The Why?
The short and sweet of it is that we want to update a Linode DNS A record to the latest dynamic IP of your server it is assigned to. This can be a home server or a remote branch office server and much much more.
We will leverage this using Ansible playbooks that will retrieve your IP address externally and then return your IP and then call’s the Linode API to update the A record using Ansible. It will also schedule a cron job to ensure that the DNS record is constantly updated
Prerequisites:
- Linode account and Domain using Linode Name Servers.
- External Linux Apache web server with PHP installed to host code to return your current IP.
- Linux Ansible installed on remote server that you want the external IP for.
- Basic understanding of how API’s work and working with Linodes. Recommended reading Linode API Document that can be found here: https://www.linode.com/docs/api/#tag/domains
- GIT clone of my code: https://github.com/akelling/ansible-linode-DNS-updater
- I HIGHLY recommend cloning this in your home users directory under ~/git/ for everything to work out of the box
What is not covered:
- Adding Ansible Vault entry’s
- Working with API’s
- Setting up Apache and PHP server
The Setup:
- Here is the PHP code I used to return my external IP
root@localhost:/var/www/sites/whatsmyip# cat index.php <?php //whether ip is from share internet if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip_address = $_SERVER['HTTP_CLIENT_IP']; } //whether ip is from proxy elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip_address = $_SERVER['HTTP_X_FORWARDED_FOR']; } //whether ip is from remote address else { $ip_address = $_SERVER['REMOTE_ADDR']; } echo $ip_address; ?>
- Setup an API token on Linode and put the token in a secure spot. https://cloud.linode.com/profile/tokens. I put mine in my Ansible Vault File (Ansible Vault Info can be found here.) so it can be called in the playbook. I called my vault variable vault_linode_api_key
- Create the A Record in your domain that you want to dynamically update.
- When your on the domain page on Linode take note of the numbers at the end of the URL that is the UID for the domain zone file. It will look something like this https://cloud.linode.com/domains/1234567. We will need this information when editing the Ansible playbook
- The easiest way I have found to find the exact record that you are editing is by using the API curl calls to pull the A record that you want to use
curl -H "Authorization: Bearer $TOKEN" \
https://api.linode.com/v4/domains/1234567/records
In my particular case I want to edit the records gatekeeper. The id is what we are gonna need to edit the record in the playbook - Edit the following playbook
~/git/ansible/roles/linode-dns-updater/tasks/main.yml