Now the problem was that my isp doesn't assign static IP addresses, so I had to update my domain DNS settings regulary to keep it forwarded to my actual external IP address.
In order to do this, my DNS registrar ( TransIP ) provides an API built in PHP which allows to update the DNS settings for my domain.
Though my knowledge of PHP is next to nonexisting, I managed to get a setup running in a FreeNAS jail which will be explained in this blogpost.
Overview
- Creating a FreeNAS jail + general configuration
- install php & php-extensions
- script for execution + crontab
- This installation was done on FreeNAS 9.2.1.3-RELEAS-x64
- forumpost on transip which contains a working php script: click!
1. Creating a FreeNAS jail + general configuration
Start off by logging into the FreeNAS webinterface and navigate to jails and choose to add a jail.Enter a suitable jailname, make sure to select standardjail as type, and fill in an IP address in the same range as the subnet where the FreeNAS server is located in.
| property | value |
|---|---|
| Jailname | TransIP-PRD |
| IPv4 address | 192.168.1.110 |
| type | standard |
| vanilla | FALSE (unchecked) |
Once the jail is created, open a terminal session on the newly created jail via the FreeNAS web interface so that SSH can be enabled.
Configure root password
The root password can be set by executing the following commandpasswd root
Create technical user account
The technical user account will be used to run the script.run the adduser command to create a new user:
Enable SSH
modify the file /etc/rc.conf so that sshd_enable="NO" becomes sshd_enable="YES". This will make sure the sshd daemon will be start when the jail is started:ee /etc/rc.conf
Now, the SSH daemon isn't running yet, execute the following command to start the sshd daemon:
service sshd start
Setting the hostname
Setting the hostname for the jail should be done so that it gets a nice name, issue this by executing the following commandhostname transip-prd.local
Portstree
Now that ssh is set up and a technical user account (transip) is created, further configuration can be done via a SSH session. Once logged in via ssh, run the following commands to pull and extract the portstree in the jail :portsnap fetch extract
Note: Only the first time portsnap fetch extract should be used. If the portstree is already extracted, it can be updated in the future by executing portsnap fetch update
2. Install php and php-extensions
After the portstree is available inside the jail (default location is /usr/ports), the necessary software can be installed.Since the API is written in php, the php port should be installed inside the jail, this is done by executing the following commands as root:
cd /usr/ports/lang/php56
make install clean
After the sourcecode is downloaded and compiled, the program will be available: man php
The API also requires some php-extensions to be installed:
cd /usr/ports/lang/php56-extensions
make config
 |
| php56-extensions to be installed (1) |
 |
| php56-extensions to be installed (2) |
Moving the API to the jail
The API should be placed inside the jail so that it can actually be used. There are different ways of doing this, depending on your setup. I did this myself by downloading the API to my PC-BSD machine and with the help of the scp command the file could be copied to the jail (ssh should be running on the server for this method to work!)Notice that the scp command was run on my PC-BSD machine.
scp transip.tar transip@192.168.1.110:/home/transip
after the file was copied to the jail, it can be extracted with the following command:
tar -xf transip.tar
PHP script
In order to have a working php script, follow the instructions provided in the commented section of the php script - TransIP-updateDNS3. script for execution + crontab
Fix group membership
Earlier on in this blog, the transip user was created and added to the wheel group, which allows the user to switch user to root. Now all configuration is done, the user can be removed from the 'wheel' group to improve the securitypw groupmod wheel -d transip
Shell script
A shell script provides the possibility of having multiple commands being run sequential. The following code will check if there is a directory called 'log'. If not, it will be created in /home/transip/updateDNS. Then, the current date and timestamp will be shown, and the actual php script which handles the DNS update is launched.#!/bin/sh
cd /home/transip/updateDNS
if [ ! -d log ]; then
echo "creating log folder"
mkdir log
fi
date "+%d/%m/%Y - %H:%M"
/usr/local/bin/php /home/transip/updateDNS/update.php
printf "\n"
Make the script executable by executing chmod o+x shell.sh cd /home/transip/updateDNS
if [ ! -d log ]; then
echo "creating log folder"
mkdir log
fi
date "+%d/%m/%Y - %H:%M"
/usr/local/bin/php /home/transip/updateDNS/update.php
printf "\n"
If the script runs fine, you will see the following output (make sure to run this command as the transip to verify permissions are OK):
The shell script runs just fine, without any errors (permissions, php plugins missing,... ). The script should now be run on a fixed interval to keep the domain forwarded to my actual external IP.
Crontab
The crontab file allows us to configure scheduled tasks. In my case, I'll be running the 'update.sh' script each 15 minutes. The script should be run as the transip user, so make sure the following command is ran as the transip user.crontab -e
and add the following line
*/15 * * * * /bin/sh /home/transip/updateDNS/update.sh >> /home/transip/updateDNS/log/updateDNS.log
No comments:
Post a Comment