Using GoDaddy API for Dynamic DNS

It has been difficult accessing my home computer, with potentially a dynamically allocated IP address, from anywhere on the Internet after dyndns.org became a paid service. The following bash script made available by TheBelcherman on the GoDaddy Community forum simulates the functionality of dyndns.org by programmatically updating a DNS record that has GoDaddy as its authoritative nameserver:

#!/bin/bash

# This script is used to check and update your GoDaddy DNS server to the IP
# IP address of your current internet connection.
# Special thanks to mfox for his ps script
# https://github.com/markafox/GoDaddy_Powershell_DDNS
#
# First go to GoDaddy developer site to create a developer account and get
# your key and secret
#
# https://developer.godaddy.com/getstarted
# Be aware that there are 2 types of key and secret - one for the test server
# and one for the production server
# Get a key and secret for the production server
#
# Enter vaules for all variables, Latest API call requries them.

domain="mydomainname.com"                   # your domain
type="A"                                    # Record type A, CNAME, MX, etc.
name="myhostname"                           # name of record to update
ttl="600"                                   # Time to Live min value 600
port="1"                                    # Required port, Min value 1
weight="1"                                  # Required weight, Min value 1
key="ABCxyz123+qwertzxcvASDFasdfBCDEFGwysi" # key for godaddy developer API
secret="122333444455555xyz123abcqwerty"     # secret for godaddy developer API

headers="Authorization: sso-key $key:$secret"

# echo $headers

result=$(curl -s -X GET -H "$headers" \
 "https://api.godaddy.com/v1/domains/$domain/records/$type/$name")
echo $result

dnsIp=$(echo $result | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")
echo "dnsIp:" $dnsIp

# Get public ip address there are several websites that can do this.
ret=$(curl -s GET "http://ipinfo.io/json")

# echo $ret
currentIp=$(echo $ret | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")
echo "currentIp:" $currentIp

if [ -z $dnsIp ] || [ $dnsIp != $currentIp ];
then
  echo "IP's are not equal, updating record"
  curl \
    -X PUT "https://api.godaddy.com/v1/domains/$domain/records/$type/$name" \
    -H "accept: application/json" \
    -H "Content-Type: application/json" \
    -H "$headers" \
    -d "[ { \"data\": \"$currentIp\", " \
        + "\"port\": $port, \"priority\": 0, " \
        + "\"protocol\": \"string\", \"service\": " \
        + "\"string\", \"ttl\": $ttl } ]"
fi

if [ ! -z $dnsIp ] && [ $dnsIp = $currentIp ];
then
        echo "IP's are equal, no update required"
fi

With the above bash script saved at /usr/local/bin/updatedns, the following crontab entry is added to schedule repeated execution of the above script:
*/30 * * * * /usr/local/bin/updatedns

Now, I am able to ssh into my home computer using the following command:
$ ssh myusername@myhostname.mydomainname.com

My ssh clients are configured with my home computer’s host key signature beforehand, so that man-in-the-middle attacks can be detected.

This entry was posted on Monday, September 27th, 2021 at 11:13 am and is filed under IT Administration. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Questions, comments, and responses are welcomed and appreciated.

One Response to “Using GoDaddy API for Dynamic DNS”

  1. Steve Says:
    September 27th, 2021 at 11:19 am

    There is a slight security risk when using the GoDaddy API for implementing dynamic DNS. GoDaddy does not provide refined access control for API keys. If the server running the script featured in this blog post is compromised, it is possible for attackers to make significant changes to the associated GoDaddy account, such as buying domains or transferring domain ownership.

    If account security risk is unacceptable, I recommend implementing dynamic DNS with Hurricane Electric.

Leave a Reply