# DDNS-Utils
A collection of scripts to manage various aspects of using dynamic DNS,
usually to cope with dynamic IP addressing

## he-dyndns 
A Python-based script to update dynamic DNS records when using the
Hurricant Electric DNS service at ``dns.he.net``. This code is
designed to ba maximally portable by relying on standard
Python 3 libraries. It is not compatible with Python 2.

## ddns-update-rfc2136 
A Python-based script to update DNS records in a master server
that is RFC2136-compliant and supports TSIG-based updates.
This script is a wrapper around nsupdate(1). Properly configured
TSIG keys are needed.

## RouterOS Script for Address List Updates (ros-ddns-addrlist)
A small RouterOS script for Mikrotik RouterOS to query a DNS
name and put that IP address into an AddressLis. Note that the
``:resolve`` function doesn't support RR types. If there's an A you 
get that. If there's no A, you get AAAA. If there's neither, the script
will bomb.

# he-dyndns Installation / Use
There is really nothing to install unless you need to add
Python3 stock libraries to your system. Copy he-dyndns somewhere useful
such as `/usr/local/bin`.

For Debian/Ubuntu systems: ``apt install python3-dns python3-dnspython python3-urllib3``

For Fedora systems: ``dnf install python3-dns python3-urllib3``

## Configuration
Unless using the ``--key`` argument, keys for the dyanmic record
are read from ``/etc/he-dyndns.conf`` or from an alternative
location specified by ``--keyfile``. The configuration file
format is one section [keys] with record = key pairs. For example:

```
[keys]
dynamic.example.com = 123412341234
```

Other configuration sections will be ignored.

## Usage
```
usage: he-dyndns [-h] [--v4] [--v6] [--addr4 ADDR4] [--addr6 ADDR6] [--key KEY] [--debug] record

Update Hurricane Electric DNS dynamic record

positional arguments:
  record             DNS record to update

optional arguments:
  -h, --help         show this help message and exit
  --v4               Update IPv4 A record (default)
  --v6               Update IPv6 AAAA record
  --addr4 ADDR4      Update A record with provided IP rather than detected IP
  --addr6 ADDR6      Update AAAA record with provided IP rather than detected IP
  --keyfile KEYFILE  Alternate location for key config file (default /etc/he-dns-secret.conf)
  --key KEY          HE DDNS key for record (by default read from /etc/he-dns-secret.conf or --keyfile)
  --debug            Enable debug logging

```

## Return Values
Returns 0 on success (successful change or no change) or 1 on failure. 
Failures also include a single line error message.

# ddns-update-rfc2136 Installation/Use
This script relies on the `netifaces` and `subprocess` libraries
that are not always installed by default in Python3. Install those
modules from `apt`, `dnf`, or `pip` as appropriate for your
system. 

Copy `ddns-update-rfc2136` somewhere useful such as `/usr/local/bin`.

## Configuration
The script expects there to be a file `/etc/ddns-RECORD.key` for every `record`
being updated containing *only* the TSIG key for that record. For example, 
updating the record `foo.example.com` should have a file named 
`/etc/ddns-foo.example.com.key` available with that RR's key. It's possible
to specify `--keyfile` to select an alternate location. Make sure that the key
file is properly protected so only authorized users can view the contents.

## General Use
This script finds the appropriate IP address from the interface specified
in the `interface` position and then updates the record `record` in the
zone `zone` on server `server`.

For IPv4, each address is on a unique sub interface - e.g. eth0 vs eth0:0. 
To use the IP address other than the main interface's, specify the sub
interface as show by `ifconfig` or `ip addr list` (see global secondary 
addresses)

For IPv6, the script will take the numerically first address assigned
to the interface. If there is no IPv6 address other than a link-scope
address (i.e. an fe80:: address), then it will use the link-scope
address - however that's probably not what's really desired.

The script defaults to IPv6 addresses because that's what the original issue
it was written for was solved to address and it's long past time the
Internet has a v6-first attitude. It is not necessary to use the `--v6`
flag, but it's included for pretty completeness.

## Example Usage
To 
/usr/local/bin/ddns-update-rfc2136 enp1s0 foo.example.com example.com 192.0.2.2

## Usage
```
usage: ddns-update-rfc2136 [-h] [--v4] [--v6] [--addr4 ADDR4] [--addr6 ADDR6] [--ttl TTL] [--keyfile KEYFILE] [--debug]
                           interface record zone server

Update dynamic DNS records using RFC2136

positional arguments:
  interface          interface to obtain IP from (for IPv6, takes the numerically first global address on the interface)
  record             DNS record to update
  zone               Zone name to update (e.g. example.com)
  server             Server to update (IP or FQDN)

optional arguments:
  -h, --help         show this help message and exit
  --v4               Update IPv4 A record
  --v6               Update IPv6 AAAA record (default)
  --addr4 ADDR4      Update A record with provided IP rather than detected IP (causes 'interface' to be ignored)
  --addr6 ADDR6      Update AAAA record with provided IP rather than detected IP (causes 'interface' to be ignored)
  --ttl TTL          TTL to assign to record (default 300)
  --keyfile KEYFILE  Alternate location for key config file (default /etc/ddns-RECORD.key where RECORD is the record name provided
                     as the argument)
  --debug            Enable debug logging

```