Running a server at home can be cumbersome as your IP changes, making it difficult for people (including yourself) to find your server when away from home. There are dynamic dns solutions available (comparitech.com) (e.g. DuckDNS (duckdns.org) that solve this, but this requires an extra step (i.e. the dynamic dns hostname). Gandi (gandi.net) offers an API to edit their domains, meaning that we don’t need the extra step and can update our domain directly. (BTW, besides this, domains also come with 2 mailboxes and a static website, for only ~1€ per month! (no I don’t get sponsored) – Update 2023: Gandi was bought by another company (ycombinator.com) and raised their prices for mailboxes by 1000% (neocities.org). I recommend using Soverin (soverin.net) for e-mail instead, see here how to migrate your data).

Overview of solutions ¶

It seems several people already solved this problem, so we only need to pick a suitable solution. Below candidates I could find with date of latest commit & number of stars.

1. https://github.com/Danamir/dyn-gandi/ (github.com) (January 2021, 45★, 409 sloc)
2. https://github.com/brianpcurran/gandi-automatic-dns (github.com) (Nov 2020, 86★, supports LiveDNS, 420 sloc)
3. https://github.com/cavebeat/gandi-live-dns (github.com) (March 2018, 114★, supports LiveDNS, 140 sloc)
   1. https://github.com/wittypluck/gandi-live-dns (github.com) (supports Python 3, adds some features)
   2. https://github.com/driesdeschout/gandi-live-dns (github.com) (supports Python 3, adds some features)
   3. https://github.com/dvdme/gandi-live-dns (github.com) (Supports Python 3, minor update)
4. https://github.com/AlessioCasco/gandi-dyndns (github.com) (April 2017, 0★, does not support LiveDNS)

Requirements are:

• do not steal my private API
• use new LiveDNS api
• be stable

I settled for wittypluck/gandi-automatic-dns because it’s short and simple, which helps in auditing nobody steals my API key.

Installation ¶

1. Download & unzip the specific version I audited online

   wget https://github.com/wittypluck/gandi-live-dns/archive/cf3542714fc52bbf21c1a4d00787a88343b04960.zip -O gandi-live-dns.zip
   unzip gandi-live-dns.zip
   

2. Copy example config, chmod to ensure nobody can read my API key, then fill in settings.

   cp example.config.py config.py
   chmod og-rwx config.py
   cat <<EOF >> config.py
   # My config
   api_secret='insert key here'
   domains={'vanwerkhoven.org':['www','home']}
   ttl='1800' # our IP doesnt change that often, 30min down is ~OK
   ifconfig4='http://whatismyip.akamai.com' # returns ipv4
   ifconfig6='https://ifconfig.co/ip' # returns ipv6
   interface='' # set empty because else we get local ipv6 address
   EOF
   

   1. TODO: Note that because the tool cannot choose whether it makes an ipv4 or ipv6 connection, you have to get ipv4/ipv6 dedicated services for ifconfig{4,6}, i.e. ifconfig4 must always return ipv4, ifconfig6 must always return ipv6. I’ve found the above two services provide this, but that’s more a coincidence (akamai could decide to support ipv6 later). Update: Perhaps use https://myip4.jsiu.dev/ (jsiu.dev) & https://myip6.jsiu.dev/ (jsiu.dev) ?
3. Testrun

   python3 gandi-live-dns.py
   

   1. If a record doesn’t exist (yet), you confusingly get an error. Error disappears on subsequent runs.

      Error: HTTP Status Code  404 when trying to get IP from subdomain tim
      Can't find the DNS record tim/AAAA in the zone
      Going to update/create the DNS Records for the subdomain tim old IP -1 new IP fded:99:0:100:96c6:91ff:fe12:5eec
      

4. Automate in cron, set repeat time to high frequency (e.g. every 5min), because the tool will only update if it detects a change, so there’s little risk of triggering the rate limiter at Gandi’s end.

crontab -e
*/5 * * * * python3 /home/tim/workers/gandi-live-dns/src/gandi-live-dns.py >/dev/null 2>&1