Comments (6)
After encountering this issue, I've ended up switching to a systemd service and I figured I would share, I've made it so that I do not need to manually find the zone and record ids like other example code I found does. Note the customized parts of the domains, the interface (enp2s0), and the api token, which has edit dns permissions on all zones and read permissions on zones.
systemd.services.cfdyndns = {
serviceConfig.Type = "oneshot";
after = [ "network.target" ];
path = with pkgs; [curl iproute2 gawk dig jq];
script = ''
declare -a DOMAINS=(
"*.diekvoss.net"
"mc.toyvo.dev"
)
TOKEN=${builtins.readFile ./cfapitoken}
function put_record() {
curl -sS -X PUT \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d "{\"type\":\"A\",\"name\":\"$3\",\"content\":\"$4\",\"ttl\":1,\"proxied\":false}" \
"https://api.cloudflare.com/client/v4/zones/$1/dns_records/$2"
}
function get_ip() {
curl -sS \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
https://api.cloudflare.com/client/v4/zones/$1/dns_records/$2 | jq -r '.result.content'
}
function get_zone() {
curl -sS \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
https://api.cloudflare.com/client/v4/zones?name=$1 | jq -r '.result.[].id'
}
function get_record() {
curl -sS \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
https://api.cloudflare.com/client/v4/zones/$1/dns_records?name=$2 | jq -r '.result.[].id'
}
NEW_IP=$(ip addr show dev enp2s0 | awk '/inet / {print $2}' | cut -d '/' -f1)
echo "The IP Address of this machine is $NEW_IP"
for DOMAIN in "''${DOMAINS[@]}"
do
CURRENT_IP=$(dig +short $DOMAIN)
echo "DNS for $DOMAIN is currently set to $CURRENT_IP"
if [ "$CURRENT_IP" != "$NEW_IP" ]; then
echo "DNS for $DOMAIN Doesn't point to $NEW_IP, checking for confirmation..."
BASE_DOMAIN=$(awk -F'.' '{gsub(/^\*\./, ""); print $(NF-1) "." $NF}' <<< "$DOMAIN")
echo "Base for $DOMAIN is $BASE_DOMAIN"
ZONE=$(get_zone "$BASE_DOMAIN")
echo "Zone ID for $BASE_DOMAIN is $ZONE"
RECORD=$(get_record "$ZONE" "$DOMAIN")
echo "Record ID for $DOMAIN is $RECORD"
CONFIRM_IP=$(get_ip "$ZONE" "$RECORD")
echo "DNS for $DOMAIN is confirmed set to $CONFIRM_IP"
if [ "$CONFIRM_IP" != "$NEW_IP" ]; then
echo "Updating DNS record for $DOMAIN to $NEW_IP"
put_record "$ZONE" "$RECORD" "$DOMAIN" "$NEW_IP"
else
echo "DNS record for $DOMAIN is already set to $NEW_IP, skipping update. Assuming TTL."
fi
else
echo "DNS record for $DOMAIN is $NEW_IP, skipping update."
fi
done
'';
startAt = "*:0/5";
};
Note I did not design this to handle 2tld like .co.uk etc
from cfdyndns.
It also uses systemd credentials instead of putting the token in the world-readable nix store
Haha yeah I really need to put in the work for sops
from cfdyndns.
I've made a PR to fix this (#60), and a PR on the upstream cloudflare-rs (cloudflare/cloudflare-rs#240), although considering they haven't yet merged cloudflare/cloudflare-rs#232 yet I don't have high hopes that mine will be merged anytime soon. I'm happy to update the nixpkgs when this gets merged, unless anybody else wants to.
For now, you can override the source to point to my repo, as shown in https://nixos.wiki/wiki/Overlays#Overriding_a_version
from cfdyndns.
This is related to cloudflare/cloudflare-rs#236
Doesn't seem fixable until the upstream crate is fixed :/
from cfdyndns.
It sounds as simple as removing a field. I'll take a look upstream later it should be quite a simple crate patch that we can apply quickly 🤞
from cfdyndns.
I ended up doing the same as @ToyVo and created a bash script as a replacement to cfdyndns (and it does less requests since it's not restricted by cloudflare
crate's terrible design).
Mine should support all kinds of TLDs and domains, and it gets the public IP through DNS (using Cloudflare's 1.1.1.1), meaning the machine can be behind NAT.
It also uses systemd credentials instead of putting the token in the world-readable nix store (like the module of this project in nixpkgs).
If anyone wants to copy it:
diogotcorreia/dotfiles@7d58611
I appreciate all the work @nrdxp has done for this project, but it seems cloudflare's crate is giving some headaches at the moment 😅
Hope it works again at some point 🤞
from cfdyndns.
Related Issues (13)
- Should support a flag to set ip based off of NIC
- Wrong Cargo.lock in v0.0.2 HOT 6
- FR: support user API keys HOT 8
- cfdyndns enable proxy when changing IP
- allow setting AAAA records (ivp6 support) HOT 1
- SSL error HOT 2
- transfer ownership to nrdxp HOT 4
- Nixos, SOPS, and apitokenfile = Invalid format for Authorization header
- NixOS failed to parse header value
- cfdyndns fails when a `CAA` record (or any other unknown RR type) exists in the zone HOT 4
- Error: error sending request for url (https://api.cloudflare.com/client/v4/zones): error trying to connect: dns error: failed to lookup address information: Name or service not known
- stuck forever HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cfdyndns.