Overview
The requirement for dynamic DNS has been around for decades and companies like DynDNS have been an enabler for just as long. Script kiddies, IRC dudes, gamers & professionals often want to host services out of their homes for various reasons, but, may not have a static IP address for their internet connection. Dynamic DNS services allows the user to update a hostname with a provider to point back to the dynamic IP address allocated to the users modem. This allows people to reference the domain name record to return the IP address of the modem.
Note: I’m not talking about RFC2136 which includes a dynamic DNS mechanism in the DNS protocol.
I host a few services at home which I like to reach remotely from time to time, and, I’m too tight to pay for a static IP address. A few years ago this was the task I decided to force myself to solve using python in an attempt to learn. Whilst ugly, it served its purpose for quite some time until last night when I set myself a task to do this with Ansible in the evening.
The Players
Ansible is a simple automation tool with use cases across a number of use cases such as Provisioning, Configuration Management, Application Deployment, Orchestration and others. Ansible has plugins and modules which extend it’s functionality. In this case we are using the ipinfoio_facts and cloudflare_dns modules to query/communicate with…
Cloudflare I see as the Content Delivery Network (CDN) for the people. Free basic plans, API interfaces, proxying and DNS management.
ipinfo.io, a neat little site/service to give you geolocation information about where you are browsing from. This site also returns the data in JSON format if requested, which, makes it nice an easy to query programatically.
A linux Ansible command host to run the Ansible playbooks from…. and setup a crontab to continually run the playbooks.
Some domain names that I have registered with various domain registrars.
The Process (TL;DR)
- Ensure you have a domain name to use.
- Ensure you have a Cloudflare account, with, the domain name associated.
- Take note of your cloudflare API token which is found under My Profile > API Key
- Ensure you have a linux box with Ansible installed on it (tested with 2.3.x)
- Clone https://github.com/Im0/CloudFlare_DyDNS_Playbook.git
- Update the following fields in the cf_dydns_update.yml file
-
cf_api_token: ‘YOUR API KEY’
-
cf_email: ‘YOUR CLOUDFLARE EMAIL’
- with_items: – The domain names you want to update
-
- Run ansible with:
ansible-playbook cf_dydns_update.yml
Obviously, you’ll probably want different DNS records updated. Change the ‘record: mail’ an A record of your choice.
More detail
1 ---
2 - hosts: localhost
3 gather_facts: no
4 vars:
5 cf_api_token: 'CF API token under My Profile.. API key'
6 cf_email: 'Cloud Flare email address'
7
8 tasks:
9 - name: get current IP geolocation data
10 ipinfoio_facts:
11 timeout: 5
12 register: ipdata
13
14 # - debug:
15 # var: ipdata.ansible_facts.ip
16
17 - name: Update mail A record
18 cloudflare_dns:
19 zone: '{{ item }}'
20 record: mail
21 type: A
22 value: '{{ ipdata.ansible_facts.ip }}'
23 account_email: '{{ cf_email }}'
24 account_api_token: '{{ cf_api_token }}'
25 register: record
26 with_items:
27 - domain1
28 - domain2
29
30 # - debug:
31 # var: record
Breaking down the YML file..
- Required at the top of oru YAML files
- As we are not configuring any nodes, we set localhost as the only node we want to call against.
- As we aren’t using any facts, we don’t need to collect them.
- Variables we’re going to need to talk to cloudflare
- The API token found under our profile
- Our sign up email address for cloudflare
- .
- The tasks section for all tasks we are going to execute in this playbook
- .
- Using the ipinfoio_facts module we query ipinfo.io for our externally visible IP address. Note: If we are being a proxy of some sort this will likely break what we are trying to achieve.
- .
- This could probably be done a bit better and dropped. We are registering the output of the module to the ipdata variable. This could probably be removed as the returned data ends up in the gathered facts which we could use.
- .
- If we want to see what useful little nuggets of information that have come back, dump the variable contents.
- .
- .
- .
- Use the cloudflare_dns module to start talking to cloudflare
- Which domain (zone) are we talking about? In this case we iterate over the domains listed starting line 26 ‘with_items’:
- record: is the record we wish to update.
- type, is the type of record we are working with. A few other examples are on the cloudflare_dns module page.
- Use the data we received from ipinfoio. We’ve stashed this away in the data structure: ipdata.ansible_facts.ip
- Our cloudflare email
- Our cloudflare API key
- Capture the output from the cloudflare_dns queries, if we want to dump it in debug later.
- With items is a list of items we iterate over… instead of hosts.