path: root/README.md

# simpleddns

Very simple DDNS client with support for

- IPv4 and IPv6
- Linode, DigitalOcean, and AWS Route 53 providers.
- Allows obtaining IP address via any shell command.
- Customize TTL, API call interval & timeout.
- Multiple domains.

Run `install.sh` to install.
Then run `simpleddns --setup` to create a configuration interactively.
Lastly run `simpleddns` to start the DDNS client.
Currently only Unixy platforms are supported (i.e. not Windows, but maybe WSL or MinGW or something).

## Security: CAA record

If you want to run an HTTPS server under simpleddns,
(or think that someone might *believe* that there is an HTTPS server
 on your domain)
make sure you create a [CAA record](https://letsencrypt.org/docs/caa/)
that doesn't allow http-01 challenges.
By default, simpleddns fails if no such record exists.
Otherwise, anyone who can interfere with your IP-getting command such as

- the web site you're using to query your IP
- any internet infrastructure between you and that web site
  (NB: TLS does **not** save you from IP address tampering)

**can maliciously issue perfectly valid certificates for your domain!!**

If you are not using an internet service to query your public IP
and you're instead getting it by trusted means, or
if you're using some random (sub)domain no one will try to access via HTTPS,
then you don't have to worry about any of this
and can set `allow_no_caa = True` in your configuration.

## Alternatives

This particular set of features is somewhat unique.
But there are other DDNS clients out there:

- [godns](https://github.com/TimothyYe/godns)
- [ddclient](https://github.com/ddclient/ddclient)


## Example systemd service

(This assumes a user `simpleddns` has installed the program.)

```
[Unit]
Description=Simple DDNS client
After=network.target
 
[Service]
Restart=always
RestartSec=20
User=simpleddns
WorkingDirectory=~
ExecStart=/bin/sh -c .local/bin/simpleddns
 
[Install]
WantedBy=multi-user.target
```