[Freedombox-discuss] Action Needed: Dynamic DNS Server Migration

A. F. Cano afc54 at comcast.net
Fri Nov 26 19:27:05 GMT 2021 

On Thu, Nov 25, 2021 at 10:24:38PM -0800, Sunil Mohan Adapa wrote:
> On 11/25/21 20:02, A. F. Cano wrote:
> > On Tue, Nov 23, 2021 at 12:44:25AM -0800, Sunil Mohan Adapa wrote:
> > > On 11/22/21 16:02, Sunil Mohan Adapa wrote:
> > > ...
> > > freedombox.rocks and all of its subdomains are up and running now. The
> > > outage was caused due to a configuration error on the old server during
> > > preparation activities for the server migration. The error has been handled.
> > > 
> > > If you face any further troubles in DNS resolution for freedombox.rocks
> > > domains, please report them.
> > 
> > While I get dns resolution for my domain, and the status updates only
> > when I attempt to configure the new ddns.freedombox.org, the process
> > never completes.  The "Update seup" button keeps turning and turning.
> > If I exit the configuraton screen, say by going back to "System" the
> > set up reverts to gnudip.datasystems24.net.  I had previously gone to
> > gnudip.datasystem24.de and gave permission to migrate the record.
> > 
> > I have tried multiple times over a few days.  Same result.
> > 
> > I don't know if this is related to the certificate.  When the DNS
> > problem was solved, I did see that the certificate had been obtained.
> > Thinking that maybe I had to reobtain it, I did so multiple times.  it
> > didn't work, and now I have exceeded the 5 certificates per week limit
> > and can't obtain one.  I'll try again in a few days, but is this issue
> > with the certificates related to configuring the dynamic dns client to
> > use ddns.freedombox.org?
> > 
> 
> I just referred to the dynamicdns code. It clearly finishes updating the
> configuration before proceeding with triggering domain changed signal (this
> is what the let's encrypt module catches to try to obtain the certificate).
> So, in your case, configuration not getting updated is likely not due to
> certificate issue. To debug, try running the following command as root:
> 
> echo -n "<password>" | /usr/share/plinth/actions/dynamicdns -s
> ddns.freedombox.org -d <yourdomain>.freedombox.rocks -u <username> -p -I
> https://ddns.freedombox.org/ip/ -U '' -c disabled -b disabled -6 disabled

This didn't work:

usage: status|configure <options>|start|stop|update|get-nat|clean|success [updated IP]|failed|get-last-success

options are:
-s <server>             Gnudip Server address
-d <domain>             Domain to be updated
-u <user>               Account username
-P <password>           Account password
-p                      Read Account Password from stdin
-I <URL to look up public IP>       A URL which returns the IP of the client who is requesting
-U <update URL>         The update URL (a HTTP GET on this URL will be done)
-c <1|0>                disable SSL check on Update URL
-b <1|0>                use HTTP basic auth on Update URL
-6                      use IPv6 type address

update                  do a one time update
clean                   delete configuration
success                 store update success and optional the updated IP
failed                  store update failure
get-nat                 return the detected nat type
get-last-success        return date of last successful update

However, this

echo -n "<password>" | /usr/share/plinth/actions/dynamicdns configure update -s ddns.freedombox.org -d <domain>.freedombox.rocks -u <username> -p -I https://ddns.freedombox.org/ip/ -U '' -c disabled -b disabled -6 disabled

finished without errors, but did not update anything:

$ sudo /usr/share/plinth/actions/dynamicdns status
enabled
gnudip.datasystems24.net
<domain>.freedombox.rocks
<user>
<password>
disabled
disabled
0
0
0

Of course the web interface reflects the old (gnudip.datasystems24.net)
location.

> If this succeeds, check that FreedomBox web interface is showing the correct
> configuration. Reboot to ensure that changes apply properly.
> 
> If you currently have a valid certificate, you don't need to re-obtain the
> certificate when the dynamicdns configuration changes. However, the code may
> be doing that.

The certificate got re-obtained automatially overnight.  but as soon as
I did the above, there is no valid certificate.

I kept trying things from the command line, including start, stop,
After that the status reported:

$ sudo /usr/share/plinth/actions/dynamicdns status
disabled
disabled
disabled
disabled
disabled
disabled
disabled
0
0
0

Then:

$ sudo /usr/share/plinth/actions/dynamicdns start
nslookup: '' is not in legal name syntax (unexpected end of input)

Than I tried to look at the web interface and everything was blank.
Re-entered everything by hand and then the "Update setup" completed.
There was apparently some leftover something that prevented this
earlier.

Now:

$ sudo /usr/share/plinth/actions/dynamicdns status
enabled
ddns.freedombox.org
<domain>.freedombox.rocks
<user>
<password>
https://ddns.freedombox.org/ip/
disabled
disabled
disabled
disabled

So, problem solved.  Thanks for replying.

Augustine

More information about the Freedombox-discuss mailing list