Skyfritt/dnsdrone
3
0
Fork 0
Code Issues Pull requests Releases 3 Activity
DNSDrone keeps track of public IPv4 and IPv6 addresses and updates the configured DNS records when changes are detected.
1 commit 1 branch 3 tags 103 KiB
RouterOS Script 57.6%
Shell 42.4%
Find a file
Exact
Ruben ababb6048b Initial commit
2025-03-04 14:53:24 +01:00
.gitignore Initial commit 2025-03-04 14:53:24 +01:00
dnsdrone.rsc Initial commit 2025-03-04 14:53:24 +01:00
dnsdrone.sh Initial commit 2025-03-04 14:53:24 +01:00
README.md Initial commit 2025-03-04 14:53:24 +01:00

README.md

DNSDrone

DNSDrone is a Bash script that automatically updates DNS records (A, AAAA, and PTR) in FreeIPA or standard DNS servers using nsupdate. It detects your current public IPv4 and IPv6 addresses and updates the configured DNS records when changes are detected.

Features

  • Supports both IPv4 (A) and IPv6 (AAAA) records
  • Optional PTR record management for both IPv4 and IPv6
  • Optional TXT record management for IPv6 prefix tracking
  • Supports authentication via FreeIPA user/password or TSIG keys
  • Configurable through environment variables
  • Debug mode for troubleshooting
  • Dry run mode for testing
  • Flexible .env file location detection
  • Multiple IP address providers for redundancy
  • Support for updating zone apex (root domain)

Prerequisites

Configuration

The script looks for a .env file in the following locations (in order):

  1. Current working directory (.env)
  2. Script's real path directory (.env)
  3. Script's real path directory (.env.<script_name>)
  4. Script's symlink path directory (.env.<symlink_name>)
  5. /opt/skyfritt-tools-env/.env.<symlink_name>

Required Variables

Variable Description
SERVER DNS server hostname or IP address
ZONE_NAME DNS zone name (e.g., "example.com")
RECORD_NAME Hostname to update (without domain). Skip to update zone apex

Authentication Variables

Either USER/PASSWORD or TSIG authentication must be configured:

FreeIPA Authentication

Variable Description
USER FreeIPA username
PASSWORD FreeIPA password

IMPORTANT! When using FreeIPA's API, the records has to exist before the script can be used. It can only modify, not add, records.

TSIG Authentication

Variable Description
TSIG_KEYNAME Name of the TSIG key
TSIG_KEY_TYPE Type of TSIG key (e.g., "hmac-sha256")
TSIG_KEY The TSIG key value

Optional Variables

Variable Description Default
RECORD_TTL Time-to-live value for DNS records in seconds 60
RECORD_A Enable IPv4 (A) record updates false
RECORD_AAAA Enable IPv6 (AAAA) record updates false
RECORD_PTR4 Enable IPv4 PTR record updates false
RECORD_PTR6 Enable IPv6 PTR record updates false
RECORD_TXT_PREFIX Enable TXT record updates for IPv6 prefix false
ISP_PREFIX_LENGHT IPv6 prefix length for TXT record updates Required if RECORD_TXT_PREFIX is true
API_VERSION FreeIPA API version 2.253

Example Configuration

# Server Configuration
SERVER=dns.example.com
ZONE_NAME=example.com
RECORD_NAME=myhost
RECORD_TTL=300

# FreeIPA Authentication
USER=dnsuser
PASSWORD=secretpassword

# Alternative: TSIG Authentication
# TSIG_KEYNAME=mykey
# TSIG_KEY_TYPE=hmac-sha256
# TSIG_KEY="base64encodedkey=="

# Record Configuration
RECORD_A=true
RECORD_AAAA=true
RECORD_PTR4=false
RECORD_PTR6=false
RECORD_TXT_PREFIX=true
ISP_PREFIX_LENGHT=56