Skyfritt/dnsdrone
3
0
Fork 0
Code Issues Pull requests Releases 3 Activity
DNSDrone keeps track of public IPv4 and IPv6 addresses and updates the configured DNS records when changes are detected.
6 commits 1 branch 3 tags 103 KiB
RouterOS Script 57.6%
Shell 42.4%
Find a file
Ruben de1b5e58ca Merge remote-tracking branch 'odin/latest'
2025-03-06 10:46:03 +01:00
.gitignore Initial commit 2025-03-04 14:53:24 +01:00
dnsdrone.rsc Initial commit 2025-03-04 14:53:24 +01:00
dnsdrone.sh Add version check and auto-update 2025-03-05 11:15:22 +01:00
LICENSE fix: add license 2025-03-06 10:43:30 +01:00
README.md fix: add license 2025-03-06 10:43:30 +01:00

README.md

DNSDrone

DNSDrone is a Bash script that automatically updates DNS records (A, AAAA, PTR, and TXT) in FreeIPA or standard DNS servers using nsupdate. It detects your current public IPv4 and IPv6 addresses and updates the configured DNS records when changes are detected.

Features

  • Full DNS record management (A, AAAA, PTR, and TXT records with IPv6 prefix tracking)
  • Dual authentication support (FreeIPA user/password or TSIG keys)
  • Flexible configuration with environment variables and multiple .env file locations
  • Advanced operational modes (debug, dry-run, auto-update)
  • Multiple IP provider fallback for reliable address detection
  • Support for zone apex (root domain) updates

Prerequisites

Configuration

The script looks for a .env file in the following locations (in order):

  1. Current working directory (.env)
  2. Script's real path directory (.env)
  3. Script's real path directory (.env.<script_name>)
  4. Script's symlink path directory (.env.<symlink_name>)
  5. /opt/skyfritt-tools-env/.env.<symlink_name>

Required Variables

Variable Description
SERVER DNS server hostname or IP address
ZONE_NAME DNS zone name (e.g., "example.com")
RECORD_NAME Hostname to update (without domain). Skip to update zone apex

Authentication Variables

Either USER/PASSWORD or TSIG authentication must be configured:

FreeIPA Authentication

Variable Description
USER FreeIPA username
PASSWORD FreeIPA password

IMPORTANT! When using FreeIPA's API, the records has to exist before the script can be used. It can only modify, not add, records.

TSIG Authentication

Variable Description
TSIG_KEYNAME Name of the TSIG key
TSIG_KEY_TYPE Type of TSIG key (e.g., "hmac-sha256")
TSIG_KEY The TSIG key value

Optional Variables

Variable Description Default
RECORD_TTL Time-to-live value for DNS records in seconds 60
RECORD_A Enable IPv4 (A) record updates false
RECORD_AAAA Enable IPv6 (AAAA) record updates false
RECORD_PTR4 Enable IPv4 PTR record updates false
RECORD_PTR6 Enable IPv6 PTR record updates false
RECORD_TXT_PREFIX Enable TXT record updates for IPv6 prefix false
ISP_PREFIX_LENGHT IPv6 prefix length for TXT record updates Required if RECORD_TXT_PREFIX is true
API_VERSION FreeIPA API version 2.253

Example Configuration

# Server Configuration
SERVER=dns.example.com
ZONE_NAME=example.com
RECORD_NAME=myhost
RECORD_TTL=300

# FreeIPA Authentication
USER=dnsuser
PASSWORD=secretpassword

# Alternative: TSIG Authentication
# TSIG_KEYNAME=mykey
# TSIG_KEY_TYPE=hmac-sha256
# TSIG_KEY="base64encodedkey=="

# Record Configuration
RECORD_A=true
RECORD_AAAA=true
RECORD_PTR4=false
RECORD_PTR6=false
RECORD_TXT_PREFIX=true
ISP_PREFIX_LENGHT=56

Licensed under GNU Affero General Public License v3 (AGPL-3.0)