Tim's blah blah blah

Dyndns at Gandi using Livedns

(Updated: )

Running a server at home can be cumbersome as your IP changes, making it difficult for people (including yourself) to find your server when away from home. There are dynamic dns solutions available (e.g. DuckDNS that solve this, but this requires an extra step (i.e. the dynamic dns hostname). Gandi offers an API to edit their domains, meaning that we don’t need the extra step and can update our domain directly. (BTW, besides this, domains also come with 2 mailboxes and a static website, for only ~1€ per month! (no I don’t get sponsored) – Update 2023: Gandi was bought by another company and raised their prices for mailboxes by 1000%. I recommend using Soverin for e-mail instead, see here how to migrate your data).

Overview of solutions

It seems several people already solved this problem, so we only need to pick a suitable solution. Below candidates I could find with date of latest commit & number of stars.

  1. https://github.com/Danamir/dyn-gandi/ (January 2021, 45★, 409 sloc)
  2. https://github.com/brianpcurran/gandi-automatic-dns (Nov 2020, 86★, supports LiveDNS, 420 sloc)
  3. https://github.com/cavebeat/gandi-live-dns (March 2018, 114★, supports LiveDNS, 140 sloc)
    1. https://github.com/wittypluck/gandi-live-dns (supports Python 3, adds some features)
    2. https://github.com/driesdeschout/gandi-live-dns (supports Python 3, adds some features)
    3. https://github.com/dvdme/gandi-live-dns (Supports Python 3, minor update)
  4. https://github.com/AlessioCasco/gandi-dyndns (April 2017, 0★, does not support LiveDNS)

Requirements are:

I settled for wittypluck/gandi-automatic-dns because it’s short and simple, which helps in auditing nobody steals my API key.

Installation

  1. Download & unzip the specific version I audited online
    wget https://github.com/wittypluck/gandi-live-dns/archive/cf3542714fc52bbf21c1a4d00787a88343b04960.zip -O gandi-live-dns.zip
    unzip gandi-live-dns.zip
    
  2. Copy example config, chmod to ensure nobody can read my API key, then fill in settings.
    cp example.config.py config.py
    chmod og-rwx config.py
    cat <<EOF >> config.py
    # My config
    api_secret='insert key here'
    domains={'vanwerkhoven.org':['www','home']}
    ttl='1800' # our IP doesnt change that often, 30min down is ~OK
    ifconfig4='http://whatismyip.akamai.com' # returns ipv4
    ifconfig6='https://ifconfig.co/ip' # returns ipv6
    interface='' # set empty because else we get local ipv6 address
    EOF
    
    1. TODO: Note that because the tool cannot choose whether it makes an ipv4 or ipv6 connection, you have to get ipv4/ipv6 dedicated services for ifconfig{4,6}, i.e. ifconfig4 must always return ipv4, ifconfig6 must always return ipv6. I’ve found the above two services provide this, but that’s more a coincidence (akamai could decide to support ipv6 later). Update: Perhaps use https://myip4.jsiu.dev/ & https://myip6.jsiu.dev/ ?
  3. Testrun
    python3 gandi-live-dns.py
    
    1. If a record doesn’t exist (yet), you confusingly get an error. Error disappears on subsequent runs.
      Error: HTTP Status Code  404 when trying to get IP from subdomain tim
      Can't find the DNS record tim/AAAA in the zone
      Going to update/create the DNS Records for the subdomain tim old IP -1 new IP fded:99:0:100:96c6:91ff:fe12:5eec
      
  4. Automate in cron, set repeat time to high frequency (e.g. every 5min), because the tool will only update if it detects a change, so there’s little risk of triggering the rate limiter at Gandi’s end.
crontab -e
*/5 * * * * python3 /home/tim/workers/gandi-live-dns/src/gandi-live-dns.py >/dev/null 2>&1 

#gandi #dyndns