Dynamic DNS for Porkbun

Started by Ph0enix, March 28, 2024, 08:12:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 28, 2024, 08:12:20 PM
I'm trying to configure DDNS for porkbun and some questions came up without a lot of answers on the Internet.

I have `os-ddclient` installed, configuration for `duckdns` and for `Hurricane Electric` works fine, to be fair for both of these I was able to find step-by-step guide how to set it up for OPNSense.

Porkbun has its own API: https://porkbun.com/api/json/v3/documentation#DNS%20Edit%20Record%20by%20Domain,%20Subdomain%20and%20Type
They also have a script that is deprecated: https://github.com/porkbundomains/porkbun-dynamic-dns-python/tree/main

I was able to verify that it works by executing a curl that looks like this:
`curl -H "Content-Type: application/json" --request POST -d '{"secretapikey": "sk1_XXX", "apikey": "pk1_XXX", "content": "192.168.0.200"}' https://porkbun.com/api/json/v3/dns/editByNameType/root.domain/A/sub1.sub2`

Notice that the domain I want to update looks like `sub1.sub2.root.domain`

Is there a way to make it work with `os-ddclient` somehow?

Eventually I had some success by using `porkbun` service with `ddclient` backend. However if I use more than 1 level of subdomain it considers the rest as root domain and returns an error, e.g. `sub2.root.domain` is not correct. Native `ddclient` has an option `root-domain` but I can't figure out how to set it via OPNSense WebGui. Adding it to `ddclient.conf` manually also did not help, perhaps it did not reload the config though.

Alternatively I thought using `custom` + `Custom POST` would allow me to what I wanted but then I can't figure out how to feed it the data part of the query. Help suggests that I should use the link `https://porkbun.com/api/json/v3/dns/editByNameType/root.domain/A/sub1.sub2` as the `server` but `data` part where I would provide the keys and the content is still a mystery. I tried looking at `/usr/local/etc/ddclient.json` but could not see anything resembling the data part of a `POST` request.

Am I missing something or is the built-in dynamic DNS not flexible enough to accomplish what I need?

Additionally what I'd like to know is if it's possible to use a different gateway to determine the IP address. I have a VPN tunnel, there is a corresponding GW. The GW has an internal wireguard IP. not an exit IP. So if setting the `interface to monitor` to the GW in question would send the quesry for a service like `freedns` through that gateway.

In the end it appears that to accomplish what I want it might be easier to set up docker containers that would sit on different subnets and  run the services to update the domains behind my WAN and my WAN_VPN. However having all that running on OPNSense would mean a bit less clutter.
March 28, 2024, 08:55:58 PM #1
I dont know if it fits your usecase, but os-caddy has porkbun included with dynamic DNS feature. Don't know how well it works though.

Though keep in mind that its just a sub feature of the plugin. Its mostly a reverse proxy.
Hardware:
DEC740
March 29, 2024, 12:05:28 AM #2
Thank you for the pointer. I have not used Caddy yet but that could a good reason to explore.
June 25, 2024, 12:22:42 PM #3
This came up in my Google search results on this issue, so posting here for the benefit of others.

I had to do two things in the web interface to get the ddclient working with Porkbun.

1) On the 'general settings' tab, select ddclient as the backend.  On my machine, it defaulted to 'native' as the backend.
2) When adding the Porkbun account, select 'Interface' as the 'check ip method'.

The web ui for ddclient has columns for 'current ip' and 'updated'.  On my machine, these remain blank and are not updated in the web ui (bug?).  However, ddclient does update the Porkbun A record.  I'm not sure, but you might need to create an A record on Porkbun in the first place.  I pointed it at 127.0.0.1 so I could tell when ddclient updated it.  Check /var/log/ddclient/latest.log to confirm.
June 25, 2024, 01:59:42 PM #4
Hello,

I too started to work on trying to get the DDNS to work with porkbun.  I also came across this post yesterday but before your post.  How did you get this to work? I have tried a variety of possibilities.  I have tried User name as my login, blank etc.

Did you use the api key as the username and the secret as the password?  This seemed to be the proper combo as the only error in the that I get is "invalid domain name". This is strange as I have the correct name, so maybe there is a setting that I need to change on the porkbun side. 

Regards


June 28, 2024, 02:56:46 PM #5
I may not be answering the question directly, but I wrote a shell script (essentially curl command) with a cron job as an alternative. Happy to share script if it helps anyone.
June 28, 2024, 03:45:39 PM #6
Or you could use the existing os-caddy plugin in Dynamic DNS Client Mode.

https://docs.opnsense.org/manual/how-tos/caddy.html#use-dynamic-dns-in-client-mode-only

Porkbun is compiled into it.

https://github.com/caddy-dns/porkbun
Hardware:
DEC740
October 20, 2024, 06:43:14 PM #7 Last Edit: October 20, 2024, 07:14:39 PM by Tixx7
Faced this task today—surprisingly, ddclient hasn't failed me despite doubts.

@barometer, thanks for the tip: "check ip" set to "interface" and backend to "ddclient." You might also be right about it only updating, not creating, A-records.

@lost_ones, your approach with API/secret keys is correct. Might wanna try creating an A-record beforehand (see below) but you probably figured it out anyway by now.

My working config (relevant parts):

OPNsense:

- Username: API key
- Password: Secret
- Check IP method: Interface
- Hostname: subdomain.domain.tld (haven't tried multiple subdomains)

Porkbun:

- A-record for subdomain. Had one there beforehand, so unsure if it also works without.

Applied settings, checked Porkbun—A-record updated with external IP instantly. Quick!

edit:

Confirmed that it doesnt work with multiple subdomain (i.e. example.domain.tld works but example.example.domain.tld doesn't) and also that an a-record with the same name/host has to be created beforehand
January 29, 2025, 07:08:05 AM #8
Thank you Tixx7. This helped greatly, just to add for ease. Use the Porkbun guide https://kb.porkbun.com/article/190-getting-started-with-the-porkbun-api. Take note of the "green box", this is you only time to get the secret key. As mentioned in the thread you need to have the DNS record already created, I tested it w/o and it failed with this in the log.
Code Select
FAILED: updating xxxx.xxxxxx.com: No applicable existing records.
I created an A record with the wrong IP to test, and you should see this in the log:
Code Select
SUCCESS: updating ipv4: good: xxxx.xxxxxx.com.com address set to xxx.xxx.xxx.xxx
And the IP should be updated in your Porkbun DNS.
Print
Go Up Pages1
User actions