LorbusChris
commented
1 year ago I'd be happy to work on this myself, but I'll need some guidance.
Closed LorbusChris closed 1 year ago
LorbusChris
commented
1 year ago I'd be happy to work on this myself, but I'll need some guidance.
brada4
commented
1 year ago The file is here https://github.com/openwrt/packages/blob/master/net/ddns-scripts/files/usr/lib/ddns/update_nsupdate.sh You can type hmac:user for username and b64 key for password? No keyfile possible in that scripted context. Other manual here : https://manpages.ubuntu.com/manpages/impish/man1/knsupdate.1.html /eg short ttl is not needed at all/
LorbusChris
commented
1 year ago Thanks for the help :)
You can type hmac:user for username and b64 key for password?
I only have a keyfile and no username, so unfortunately that's a no.
I'm aware of the script, I'm just not familiar with OpenWrt package scripting in general.
Really my question is: How do I add a new option parameter to /etc/config/ddns?
Is any option parameter I add in the config file automagically parsed to $parameter in the shell script?
It should be rather trivial to change the script itself to consume a keyfile path as a shell variable:
If $keyfile is non-zero, ignore the $username and $password vars, omit the line key $username $password from $DATFILE and add -k $keyfile to the nsupdate invocation (else behave as before)
brada4
commented
1 year ago If you print that key file it is in common DNS RR format where domain name without dot is username and authentication key is first of base64 values in that record.
LorbusChris
commented
1 year ago That works indeed! Thank you. Closing this as not needed.
brada4
commented
1 year ago You could hint ../luci to add help text in web interface.
Maintainer: @feckert @chris5560 Environment: any
Description:
RFC2136/nsupdate-capable servers support auth via keyfile in lieu of username/password.
From https://linux.die.net/man/8/nsupdate:
Example
nsupdateinvocation:Support for auth via keyfile is currently missing from the ddns-scripts-nsupdate package.