Go to file

Kristian Krsnik 336d3ecf21 removed mypy		2024-05-23 18:57:41 +02:00
nix	deleted unused file	2023-10-13 13:57:49 +02:00
src	renamed source directory	2023-10-13 14:58:58 +02:00
.envrc	added direnv support	2023-08-03 14:22:29 +02:00
.gitignore	changed gitignore	2023-10-13 13:51:12 +02:00
README.md	Began refactoring	2023-10-05 14:46:06 +02:00
flake.lock	updated inputs	2024-05-23 18:08:56 +02:00
flake.nix	updated dependency management and dev environment	2024-01-02 15:12:51 +01:00
poetry.lock	removed mypy	2024-05-23 18:57:41 +02:00
pyproject.toml	removed mypy	2024-05-23 18:57:41 +02:00

README.md

Dyn-Gandi

A DNS record updater for Gandi's LiveDNS API. This script is heavily inspired by dyn-gandi.

How it works

This script determines the the current IP address by querying the resolvers defined in the config file. It then queries the subdomains' A records off of Gandi and compares their IP addresses to the current IP address. Should the IP address of a subdomain's A record not match your current IP address it will be updated. The subdomain's A record will be created should it not already exist.

Notes

Every invocation of the script causes at least 1 request to a resolver specified and 1 API call to Gandi per domain. Updating a subdomain's A record is 1 API request per subdomain, even if they share the same domain.
Resolvers are queried in the order specified until one returns a valid IP address.
It is also possible to define a path to a file with the API key written in it. This is good for environments where the config file has to be shared like in a nix project.

Usage

First, get your API key from https://account.gandi.net/en/users/USER/security where USER is your Gandi username.

The script looks for a config file at $HOME/.config/dyn-gandi/config.log or /etc/dyn-gandi.conf in that order. So create a file at one of these locations according to the schema below.

{
  "api": {
    "<Your-API-Key>": {
      "example.com": [ "@", "www", "sub1" ],
      "example.org": [ "@", "www", "sub1", "sub2" ]
    },
    "/path/to/a/file/containing/api_key": {
      "example.at": [ "sub1" ],
      "example.au": [ "sub1", "sub2" ]
    }
  },
  "resolvers": [
    "https://ifconfig.me/ip",
    "https://me.gandi.net"
  ],
  "ttl": 3600,
  "log_path": "./log.txt"
}

Nix

Add this to the modules.

inputs = {
  nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
  dyn-gandi.url = "git+https://git.krsnik.at/Kristian/dyn-gandi";
};

outputs = {
  self,
  nixpkgs,
  dyn-gandi
}: {
  ...
  modules = [
    dyn-gandi.nixosModules.default
    {
      dyn-gandi.enable = true;
      dyn-gandi.timer = 300;
      dyn-gandi.settings = {
        api = {
          "/path/to/a/file/containing/api_key" = {
            "example.com" = ["@" "www"];
          };
        };
        resolvers = [
          "https://ifconfig.me/ip"
          "https://me.gandi.net"
        ];
        ttl = 3600;
        log_path = "/path/to/log/file";
      };
    }
    ...
  ];
  ...
}

Use dyn-gandi.nixosModules.default for a NixOs module and dyn-gandi.homeManagerModules.default for home-manager

dyn-gandi.timer specifies a timer in seconds when the script should be repeated.

Features

Support for arbitrarily many domains and subdomains through a nested data structure.
Small codebase
Logging
NixOS and home-manager modules

Limitations

Only IPv4 addresses are supported

TODO

Testing
Command line options controlling: dry-run, config, log, verbosity, force
Support IPv6
Per subdomain TTL
Better documentation
Better logging