# DNSDrone DNSDrone is a Bash script that automatically updates DNS records (A, AAAA, PTR, and TXT) in FreeIPA or standard DNS servers using nsupdate. It detects your current public IPv4 and IPv6 addresses and updates the configured DNS records when changes are detected. ## Features - Full DNS record management (A, AAAA, PTR, and TXT records with IPv6 prefix tracking) - Dual authentication support (FreeIPA user/password or TSIG keys) - Flexible configuration with environment variables and multiple .env file locations - Advanced operational modes (debug, dry-run, auto-update) - Multiple IP provider fallback for reliable address detection - Support for zone apex (root domain) updates ## Prerequisites - curl - jq - dig - nsupdate - [ipcalc or ipcalc-ng](https://gitlab.com/ipcalc/ipcalc) ("ng" for Debian-based distros) ## Configuration The script looks for a `.env` file in the following locations (in order): 1. Current working directory (`.env`) 2. Script's real path directory (`.env`) 3. Script's real path directory (`.env.`) 4. Script's symlink path directory (`.env.`) 5. `/opt/skyfritt-tools-env/.env.` ### Required Variables | Variable | Description | |----------|-------------| | `SERVER` | DNS server hostname or IP address | | `ZONE_NAME` | DNS zone name (e.g., "example.com") | | `RECORD_NAME` | Hostname to update (without domain). Skip to update zone apex | ### Authentication Variables Either USER/PASSWORD or TSIG authentication must be configured: #### FreeIPA Authentication | Variable | Description | |----------|-------------| | `USER` | FreeIPA username | | `PASSWORD` | FreeIPA password | **IMPORTANT!** When using FreeIPA's API, the records has to exist *before* the script can be used. It can only modify, not add, records. #### TSIG Authentication | Variable | Description | |----------|-------------| | `TSIG_KEYNAME` | Name of the TSIG key | | `TSIG_KEY_TYPE` | Type of TSIG key (e.g., "hmac-sha256") | | `TSIG_KEY` | The TSIG key value | ### Optional Variables | Variable | Description | Default | |----------|-------------|---------| | `RECORD_TTL` | Time-to-live value for DNS records in seconds | 60 | | `RECORD_A` | Enable IPv4 (A) record updates | false | | `RECORD_AAAA` | Enable IPv6 (AAAA) record updates | false | | `RECORD_PTR4` | Enable IPv4 PTR record updates | false | | `RECORD_PTR6` | Enable IPv6 PTR record updates | false | | `RECORD_TXT_PREFIX` | Enable TXT record updates for IPv6 prefix | false | | `ISP_PREFIX_LENGHT` | IPv6 prefix length for TXT record updates | Required if RECORD_TXT_PREFIX is true | | `API_VERSION` | FreeIPA API version | 2.253 | ### Example Configuration ```env # Server Configuration SERVER=dns.example.com ZONE_NAME=example.com RECORD_NAME=myhost RECORD_TTL=300 # FreeIPA Authentication USER=dnsuser PASSWORD=secretpassword # Alternative: TSIG Authentication # TSIG_KEYNAME=mykey # TSIG_KEY_TYPE=hmac-sha256 # TSIG_KEY="base64encodedkey==" # Record Configuration RECORD_A=true RECORD_AAAA=true RECORD_PTR4=false RECORD_PTR6=false RECORD_TXT_PREFIX=true ISP_PREFIX_LENGHT=56 ``` Licensed under GNU Affero General Public License v3 (AGPL-3.0)