2020-05-18 00:53:43 +02:00
|
|
|
# Worker DDNS
|
|
|
|
|
|
2020-05-20 00:43:48 +02:00
|
|
|
This repository provides two simple scripts that together will allow you to build a
|
2021-06-02 23:37:13 +02:00
|
|
|
simple and efficient DDNS system using Cloudflare Workers and DNS.
|
2020-05-18 00:53:43 +02:00
|
|
|
|
2020-05-20 00:43:48 +02:00
|
|
|
**Example use case:** You have a machine where the IP address is dynamically assigned and
|
|
|
|
|
changes frequently.
|
2020-05-18 00:53:43 +02:00
|
|
|
|
2021-06-02 23:37:13 +02:00
|
|
|
The `agent.py` will regularly contact the CF worker running the `worker.js` code,
|
2020-05-20 00:43:48 +02:00
|
|
|
that will in turn use the cloudflare API to update the DNS record in question
|
|
|
|
|
with the new IP address.
|
|
|
|
|
|
|
|
|
|
## Why use Workers
|
|
|
|
|
|
|
|
|
|
Because we don't want to signup to an extra external service, we want to apply
|
|
|
|
|
the principle of the least privilege and the name should belong to a domain we
|
|
|
|
|
control.
|
|
|
|
|
|
|
|
|
|
Since Cloudflare API Token permissions aren't granular enough to limit the token
|
2021-06-02 23:37:13 +02:00
|
|
|
access to a single DNS record, we place a worker in front of it (this way the token
|
|
|
|
|
with extra priviledges never leaves cloudflare's servers).
|
2020-05-20 00:43:48 +02:00
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
|
|
|
Both scripts (`worker.js` and `agent.py`) don't require any extra dependencies,
|
2021-06-02 23:37:13 +02:00
|
|
|
so they can be copied right out of the repository tothe destination without any
|
|
|
|
|
extra steps.
|
2020-05-20 00:43:48 +02:00
|
|
|
|
2021-06-02 23:37:13 +02:00
|
|
|
Before starting, you need to create a new API Token on your Cloudflare's profile page with
|
2020-05-20 00:43:48 +02:00
|
|
|
permissions to edit the DNS records of one of your domains (Zone).
|
|
|
|
|
|
|
|
|
|
### Worker
|
|
|
|
|
|
|
|
|
|
The next step is to create a new worker and then set `worker.js` as its content.
|
|
|
|
|
This can be easily done using the "Quick Edit" button on the worker's detail page.
|
|
|
|
|
|
|
|
|
|
Add the following environment variables on the worker settings tab:
|
|
|
|
|
|
|
|
|
|
- `CF_API_TOKEN` - The token you just created. You just also click on the
|
|
|
|
|
"encrypt" button.
|
|
|
|
|
- `SHARED_KEY` - Generate a long and random string and put it here. Click encrypt.
|
|
|
|
|
- `DNS_RECORD` - the DNS record that should be updated. Something like
|
|
|
|
|
`<somename>.<your-domain>`.
|
|
|
|
|
- `ZONE` - The zone_id of your domain. You can find it on the sidebar of the domain
|
|
|
|
|
overview page.
|
|
|
|
|
|
|
|
|
|
Then deploy the worker.
|
|
|
|
|
|
|
|
|
|
### Agent
|
|
|
|
|
|
|
|
|
|
Copy the `agent.py` file to the machine you want your subdomain/domain
|
|
|
|
|
"pointed to".
|
|
|
|
|
|
|
|
|
|
Set the following environment variables:
|
|
|
|
|
|
|
|
|
|
- `SHARED_KEY` - The same long and random string you generated for the worker.
|
|
|
|
|
- `WORKER_URL` - The URL of your worker.
|
|
|
|
|
|
|
|
|
|
Then execute the script:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
$ ./agent.py
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
In the most common scenario you will want to run it periodically. So you will need to
|
2021-06-02 23:37:13 +02:00
|
|
|
use a scheduler like `cron` or a `systemd timer unit`. Below is a simple example
|
2020-05-20 00:43:48 +02:00
|
|
|
that can be inserted after running `crontab -e`:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
SHARED_KEY=<your-generated-key>
|
|
|
|
|
WORKER_URL=<cf-worker-url>
|
|
|
|
|
*/5 * * * * /path/to/agent.py
|
|
|
|
|
```
|
