Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

alt

Daniel Nashed

Free DNS wild-card service from Japan

Daniel Nashed – 30 March 2021 05:33:19

https://www.mydns.jp/images/MyDNS_TOP_LOGO_GREEN_RED.png style=


If you are using a home lab and want to test with many different hosts, having a wild-card DNS entry can be helpful.
This will not work with Let's Encrypt DNS-01 challenges, because it would need DNS TXT records, which are not yet available in a way they can be consumed at MyDNS today.

Still https://www.mydns.jp/#about is  a very interesting option today, because of the sub-domain you can point to your server.
And they have a very simple to use HTTP request option to update your IP.

I have created a very simple script to update my IP at mydns.
To determine my public IP I am using the Google STUN servers, which the Sametime meeting server is also using by default.
You need a turn client to use the STUN servers and find out about your public IP.

CentOS as the required software included in the epel-release.

yum install -y epel-release coturn-utils

After installing the turn client, the following type of script will just set your current IP address.

-- mydns_setip.sh --

MID=mydns123456
PWD=1xQ3BRZnxyz

IP=$(turnutils_stunclient -p 19302 stun.l.google.com | grep "addr:" | head -1 | awk -F "addr: " '{print $2}' | cut -f1 -d:)
echo "My IP: [$IP]"
curl "https://www.mydns.jp/directip.html?MID=$MID&PWD=$PWD&IPV4ADDR=$IP"


This can be quite useful for Let's Encrypt HTTP-01 challenges or test servers at home in general.

I have many different integrations for my hosted servers and also for my home servers.
This includes a ACME DNS server, Cloudfare hosted domains, Hetzner hosted domains, sub-domains at Digital Oceans etc.

But MyDNS is a very simple option to get started with Domino V12 CertMgr and HTTP-01 challenges without a static IP.
And this allows to use more than one host name for example to the SNI configuration.

Sadly this does not allow to request wild-card certificates from Let's Encrypt and other ACME providers -- which requires DNS-01 challenges.
As soon they fully support setting DNS TXT records I can consume with a scripted flow, this will become a great option also for looking into DNS-01 flows with ACME.



Comments
No Comments Found

Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]