dyndnsd 3.4.0 → 3.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -1
- data/README.md +17 -17
- data/lib/dyndnsd/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6103d147e0009badc20c17fc1019e3a66602ed04cb256216a024b9f464c1f1c3
|
4
|
+
data.tar.gz: bbefd6e7ec3bac69ac6b32c23f52d991699b636393607c22e102f7d6f6799cfd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0d30625375f42ecb9e6ca6db557fe96bc395a3531bf8411c08bc164f239a0ddb27e276a8bd606360670c8f4c2f8f6d8ad0ae095993b76f84b5b82ab9125a34c9
|
7
|
+
data.tar.gz: 0d3da41b59c05e40ba739726d1d8efa03ac7916b1feaad2ce38ab5e635a8298d9fc0a2f30042bd3aeacf3171fffa066b7d048a49c7f6b17b6d626faf21ebac44
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,11 @@
|
|
1
1
|
# Changelog
|
2
2
|
|
3
|
+
## 3.4.1 (April 15, 2021)
|
4
|
+
|
5
|
+
OTHER:
|
6
|
+
|
7
|
+
- update base of Docker image to Alpine 3.13.5 to fix security vulnerabilities
|
8
|
+
|
3
9
|
## 3.4.0 (April 2, 2021)
|
4
10
|
|
5
11
|
IMPROVEMENTS:
|
@@ -169,7 +175,7 @@ IMPROVEMENTS:
|
|
169
175
|
|
170
176
|
IMPROVEMENTS:
|
171
177
|
|
172
|
-
- Support dropping
|
178
|
+
- Support dropping privileges on startup, also affects external commands run
|
173
179
|
- Add [metriks](https://github.com/eric/metriks) support for basic metrics in the process title
|
174
180
|
- Detach from child processes running external commands to avoid zombie processes
|
175
181
|
|
data/README.md
CHANGED
@@ -75,7 +75,7 @@ There is an officially maintained [Docker image for dyndnsd](https://hub.docker.
|
|
75
75
|
|
76
76
|
Users can make extensions by deriving from the official Docker image or building their own.
|
77
77
|
|
78
|
-
The Docker image consumes the same configuration file in YAML format as the gem, inside the container it needs to be mounted/available as `/etc/dyndnsd/config.yml`.
|
78
|
+
The Docker image consumes the same configuration file in YAML format as the gem, inside the container it needs to be mounted/available as `/etc/dyndnsd/config.yml`. The following YAML should be used as a base and extended with user's settings:
|
79
79
|
|
80
80
|
```yaml
|
81
81
|
host: "0.0.0.0"
|
@@ -98,7 +98,7 @@ docker run -d --name dyndnsd \
|
|
98
98
|
cmur2/dyndnsd:vX.Y.Z
|
99
99
|
```
|
100
100
|
|
101
|
-
*Note*: You may need to expose more
|
101
|
+
*Note*: You may need to expose more than just port 8080 e.g. if you use the `zone_transfer_server` which can be done by appending additional `-p 5353:5353` flags to the `docker run` command.
|
102
102
|
|
103
103
|
|
104
104
|
|
@@ -106,7 +106,7 @@ docker run -d --name dyndnsd \
|
|
106
106
|
|
107
107
|
By using [DNS zone transfers via AXFR (RFC5936)](https://tools.ietf.org/html/rfc5936) any secondary nameserver can retrieve the DNS zone contents from dyndnsd.rb and serve them to clients.
|
108
108
|
To speedup propagation after changes dyndnsd.rb can issue a [DNS NOTIFY (RFC1996)](https://tools.ietf.org/html/rfc1996) to inform the nameserver that the DNS zone contents changed and should be fetched even before the time indicated in the SOA record is up.
|
109
|
-
Currently dyndnsd.rb does not support any authentication for incoming DNS zone transfer
|
109
|
+
Currently, dyndnsd.rb does not support any authentication for incoming DNS zone transfer request, so it should be isolated from the internet on these ports.
|
110
110
|
|
111
111
|
This approach has several advantages:
|
112
112
|
- dyndnsd.rb can be used in *hidden primary* fashion isolated from client's DNS traffic and does not need to implement full nameserver features
|
@@ -151,7 +151,7 @@ users:
|
|
151
151
|
|
152
152
|
NSD is a nice, open source, authoritative-only, low-memory DNS server that reads BIND-style zone files (and converts them into its own database) and has a simple configuration file.
|
153
153
|
|
154
|
-
A feature NSD is lacking is the [Dynamic DNS update (RFC2136)](https://tools.ietf.org/html/rfc2136) functionality BIND offers but one can fake it using the following dyndnsd.rb configuration:
|
154
|
+
A feature NSD is lacking is the [Dynamic DNS update (RFC2136)](https://tools.ietf.org/html/rfc2136) functionality BIND offers, but one can fake it using the following dyndnsd.rb configuration:
|
155
155
|
|
156
156
|
```yaml
|
157
157
|
host: "0.0.0.0"
|
@@ -197,29 +197,29 @@ The update URL you want to tell your clients (humans or scripts ^^) consists of
|
|
197
197
|
|
198
198
|
where:
|
199
199
|
|
200
|
-
* the protocol depends on your (
|
201
|
-
* USER and PASSWORD are needed for HTTP Basic Auth and valid combinations are defined in your config.yaml
|
202
|
-
* DOMAIN should match what you defined in your config.yaml as domain but may be anything else when using a
|
203
|
-
* PORT depends on your (
|
204
|
-
* HOSTNAMES is a required list of comma-separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
|
205
|
-
* MYIP is optional and the HTTP client's IP address will be used if missing
|
206
|
-
* MYIP6 is optional but if present also requires presence of MYIP
|
200
|
+
* the protocol depends on your (web server/proxy) settings
|
201
|
+
* `USER` and `PASSWORD` are needed for HTTP Basic Auth and valid combinations are defined in your config.yaml
|
202
|
+
* `DOMAIN` should match what you defined in your config.yaml as domain but may be anything else when using a web server as proxy
|
203
|
+
* `PORT` depends on your (web server/proxy) settings
|
204
|
+
* `HOSTNAMES` is a required list of comma-separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
|
205
|
+
* `MYIP` is optional and the HTTP client's IP address will be used if missing
|
206
|
+
* `MYIP6` is optional but if present also requires presence of `MYIP`
|
207
207
|
|
208
208
|
|
209
209
|
### IP address determination
|
210
210
|
|
211
211
|
The following rules apply:
|
212
212
|
|
213
|
-
* use any IP address provided via the myip parameter when present, or
|
214
|
-
* use any IP address provided via the X-Real-IP header e.g. when used behind HTTP reverse proxy such as nginx, or
|
213
|
+
* use any IP address provided via the `myip` parameter when present, or
|
214
|
+
* use any IP address provided via the `X-Real-IP` header e.g. when used behind HTTP reverse proxy such as nginx, or
|
215
215
|
* use any IP address used by the connecting HTTP client
|
216
216
|
|
217
|
-
If you want to provide an additional IPv6 address as myip6 parameter, the myip parameter containing an IPv4 address has to be present, too! No automatism is applied then.
|
217
|
+
If you want to provide an additional IPv6 address as myip6 parameter, the `myip` parameter containing an IPv4 address has to be present, too! No automatism is applied then.
|
218
218
|
|
219
219
|
|
220
220
|
### SSL, multiple listen ports
|
221
221
|
|
222
|
-
Use a
|
222
|
+
Use a web server as a proxy to handle SSL and/or multiple listen addresses and ports. DynDNS.com provides HTTP on port 80 and 8245 and HTTPS on port 443.
|
223
223
|
|
224
224
|
|
225
225
|
### Startup
|
@@ -231,7 +231,7 @@ The [Debian 6 init.d script](docs/debian-6-init-dyndnsd) assumes that dyndnsd.rb
|
|
231
231
|
|
232
232
|
### Monitoring
|
233
233
|
|
234
|
-
For monitoring dyndnsd.rb uses the [metriks](https://github.com/eric/metriks) framework and exposes several metrics like the number of unauthenticated requests, requests that did (not) update a hostname, etc. By default the most important metrics are shown in the [proctitle](https://github.com/eric/metriks#proc-title-reporter
|
234
|
+
For monitoring dyndnsd.rb uses the [metriks](https://github.com/eric/metriks) framework and exposes several metrics like the number of unauthenticated requests, requests that did (not) update a hostname, etc. By default, the most important metrics are shown in the [proctitle](https://github.com/eric/metriks#proc-title-reporter, butt you can also configure a [Graphite](https://graphiteapp.org/) backend for central monitoring or the [textfile_reporter](https://github.com/prometheus/node_exporter/#textfile-collector) which outputs Graphite-style metrics that are also compatible with Prometheus to a file.
|
235
235
|
|
236
236
|
```yaml
|
237
237
|
host: "0.0.0.0"
|
@@ -273,7 +273,7 @@ users:
|
|
273
273
|
|
274
274
|
For tracing, dyndnsd.rb is instrumented using the [OpenTracing](http://opentracing.io/) framework and will emit span tracing data for the most important operations happening during the request/response cycle. Using a middleware for Rack allows handling incoming OpenTracing span information properly.
|
275
275
|
|
276
|
-
Currently only one OpenTracing-compatible tracer implementation named [CNCF Jaeger](https://github.com/jaegertracing/jaeger) can be configured to use with dyndnsd.rb.
|
276
|
+
Currently, only one OpenTracing-compatible tracer implementation named [CNCF Jaeger](https://github.com/jaegertracing/jaeger) can be configured to use with dyndnsd.rb.
|
277
277
|
|
278
278
|
```yaml
|
279
279
|
host: "0.0.0.0"
|
data/lib/dyndnsd/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dyndnsd
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.4.
|
4
|
+
version: 3.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Christian Nicolai
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-04-
|
11
|
+
date: 2021-04-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: async-dns
|
@@ -281,7 +281,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
281
281
|
- !ruby/object:Gem::Version
|
282
282
|
version: '0'
|
283
283
|
requirements: []
|
284
|
-
rubygems_version: 3.2.
|
284
|
+
rubygems_version: 3.2.4
|
285
285
|
signing_key:
|
286
286
|
specification_version: 4
|
287
287
|
summary: dyndnsd.rb
|