BIND DNS server, DNS key must be generated with
-the command:
-
- dnskeygen -n dyndns.example.com -H 512 -h
-
-(Where "dyndns.example.com" is the key name)
-The resulting key (look at the "Key:" line in the resulting Kdyndns.example.com.+157+00000.private)
-must be copied to both, the config.php file (along with the key name, see there for details), and
-the BIND configuration (see below).
-
-
-The key has to be added to the BIND configuration (named.conf), as well as a DNS zone:
-
-
- key dyndns.example.com. {
- algorithm HMAC-MD5;
+ key "ddns-key" {
+ algorithm hmac-sha256;
secret "bvZ....K5A==";
};
+and saved to a file which is referenced in config.php as "bind.keyfile". In the "zone" entry, you have to add an "update-policy":
+
zone "dyndns.example.com" {
type master;
- file "dyndns.example.com.zone";
- allow-update {
- key dyndns.example.com.;
- };
- };
+ file "db.dyndns.example.com";
+ ...
+ update-polify {
+ grand ddns-key zonesub ANY;
+ }
+ }
-In this case, the zone is also called "dyndns.example.com". The (initial) dyndns.example.com.zone
-file (located in BIND's cache directory) looks like this:
+In this case, the zone is also called "dyndns.example.com". The (initial) db.dyndns.example.com file (located in BIND's cache directory) looks like this:
-$TTL 1h
+$TTL 1h
@ IN SOA dyndns.example.com. root.example.com. (
2007111501 ; serial
1h ; refresh
+++ /dev/null
-key dyndns.example.com. {
- algorithm HMAC-MD5;
- secret "bvZfFHkl16wNGL/LuEUAqvlBeue9lw7C8GkHnQucN6jpKDMjOu29zFR6LlO5YlpNzYquDBmDSPVddX9SuFIK5A==";
-};
-
-zone "dyndns.org" {
- type master;
- file "dyndns.org.zone";
- allow-update {
- key dyndns.example.com.;
- };
-};
/*
* Location of the hosts database
*/
-$dyndns->setConfig('hostsFile', 'conf/dyndns.hosts');
+$dyndns->setConfig('hostsFile', __DIR__ . '/../conf/dyndns.hosts');
/*
* Location of the user database
*/
-$dyndns->setConfig('userFile', 'conf/dyndns.user');
+$dyndns->setConfig('userFile', __DIR__ . '/../conf/dyndns.user');
/*
* Enable debugging?
* Secret Key for BIND nsupdate
* <keyname>:<secret>
*/
-$dyndns->setConfig('bind.key', 'dyndns.example.com:bvZfFHkl16wNGL/LuEUAqvlBeue9lw7C8GkHnQucN6jpKDMjOu29zFR6LlO5YlpNzYquDBmDSPVddX9SuFIK5A==');
+$dyndns->setConfig('bind.keyfile', __DIR__ . '/../conf/dyn.example.com.key');
/*
* Address of the BIND server. You can specify any remote DNS server here,
$server = $this->getConfig('bind.server');
$zone = $this->getConfig('bind.zone');
$ttl = $this->getConfig('bind.ttl') * 1;
- $key = $this->getConfig('bind.key');
+ $keyfile = $this->getConfig('bind.keyfile');
// sanitiy checks
if (! Helper::checkValidHost($server)) {
$this->debug('bind.ttl is too low. Setting to default 300.');
$ttl = 300;
}
- if (! eregi('^[a-z0-9.-=/]+$', $key)) {
- $this->debug('ERROR: Invalid bind.key config value');
+ if (! is_readable($keyfile)) {
+ $this->debug('ERROR: Invalid bind.keyfile config value');
return false;
}
fclose($fh);
// Execute nsupdate
- $result = exec('/usr/bin/nsupdate -y ' . $key . ' ' . $tempfile . ' 2>&1');
+ $result = exec('/usr/bin/nsupdate -k ' . escapeshellarg($keyfile) . ' ' . $tempfile . ' 2>&1');
unlink($tempfile);
if ($result != '') {
$this->debug('ERROR: nsupdate returns: ' . $result);
projects / Dyndns / .git / commitdiff