diff --git a/fighter/config/ddns/README.md b/fighter/config/ddns/README.md index 31bfa69..f199b0a 100644 --- a/fighter/config/ddns/README.md +++ b/fighter/config/ddns/README.md @@ -15,4 +15,13 @@ docker-compose up -d --force-recreate First we export the variables in the `ddclient_secrets.env` file (which are all simple key-value pairs). Then, the [`envsubst`](https://www.baeldung.com/linux/envsubst-command) command looks for env variable references (like `$USER_Jafner_chat`) in the `ddclient.template` file (via stdin) and replaces them with the values from the current shell. We remove the secrets from the shell to preserve security. Finally, we recreate the container to apply the new settings. -[StackOverflow - Set environment variables from file of ke/value pairs](https://stackoverflow.com/questions/19331497/set-environment-variables-from-file-of-key-value-pairs) \ No newline at end of file +[StackOverflow - Set environment variables from file of ke/value pairs](https://stackoverflow.com/questions/19331497/set-environment-variables-from-file-of-key-value-pairs) + +## Getting credentials for Cloudflare domains + +Cloudflare requires a token to be set in the `ddclient_secrets.env` file, which is not stored in Git. To get this token, we need to log into our Cloudflare account and go to the [API Tokens page](https://dash.cloudflare.com/profile/api-tokens). We create a new token with the following permissions: + - Name: `ddclient ` + - Permissions: Zone DNS Edit + - Zone Resources: Include Specific zone, + - IP Filtering: Off + - TTL: None. diff --git a/fighter/config/ddns/ddclient/ddclient.template b/fighter/config/ddns/ddclient/ddclient.template index b2545e0..b80cf76 100644 --- a/fighter/config/ddns/ddclient/ddclient.template +++ b/fighter/config/ddns/ddclient/ddclient.template @@ -1,43 +1,26 @@ -# jafner.dev +daemon=300 +syslog=yes +pid=/var/run/ddclient/ddclient.pid +ssl=no use=web -web=dynamicdns.park-your-domain.com/getip -protocol=googledomains -daemon=1800 -ssl=yes -login=$USER_Jafner_dev -password=$PASS_Jafner_dev -@.jafner.dev, *.jafner.dev -# jafner.chat -use=web -web=dynamicdns.park-your-domain.com/getip -web-skip='IP Address' -protocol=cloudflare -daemon=1800 -ssl=yes -login=$USER_Jafner_chat -password=$PASS_Jafner_chat -zone=jafner.chat -jafner.chat,*.jafner.chat +# jafner.dev +protocol=cloudflare, \ +zone=jafner.dev,\ +ttl=1,\ +password='$TOKEN_Jafner_dev', \ +jafner.dev # jafner.net -use=web -web=dynamicdns.park-your-domain.com/getip -web-skip='IP Address' -protocol=cloudflare -daemon=1800 -ssl=yes -login=$USER_Jafner_net -password=$PASS_Jafner_net -zone=jafner.net -jafner.net,*.jafner.net +protocol=cloudflare, \ +zone=jafner.net, \ +ttl=1, \ +password='$TOKEN_Jafner_net', \ +jafner.net, *.jafner.net -# meganmcdonough.art -use=web -web=dynamicdns.park-your-domain.com/getip -protocol=googledomains -daemon=1800 -ssl=yes -login=$USER_Meganmcdonough_art -password=$PASS_Meganmcdonough_art -meganmcdonough.art \ No newline at end of file +# jafner.chat +protocol=cloudflare,\ +zone=jafner.chat,\ +ttl=1,\ +password='$TOKEN_Jafner_chat',\ +jafner.chat, *.jafner.chat