From 8f3e5be88b4d7dabd379ad3a1415c1bcb93744ab Mon Sep 17 00:00:00 2001 From: Victor Wagner Date: Wed, 11 Sep 2019 23:23:36 +0300 Subject: [PATCH] Some documentation addition, unit file --- README.md | 37 ++++++++++++++++++++++++++++++++++++- dyngo.conf | 4 ++-- dyngo.md | 21 ++++++++++++++++++++- dyngo.service | 14 ++++++++++++++ 4 files changed, 72 insertions(+), 4 deletions(-) create mode 100644 dyngo.service diff --git a/README.md b/README.md index 9b5f951..721fe2f 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ remembered name. But it is not always a case in the world of NATs and VPNs. If machine always have public IP address, than using some dynamic DNS -service may help (short of neccessity to use full domain name. But +service may help (short of necessity to use full domain name. But ${HOME}/.ssh/config may help). But what if you log into your office workstation via corporate VPN, and want ssh back home? @@ -26,5 +26,40 @@ to specified URL. See [manual page](dyngo.md) for more info. +PRROTOCOL +========= + +**dyngo** uses protocol compatible with dyndns.org, as described +pn [help.dyn.com](https://help.dyn.com/remote-access-api/perform-update/ +) +As different dynamic DNS servers use different path components of URL, +you should specify URL with path component (up to question mark) in +the *server* parameter of configuraton section. + +INSTALLATION +============ + +**dyngo** is simple script which doesn't require anything but +python3 with standard library and **ip** utility from iproute (or +iproute2 on Debian) package, which presents on every modern Linux +system. + +I've even preferred to use +[urllib](https://docs.python.org/3/library/urllib.request.html#module-urllib.request) +to [requests](http://docs.python-requests.org/) to eliminate extra +external dependency. + +So, you can just drop **dyngo** somewhere in your filesystem, say in +**/usr/local/sbin** and put config into */etc* But **dyngo** should run +as a service, so you might want to use provided service file. + +**dyngo** should run as unprivileged user. But its configuration file +should, readable for this user, contains somewhat sensitive information +— your dyndns passwords. So, don't use common account many untrusted +code run as such as **nobody** or **www-data**. Better to create special +user dyngo. + +There should be writable directory, writable for this user for +persistent state database. By default it is /var/lib/dyngo. diff --git a/dyngo.conf b/dyngo.conf index d8c7aba..da0d332 100644 --- a/dyngo.conf +++ b/dyngo.conf @@ -7,12 +7,12 @@ interval=60 database=/var/lib/dingo/dingo.db [public ipv6] -hostname=antares.wagner.pp.ru +hostname=antares.home.wagner.pp.ru network=::/0 server=http://www.wagner.pp.ru/cgi-bin/dyndns.cgi user= [postgrespro local] hostname=antares.local.vm network=192.168.24.0/21 -server=http://fafnir.l.posgrespro.ru/dyndns +server=http://fafnir.l.posgrespro.ru/cgi-bin?dyndns diff --git a/dyngo.md b/dyngo.md index d7ed659..94e58ff 100644 --- a/dyngo.md +++ b/dyngo.md @@ -40,6 +40,25 @@ Configuration file **dyngo.conf** is ini-style file. It contains section Names of server-description sections are arbitrary, but should be unique, because they are used as keys into persistent database. - +Parameters of **dyngo** section +------------------------------- + +* interval - number of seconds between rescans of network interfaces +* database - path to persistent state database +* ca - path to trusted certificate store in openssl compatible format. +* loglevel - minimum log message level which shoud to console + +Parameters of network section +----------------------------- + +* **hostname** - fully qualified domain name of your host to register in DNS +* **network** - network in *address*/*bits* notation which this host +should belong to. If we see address from this network on one of our +interfaces, we would send request to corresponding server. If net is +not privatte, but include private ranges, i.e. 0.0.0.0/0 or ::/0 private +addresses are not considered part of it. +* **server** - full url (without query string) of the dyndns web handler. +* **user** - user name for HTTP basic authentication +* **password** - password for HTTP basic authentcircation diff --git a/dyngo.service b/dyngo.service new file mode 100644 index 0000000..5177ad1 --- /dev/null +++ b/dyngo.service @@ -0,0 +1,14 @@ +[Unit] +Description=Dyngo multiple dyndns client +After=network.target +Documentation=https://github.com/vbwagner/dyngo + +[Service] +Type=simple +ExecStart=/usr/local/sbin/dyngo +KillSignal=SIGTERM +WorkingDirectory=~ +User=dyngo +StandardError=journal +[Install] +WantedBy=multi-user.target -- 2.39.2