Skyfritt/dnsdrone
3
0
Fork 0
Code Issues Pull requests Releases 3 Activity

fix: add mikrotik details

Browse source
This commit is contained in:
Ruben 2025-03-06 10:51:51 +01:00
parent de1b5e58ca
commit 18c1f1a37d
1 changed files with 64 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

123
README.md
View file

@ -1,26 +1,45 @@
# DNSDrone
DNSDrone is a Bash script that automatically updates DNS records (A, AAAA, PTR, and TXT) in FreeIPA or standard DNS servers using nsupdate. It detects your current public IPv4 and IPv6 addresses and updates the configured DNS records when changes are detected.
DNSDrone is a collection of scripts for automatically updating DNS records (A, AAAA, PTR, and TXT) in FreeIPA or standard DNS servers. It supports both Bash environments and Mikrotik routers.
## Features
- Full DNS record management (A, AAAA, PTR, and TXT records with IPv6 prefix tracking)
### Common Features
- Full DNS record management (A, AAAA, PTR, and TXT records)
- IPv6 prefix tracking and updates
- Support for zone apex (root domain) updates
- FreeIPA API integration
### Bash Script Features
- Dual authentication support (FreeIPA user/password or TSIG keys)
- Flexible configuration with environment variables and multiple .env file locations
- Advanced operational modes (debug, dry-run, auto-update)
- Multiple IP provider fallback for reliable address detection
- Support for zone apex (root domain) updates
- Automatic updates with version checking
### Mikrotik Script Features
- Native RouterOS integration
- DHCP client-based IP detection
- DoH (DNS over HTTPS) support for TXT record queries
- Cookie-based FreeIPA authentication
## Prerequisites
### For Bash Script
- curl
- jq
- dig
- nsupdate
- [ipcalc or ipcalc-ng](https://gitlab.com/ipcalc/ipcalc) ("ng" for Debian-based distros)
### For Mikrotik Script
- RouterOS with SSH capability
- DHCP client configuration
- Internet connectivity for API access
## Configuration
### Bash Script Configuration
The script looks for a `.env` file in the following locations (in order):
1. Current working directory (`.env`)
2. Script's real path directory (`.env`)
@ -28,70 +47,56 @@ The script looks for a `.env` file in the following locations (in order):
4. Script's symlink path directory (`.env.<symlink_name>`)
5. `/opt/skyfritt-tools-env/.env.<symlink_name>`
### Required Variables
#### Required Variables
| Variable | Description |
|----------|-------------|
| `SERVER` | DNS server hostname or IP address |
| `ZONE_NAME` | DNS zone name (e.g., "example.com") |
| `RECORD_NAME` | Hostname to update (without domain). Skip to update zone apex |
### Authentication Variables
Either USER/PASSWORD or TSIG authentication must be configured:
[Rest of the existing configuration documentation remains the same...]
#### FreeIPA Authentication
| Variable | Description |
|----------|-------------|
| `USER` | FreeIPA username |
| `PASSWORD` | FreeIPA password |
### Mikrotik Script Configuration
Configure the script by modifying the CONFIG dictionary:
**IMPORTANT!** When using FreeIPA's API, the records has to exist *before* the script can be used. It can only modify, not add, records.
#### TSIG Authentication
| Variable | Description |
|----------|-------------|
| `TSIG_KEYNAME` | Name of the TSIG key |
| `TSIG_KEY_TYPE` | Type of TSIG key (e.g., "hmac-sha256") |
| `TSIG_KEY` | The TSIG key value |
### Optional Variables
| Variable | Description | Default |
|----------|-------------|---------|
| `RECORD_TTL` | Time-to-live value for DNS records in seconds | 60 |
| `RECORD_A` | Enable IPv4 (A) record updates | false |
| `RECORD_AAAA` | Enable IPv6 (AAAA) record updates | false |
| `RECORD_PTR4` | Enable IPv4 PTR record updates | false |
| `RECORD_PTR6` | Enable IPv6 PTR record updates | false |
| `RECORD_TXT_PREFIX` | Enable TXT record updates for IPv6 prefix | false |
| `ISP_PREFIX_LENGHT` | IPv6 prefix length for TXT record updates | Required if RECORD_TXT_PREFIX is true |
| `API_VERSION` | FreeIPA API version | 2.253 |
### Example Configuration
```env
# Server Configuration
SERVER=dns.example.com
ZONE_NAME=example.com
RECORD_NAME=myhost
RECORD_TTL=300
# FreeIPA Authentication
USER=dnsuser
PASSWORD=secretpassword
# Alternative: TSIG Authentication
# TSIG_KEYNAME=mykey
# TSIG_KEY_TYPE=hmac-sha256
# TSIG_KEY="base64encodedkey=="
# Record Configuration
RECORD_A=true
RECORD_AAAA=true
RECORD_PTR4=false
RECORD_PTR6=false
RECORD_TXT_PREFIX=true
ISP_PREFIX_LENGHT=56
```rsc
:local CONFIG {
"wanInterface"="VLAN666_Altibox";
"IpaServer"="ipa.demo1.freeipa.org";
"dnsZone"="demo1.freeipa.org";
"IpaUser"="admin";
"IpaPassword"="Secret123";
"apiVersion"="2.253";
"recordTTL"="300";
# [Additional configuration options...]
}
```
## Usage
### Bash Script
```bash
# Basic usage
./dnsdrone.sh
# Debug mode
./dnsdrone.sh -d
# Dry run
./dnsdrone.sh -n
# Check for updates
./dnsdrone.sh -c
# Auto-update
./dnsdrone.sh -a
```
### Mikrotik Script
1. Upload the script to your Mikrotik router
2. Configure the CONFIG dictionary
3. Run manually or schedule via RouterOS scheduler
## License
Licensed under GNU Affero General Public License v3 (AGPL-3.0)