Utiliser l'API gandi pour faire du DNS dynamique (à la DynDNS)
Vous avez un nom de domaine enregistré chez gandi.net ? Vous avez besoin d'un nom de domain pour une machine perso sur une ligne ADSL ? Rien de plus simple !
Créer d'abord une clé d'API sur https://www.gandi.net/admin/api_key
Puis on crée via l'interface web une entrée initiale pour la machine qui nous intéresse (par exemple monpc.mydomain.com) sur https://www.gandi.net/admin/domain
On télécharge le script python qui va accèder à cette API:
git clone https://github.com/lembregtse/gandi-dyndns.git /usr/local/src/gandi-dyndns
ln -s /usr/local/src/gandi-dyndns/gandi-dyndns /usr/local/bin/gandi-dyndns
Premier jet en ligne de commande ( vous devez utilisez la clé de production pour que ca marche)
gandi-dyndns --api=123rdyy --domain=mydomain.com --record=monpc
On ajoute dans la crontab le script suivant pour actualiser toutes les heures:
dans un fichier /etc/cron.hourly/gandy
!/bin/sh
/usr/local/bin/gandi-dyndns --api=123rdBy --domain=mydomain.com --record=monpc > /var/log/gandy.log
Enjoy your dyndns !
a bind9 service running somewhere, which can host the domain and accept the updates.
delegation of a subdomain to that bind9 service. Since Gandi runs my top level domain for me, I need to create a subdomain and delegate to it, and then make dynamic updates into that subdomain. I can still use CNAMEs in the top level domain to hide the subdomain if I wish.
configuration of the bind9 service to accept secure updates.
a script to do the updates.
This article will give you a short introduction to DDNS, and will only apply to a precise example. I will not detail the reasons of my choice. However, the links provided at the end of the document will allow you further understand the uses that can be made of DDNS.
Requirements
2 machines running GNU/Linux: one at home with a dynamic IP, the other elsewhere with a fix IP
BIND 9.2.0 or newer should be installed on the external machine (and act as primary DNS for your domain – the setup won’t be detailed here)
the nsupdate utility on your router at home. This comes as part of the dnsutils Debian package.
First off: This is not DynDNS as you might know it from dyndns.org. You can’t use clients like ddclient. I’m using DNSSEC and ‘nsupdate’. You’ll need to be familiar with Bind and some shell scripting… Also I only got this working on *nix and I don’t have any intention to try it on Windows
Today, we’ll see how to configure bind to perform dynamic DNS updates according to your public IP address changes.
Prerequisites: net-dns/bind, net-dns/bind-tools, control a nameserver and a domain of course