Python Dynamic DNS update tool

POSSIBLE OUTDATED INFORMATION!
The information on this page may not function or work as intended. DreamHost support is unable to assist with any customizations. Use at your own risk!

There are a couple of Python solutions for Dynamic DNS updates. They differ in how and where they run:

  • dhdynamicdns runs as a script that lives in your DreamHost web space. DNS records are updated by accessing the script from a computer on your home network.
  • dhdynupdate runs as a daemon on your local Linux system, and supports updating AAAA (IPv6) addresses in DNS as well as A (IPv4) records.

dhdynamicdns

Tool is current as of 2015-02-19

This is a turnkey solution for Dynamic DNS updates. The Python script lives on your DreamHost web space and you trigger updates by accessing the script from a computer on your home network. This article includes a section on how to schedule the script to trigger.

Prerequisites

  • Home computer with tools to schedule automatic requests of a URL
  • DreamHost shell account
  • Fully hosted DreamHost domain
  • DreamHost API key with authorization to delete and create the domain you want to work with. Create one at: https://panel.dreamhost.com/?tree=home.api

Procedure

The script uses python libraries that aren't available on DreamHost. This requires you set up a virtual python environment and install the required library. Open a terminal session and type the following shell commands in order. 

[server]$ wget http://pypi.python.org/packages/source/v/virtualenv/virtualenv-1.11.6.tar.gz
[server]$ tar -xvzf virtualenv-1.11.6.tar.gz
[server]$ python virtualenv-1.11.6/virtualenv.py  --system-site-packages $HOME/local
[server]$ cd ~/local/bin
[server]$ ./pip install requests

Navigate to the directory of the website where you want to run the script from

Put the code here from https://github.com/mattjm/dhdynamicdns. You can use git for this:

[server]$ $git clone https://github.com/mattjm/dhdynamicdns

git will create a new folder with the script in it. Go to the folder and change the permissions on the script so it's executable.

[server]$ cd dhdynamicdns
[server]$ chmod 755 dns.py

Edit dns.py and fill in your own values for apiKey, domainName, and myPass.

  • apiKey is your dreamhost API key.
  • domainName is the full domain name you want to activate Dynamic DNS for such as my-dynamic-subdomain.example.com.
  • myPass is not a password for anything else. You must select one just for the script. It's a string that you later pass in the URL when you run the script. This prevents someone else on the Internet from being able to update your IP address.
  • Also in the very first line of the script you need to change "username" to the username of the account that you're currently logged in as.

At this point you can test the script by entering the URL into your web browser and including the password as a query string. For example: http://example.com/dhdynamicdns/dns.py?password=oneseventhree

You should see some text on the screen indicating success. The script won't update the record if the address hasn't changed since the last update.

Security

The only thing stopping anyone in the world from changing your IP address is the password in the URL. This is relatively safe if you're triggering the script from your home network over a wired connection or encrypted wifi connection. But you should still set up SSL and run the script over https. Once this is done, you'll just trigger the script with "https" instead of "http"

Note that a self-signed certificate may cause problems with some software. Make sure the automated process you have to trigger the script isn't choking on an SSL warning. You may have to use a special setting to ignore certificate checking, or add the certificate to a whitelist.

Triggering

You can easily trigger the script from a UNIX machine using cron and a tool like cURL. On Windows, the easiest way to do this without extra software is to create a .bat file with the following text (appropriately modified):

start https://www.example.com/dhdynamicdns/dns.py?password=onethreeseven

Then use the Windows Task Scheduler to set up a scheduled task to run the .bat file. Microsoft has instructions on setting up a scheduled task at http://windows.microsoft.com/en-US/windows/schedule-task. Use the .bat file as the "program" you want the scheduled task to run. This method has the side effect of opening a new browser window every time it runs.

Limitations

  • Uses a fairly primitive method to determine your public IP address. It just asks the web server what IP address the request to run the script came from. This could break down under certain conditions.
  • Only supports A records.
  • Limited error handling.
  • Security model is not great. A simple password in the URL is used for access control. SSL is not enabled by default on DreamHost.

Errata

  • If you have multiple A records with the same name, the script will update whichever one is returned first in the list (the same record may not always be returned first). It might act weird if you have more than one A record with the same name.
  • The script doesn't differentiate between A records and records of other types when it checks for an existing record. It won't delete or edit records of other types, but their presence may cause unwanted behavior.

dhdynupdate

New tool as of Jan 22, 2016

dhdynupdate is a Python 3 tool which is designed to run as a dæmon from a local Linux machine. Currently, only Linux is tested to work with dhdynupdate.

It's useful to execute on a machine in a home network where your ISP may be changing your IPv4 and/or IPv6 addresses frequently.

dhdynudpate will query its configured network interfaces for their corresponding IPv4 and IPv6 addresses and update a configured hostname using the DreamHost API.

Errata/Notes

dhdynupdate only supports one A and one AAAA record per hostname. If you have multiple A or AAAA records for the configured host, the other records will be deleted.

dhdynupdate configuration

To see installation dependencies and read the full documentation, please see the README at the dhdynupdate GitHub page

  • It's useful to clone the repository into /usr/local/dhdynupdate
  • Copy dhdynupdate.conf to /etc/dhdynupdate.conf
  • Create a system dæmon user for dhdynupdate: useradd -r -g dhdynupdate dhdynupdate
  • Create a path for the dæmon log to be installed: mkdir -p /var/log/dhdynupdate && chown dhdynupdate:dhdynupdate /var/log/dhdynupdate
  • A systemd service file is provided: dhdynupdate.service. Copy the service file to /lib/systemd/system

Security

There shouldn't be any problems with the security of dhdynupdate as nothing exploitable is exposed to an eavesdropper.

  • dhdynupdate communicates only to https://api.dreamhost.com.
    • It verifies the SSL certificate is valid before continuing, and all communications are encrypted.
    • URL details (such as the DreamHost API key or the DNS record information being updated are not visible to a third party; the URL is encrypted.
  • dhdynupdate executes locally as a non-privileged user created specifically to run the dæmon.
    • It only attempts to update your DNS records in your domain hosted by DreamHost.

Did this article answer your questions?

Article last updated .