#ddclient — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ddclient, aggregated by home.social.
-
✅ migrate legacy DynDNS plugin to ddclient because of the deprecation warning hanging around
❌ Good migration documentation found
-
✅ migrate legacy DynDNS plugin to ddclient because of the deprecation warning hanging around
❌ Good migration documentation found
-
✅ migrate legacy DynDNS plugin to ddclient because of the deprecation warning hanging around
❌ Good migration documentation found
-
✅ migrate legacy DynDNS plugin to ddclient because of the deprecation warning hanging around
❌ Good migration documentation found
-
✅ migrate legacy DynDNS plugin to ddclient because of the deprecation warning hanging around
❌ Good migration documentation found
-
Sysadmin journal: setting up wireguard on all of my Linux desktops
I had to hack together a few things to use wireguard transparently on my Android phone and all of my Linux laptops and desktop.
#ddclient #Linux #NetworkManager #VPN #wireguard #Ansible #SysAdmin
https://blog.kamens.us/2025/05/10/sysadmin-journal-setting-up-wireguard-on-all-of-my-linux-desktops/ -
Sysadmin journal: setting up wireguard on all of my Linux desktops
I have several mostly interchangeable Linux computers for personal use. All but one are laptops; the mini-tower which isn’t is used as both a desktop and my home network server, e.g., for DNS and for SSHing into the home network from the outside when I’m traveling with one of the laptops.
A pro-democracy activist group that I’m part of has asked everyone in the group to use a VPN whenever accessing group stuff online (including Signal, Matrix, Proton, etc.) and has recommended using a VPN all the time. I am not convinced this is worth the effort, but it probably can’t hurt, and I don’t want to be the Guy Who Wasn’t Following The Rules if something does end up going down, so today I set out to make this happen.
I signed up for a VPN service that uses wireguard (no, I’m not going to tell you which one, that would be giving away information unnecessarily) and set out to figure out how to set up this VPN to be active all the time on my phone and all of my Linux computers. Below are my notes about the bumps in the road I hit while figuring this out and how I got over them.
The VPN service I signed up with has a bespoke Android client so setting it up for Android was trivial.
The service allowed me to add other devices to my account and download a standard-format wireguard configuration file for each, to be imported into wireguard, which I was able to do easily in NetworkManager on Debian after installing the wireguard package (I’m actually not 100% certain that it was necessary to import the wireguard package, I think it may have worked even if I hadn’t done that):
- Open Settings app
- Click on Network
- Click the + symbol next to VPN
- Click Import from file…
- Select the wireguard configuration file I downloaded from the VPN service
I wanted to configure the VPN to connect automatically. You can’t do that from the Settings app but you can do it from
nm-connection-editorornmcli. In the connection editor:- Open
nm-connection-editor, a.k.a., the “Advanced Network Configuration” desktop app - Double-click on the imported VPN
- Click on the General tab
- Check the “Connect automatically with priority” checkbox
- Save and exit
In
nmcli, you can do “nmcli connection modify [connection-name] connection.autoconnect yes“.I configure all my Linux machines via Ansible, so I wanted to figure out how to do the wireguard VPN configuration automatically using the
nmcliAnsible module, i.e., I wanted to do the import as described above manually the first time and then figure out how to replicate in Ansible code what the manual import did so I wouldn’t have to do it manually in the future. Unfortunately, though the documentation claims this should be possible, for some reason I don’t have the ability to specifywireguard.peersto the module, so I can’t do the configuration automatically. Therefore, I set up an Ansible rule that checks if the VPN is configured and fails if it isn’t, so that I am reminded to configure it manually if/when I’m setting up a new computer:- name: make sure wireguard VPN is configured and autoconnect is on nmcli: conn_name: "{{wireguard['vpn_name']}}" autoconnect: yes state: present register: nmcli check_mode: true failed_when: nmcli.changed or 'Exists' not in nmcliNext, I had to deal with the fact that when I enabled the VPN on my desktop, my
ddclientconfiguration stopped getting my correct public IP address and instead started putting the egress IP of my VPN into my dynamic DNS entry. The reason for this is obvious. I toldddclienttouse=web, web=http://checkip.dyndns.com/, and that is obviously going to go through the VPN and get the VPN’s IP rather than mine. I don’t know if the fix I came up with is the best one, but it works:use=cmd, cmd='curl --silent --interface enp2s0 http://checkip.dyndns.com/ | perl -ne \'chomp; if (s/.\b([1-9][0-9]\.[1-9][0-9]\.[1-9][0-9]\.[1-9][0-9])\b./$1/){print;exit}\''Next problem: I need to be able to log into my home desktop from outside the house. Solution: add routing policy rules on my home desktop so that traffic to/from our family server in the cloud bypasses the VPN, so that I can SSH into the cloud server from anywhere and then SSH into the home desktop from the cloud server. I deployed a script to
/etc/NetworkManager/dispatcher.dto add the routing rules when the VPN comes up and remove them when it comes down. The commands the script runs look like this:ip -4 rule add from [server IP] table mainip -4 rule add to [server IP] table main
It specifies “del” instead of “add” to remove the rules. I figured this out with the help of this Reddit posting. Note that this needs to be a dispatcher script because NetworkManager ignores
PostUpandPreDownlines in wireguard configuration files when importing them, and as far as I can tell there is no way to configure directly in NetworkManager commands to be run when an interface goes up or down.Final challenge: when I am working on one of my laptops and I need to SSH into my desktop, I want to do so directly via the private IP address on the home network when I’m at home, or indirectly through my cloud server when I’m out of the house, and I want this to happen automatically. Fortunately, I already had a NetworkManager dispatcher script which automatically generates ah SSH configuration file that’s included by my main SSH configuration. The old purpose of this script was so that when I’m out of the house with laptop A and I want to SSH into laptop B, which is on my home network but not accessible from the outside, that SSH automatically gets proxied through my desktop, which is accessible from the outside. I was able to augment this script to add the new functionality. Now whenever one of my laptops connects to my home network, the script adds to my SSH config a
Hostsection for the desktop with aHostNameline in it specifying the internal domain host name which resolves to its internal IP address, whereas when the laptop connects to a network outside my home, instead of theHostNameline it adds aProxyJumpline specifying the host name of my cloud server.If you’re one of the two people in the world who read this blog posting all the way to the end, drop a comment and let me know. 😉
#Ansible #ddclient #Linux #NetworkManager #sysadmin #VPN #wireguard
-
@mauro I have a yunohost instance running on a VM on my network. My #namecheap domain DNS supports dynamicDNS and I use #ddclient on the VM side to synchronize my dynamic IP to DNS.
-
-
🔴 INFO
Kostenloser DynDNS-Dienst aus Berlin 🇩🇪 .
Von Desec gibt es seit 2020 eine kostenlose Möglichkeit seinen Home-Server mit wechselnder IP mit einer Domain zu verknüpfen.
Das klappt seit 2 Jahren völlig störungsfrei bei mir!
Was mir sehr daran gefällt ist die Konfiguration mittels #ddclient.
Damit erspare ich mir die DynDNS Einträge im Router.👍
Die Domain lautet dann übrigens:
Domainname.dedyn.io
🔴 Heise schreibt über deSEC:
https://www.heise.de/news/DNS-Sicherheit-deSEC-nimmt-Regelbetrieb-auf-4708748.html
-
Hallo Cloudron Team, habe jetzt erfolgreich und absolut mängelfrei die #cloudron Server-Software auf meinen 24H Mini-Homeserver mit #nextcloud und #matrix Synapse installieren können.
Domain mit #desec und #ddclientDas gibt 5 Sterne:
⭐ ⭐ ⭐ ⭐ ⭐🔴 Cloudron
https://www.cloudron.io/index.html🔴 Nextcloud-Server
https://www.cloudron.io/store/com.nextcloud.cloudronapp.html
🔴 Matrix Synapse
https://www.cloudron.io/store/com.nextcloud.cloudronapp.html
🔴 dyn DNS mit deSEC
🔴 Anleitung ddclient für wechselnde IP
https://desec.readthedocs.io/en/latest/dyndns/configure.html#option-2-use-ddclient
-
spdns.de / spdyn.de notices since months that my dyndns client uses an outdated TLS version. I use ddClient on the Raspberry Pi OS from the Package Manager. The Docker version does not provoke any errors.
Additionally: Since four weeks, ddClient is deprecated.Will switch to inadyn -> https://github.com/troglobit/inadyn
-
If you use #ddclient for your #ddns, beware. In my Debian install, ddclient.conf had read access for all users, giving access to DDNS credentals to virtually all users.
Just so you realize how dangerous this is, anybody with access to a user account can change your A records and point them to their own servers, without you noticing. And all of this from a very simple API.
-
@stevepdp @pingudroid I hear you! I've been trying to get #Mastodon setup on my #RaspberryPi as a #SingleUserInstance since last Friday now ... Managed to get only till getting the dynamic DNS to automatically update using #DDClient today.
Still need to figure out how to get #SSL certificates setup.
But gives the old neurons a chance to feel young again. 😏
-
@nicd #dynamicIPaddress #DDNS #DNS If you look at my website (www.whatwasitagain.com) section "IP address changing every day" there is a way I used using #dynu #DDclient https://www.dynu.com/DynamicDNS/IPUpdateClient/DDClient
which has never failed since I set it up. -
En consultant les logs de ddclient (`sudo cat /var/log/daemon.log | grep ddclient`), j'ai constaté que l'erreur suivante se produit depuis plusieurs semaines :
WARNING: cannot connect to example.com:80 socket: IO::Socket::INET: Bad hostname 'example.com'
Pourtant, le domaine (ici "example.com") est parfaitement accessible depuis la machine...
Pour résoudre ce problème, il a simplement fallu redémarrer le service :
sudo service ddclient restart
-
Wer noch einen #Dyn-DNS Dienst für seine ständig wechselnde IP sucht, der findet hier eine gute Lösung:
🔴 Open-Source
🔴 Sitz in D / Berlin
🔴 Kostenfrei
🔴 Spende erwünscht
🔴 Non-profit
Habe den Dienst in meinen #YunoHost Server integriert und ein #Let'sEncrypt Zertifikat verpassen lassen, klappt prima!
jetzt ist der Server erreichbar unter:
Deinwunschname.dedyn.ioDas schöne, mit den #ddclient wird die IP aktualisiert ohne Router-Konfiguration! klappt prima
-
En aquesta captura de top que he fet fa pocs segons es veu la carrega de la #RaspberryPI4B amb #Mastodon i #PleromaOTP funcionant a l'hora.
Aquesta Pi té 8GB de RAM però tot i executar Mastodon, Pleroma, #Postgresql, #Redis, #nginx i el dimoni #ddclient que actualitza la IP pública al servei #DDNS, té encara lliure més de 1GB de memòria.
Crida l'atenció que el procés que més # CPU gasta és Pleroma amb un 14.2% però bé, son trucs del seu back-end per a millorar la velocitat de resposta. -
Nutze den dyndns von :
Der wird auch von Mike Kuketz empfohlen!
Darüber läuft der #Seafile Server.
Dazu den Dienst #ddclient, damit erspare ich mir die Konfiguration am Router (Fritzbox) Anleitung hier von desec:
https://desec.readthedocs.io/en/latest/dyndns/configure.html#option-2-use-ddclient
Mail und XMPP und die anderen Dienste laufen über Domain/ Subdomain vom hauseigenen Dienst
mit der Endung: Wunschname.nohost.me/Moodle -
Namely, on #Yunohost (which I otherwise ♥️ ) I ran into:
* No automatic port testing, to let me know why connections weren't getting through (I ended up using port testing websites)
* Nothing to detect/account for a dynamic IP address (ended up using #ddclient to auto-update the IP of my domain name)
* No automatic configuration of #DNSmasq to get around a cheap router that doesn't support #hairpinning. This still stops me from accessing my services from my phone when on my home wifi.
