🐧 Bash Script for Cloudflare DDNS

This Bash script automates the process of updating your Cloudflare DNS records with your current public IP address. (Simple Dynamic DNS Bash Script – GitHub Gist)

#!/bin/bash

# Configuration
DOMAIN_NAME="yourdomain.com"
AUTH_EMAIL="your-email@example.com"
AUTH_KEY="your_cloudflare_api_key"
ZONE_ID="your_zone_id"
RECORD_ID="your_record_id"

# Fetch current public IP
IP=$(curl -s http://ipv4.icanhazip.com)

# Update DNS record
curl -X PUT "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$RECORD_ID" \
     -H "X-Auth-Email: $AUTH_EMAIL" \
     -H "X-Auth-Key: $AUTH_KEY" \
     -H "Content-Type: application/json" \
     --data "{\"type\":\"A\",\"name\":\"$DOMAIN_NAME\",\"content\":\"$IP\",\"ttl\":120,\"proxied\":false}"

Setup Instructions:

1. Replace the placeholder values (yourdomain.com, your-email@example.com, etc.) with your actual Cloudflare account details.
2. Save the script as cloudflare_ddns.sh.
3. Make the script executable: (cloudflare-ddns – PyPI) chmod +x cloudflare_ddns.sh
4. Schedule the script to run periodically using cron: crontab -e Add the following line to run the script every 5 minutes: */5 * * * * /path/to/cloudflare_ddns.sh

This setup ensures your DNS records are consistently updated with your current IP address.

---

🐍 Python Script for Google Domains DDNS

For those using Google Domains, the following Python script facilitates dynamic DNS updates. (erickduran/dynamic-dns-updater: A simple Python script to … – GitHub)

import requests
import time

# Configuration
USERNAME = 'your_google_domains_username'
PASSWORD = 'your_google_domains_password'
HOSTNAME = 'your_hostname.example.com'

# Update interval in seconds
UPDATE_INTERVAL = 300

def update_dns():
    url = f'https://{USERNAME}:{PASSWORD}@domains.google.com/nic/update'
    params = {'hostname': HOSTNAME}
    response = requests.post(url, params=params)
    print(f'{time.ctime()}: {response.text}')

if __name__ == "__main__":
    while True:
        update_dns()
        time.sleep(UPDATE_INTERVAL)

Setup Instructions:

1. Replace your_google_domains_username, your_google_domains_password, and your_hostname.example.com with your actual Google Domains credentials and hostname.
2. Save the script as google_ddns.py.
3. Install the required Python package: (cloudflare-ddns – PyPI) pip install requests
4. Run the script: python google_ddns.py

This script will update your DNS record every 5 minutes. (DDNS Cloudflare Bash Script – 3os.org)

---

🔄 Python Script for Dynu DDNS

If you’re utilizing Dynu’s services, the following Python script can automate your DNS updates.

import requests

# Configuration
HOSTNAME = 'yourhostname.dynu.com'
PASSWORD = 'your_dynu_password'

def update_dynu():
    url = 'https://api.dynu.com/nic/update'
    params = {'hostname': HOSTNAME, 'password': PASSWORD}
    response = requests.get(url, params=params)
    print(response.text)

if __name__ == "__main__":
    update_dynu()

Setup Instructions:

1. Replace yourhostname.dynu.com and your_dynu_password with your Dynu hostname and password.
2. Save the script as dynu_ddns.py.
3. Install the required Python package: pip install requests
4. Run the script: python dynu_ddns.py

For periodic updates, consider scheduling the script using cron or a similar task scheduler.

---

🔐 Security Considerations

• Secure Storage: Avoid hardcoding sensitive credentials directly into your scripts. Instead, use environment variables or configuration files with appropriate permissions.
• HTTPS: Ensure all API requests are made over HTTPS to encrypt data in transit.
• Access Controls: Restrict access to your scripts and configuration files to authorized users only.

---

Here are key Security Considerations when using Dynamic DNS (DDNS) for remote access to your home server:

---

🔐 1. Secure Storage of Credentials

Avoid hardcoding sensitive information like API keys, usernames, and passwords directly into scripts. Instead:

• Use environment variables (os.environ in Python).
• Store in external config files with proper permissions.
• Utilize secret management tools (e.g., HashiCorp Vault, AWS Secrets Manager).

---

🌐 2. Enforce HTTPS

Always make DDNS update requests over HTTPS to prevent man-in-the-middle attacks and ensure that your credentials and IP address aren’t exposed during transmission.

---

🧱 3. Access Controls

• Restrict access to the scripts and configuration files using file system permissions.
• Limit API keys’ scope to specific actions and domains when possible.
• If using a router to manage DDNS, ensure the router’s admin panel is protected with a strong password and two-factor authentication (if supported).

---

🔁 4. Monitor Updates

• Enable logging for DDNS updates to track unexpected changes or update failures.
• Regularly review your DDNS provider’s account for unauthorized changes.

---

🧪 5. Limit Port Forwarding

• Only open essential ports.
• Avoid exposing admin interfaces to the internet.
• Consider setting up a VPN for remote access instead of forwarding multiple ports.

---

Would you like help implementing these practices in your DDNS script or setup?

---