I (like many web developers) have about a dozen sites that need to be hosted somewhere.

Sites practically do not make a profit, since these are some old works (for various reasons that did not go into production), the home page, the site instituted by beautiful mail and the like. But at the same time, it is a pity to leave these sites, and therefore you have to spend quite real money on them every month to buy hosting. Money, frankly speaking, is small, but nevertheless it is a pity, since there is no return from the sites.

At the same time available:
')

• Ubuntu home server
• Fast ethernet internet from MTS

But there is no key - static IP. If it were, then everything would be much simpler and I would definitely not have written this article. And my MTS absolutely does not want to issue a static IP (unless I connect as a business client).

Of course, there are well-known Dynamic DNS services like noip.com , but they successfully solve only the task of remote access to our server (via SSH or FTP), but we are completely unsuitable for hosting, because we need to register the domain settings on the DNS server A-record with a real IP address (and not a link to our virtual domain).

What to do?

I will not dwell on how to set up a linux server (and especially how to select it), since I assume that you already have it. Also, I will not describe in detail the settings of nginx and Apache, since, again, I assume that you will cope with this yourself.

The first thing I have a problem with is how to redirect visitors from my domains (I have 2 domains) to my home server. That is, that the client who dialed domain.com got exactly on my home server, taking into account that the IP address is changing on it every day.

To solve, we need to configure the DNS server, namely the following records: SOA, NS, MX, A, CNAME. It is important that we have the option of setting the TTL (time to live), since the lifetime of our records should be very short, literally 60-120 seconds. Otherwise, if the server’s IP address is changed, users will not be able to get to our server for a long time (due to caching).

So, we need a DNS server, solutions:

1. We use services that provide us with DNS hosting
2. We use our own DNS server in conjunction with the DDNS domain

Consider both options.

We use services that provide us with DNS hosting

For this there are a number of free services, of which the most popular is freedns.afraid.org . On such services, you can add your domain (s) and be able to update the A-record with them using the API using a small script.

It looks quite good, but the catch is that these services reserve the right to add third-level subdomains to your domain. That is, you registered user.ru with them, and they calmly add their sites of the form hello.user.ru, shop.user.ru and so on. Of course, this can be waived, but ... for the money. I don’t see sense to pay money for such services, because for comparable money you can buy full hosting on any provider without any dancing around the DNS settings.

The remaining services will not be considered, and focus on the second option.

We use our own DNS server in conjunction with the DDNS domain

For this option, we must, firstly, have a DDNS domain (which is updated when changing IP), for example, domain.ddns.net, and secondly, we will have to install and configure BIND on our server.

In total, you need to do exactly 5 steps. Everywhere under the words "domain" or "domain.ru" means your domain name (short or full).

1. Configure 2 or 3 DDNS Subdomains

Why 2 or 3? Because a number of registrants will not allow you to use a domain with only one NS server. The most annoying thing is that not everyone will say about it - your domain will simply not work, but you will not understand why.

Everything is simple - go to noip.com , register an account there and add 3 free subdomains (more than 3 will not allow).

2. Set up your own DNS server

Install BIND:

$ sudo apt-get install bind9 

Create zones (one zone for each of our domain):

 $ sudo nano /etc/bind/zones.my 

with content:

 zone "domain.ru" { type master; file "/etc/bind/db.domain.ru"; }; 

and the actual file with zone settings:

 $ nano /etc/bind/db.domain.ru 

and write inside:

 ; ; BIND data file for local loopback interface ; $TTL 60 @ IN SOA domain.ru. admin.domain.ru. ( 1477015437 ; Serial 10800 ; Refresh 3600 ; Retry 604800 ; Expire 1800 ) ; Negative Cache TTL @ IN NS domain.ddns.net. @ IN NS domain.ddnsking.com. @ IN NS domain.myftp.biz. @ IN MX 10 mx.yandex.net. @ IN A 1.2.3.4 mail IN CNAME domain.mail.yandex.net. * IN CNAME domain.ru. 

Note: I note that the TTL is set to 60 seconds. In the /etc/bind/named.conf.local file we add the connection of our zone:

 include "/etc/bind/zones.my"; 

All, we restart BIND:

 $ sudo service bind9 restart 

And look at / var / log / syslog so that there are no error messages

3. Set up our domain (s)

We go to the registrar's control panel and there in the settings of our domain we specify the DDNS subdomains created as NS servers:

 nameserver1 = domain.ddns.net nameserver2 = domain.ddnsking.com nameserver3 = domain.myftp.biz 

After that, you may have to wait a few hours (or even a day) until the settings clash between all servers.

4. Set up periodic IP address updates

My router supports updating IP-addresses on one domain, but I need to do this immediately for 3 domains. Plus, we need to update the IP address in the BIND config, so we will write a script that will do:

1. Determine our external IP address
2. Check whether the IP address has changed, if not changed, then you do not need to do anything
3. Update the IP address of all DDNS subdomains using the noip.com service API
4. Register new IP address in BIND config
5. Restart BIND

Let the script itself be on the shell:

 #!/bin/sh # This script works via noip.com service + local Bind server # Settings ZONES_CONFIG=zones.my IP_FILE=./current_ip.txt DDNS_USER=user DDNS_PASS=password DDNS_HOST=domain.ddns.net DDNS_HOSTS=domain.ddns.net,domain.ddnsking.com,domain.myftp.biz # Start DATE=$(date +"%Y-%m-%d %H:%M:%S") # detect an external IP IP=$(dig +short $DDNS_HOST) if [ $? -ne 0 ] || [ -z $IP ] || [ $IP = "0.0.0.0" ] ; then echo "$DATE Can't detect a remote IP. Aborting." exit 1 fi # verify IP changing PREV_IP="(unknown)" if [ -e $IP_FILE ] ; then PREV_IP=$(cat $IP_FILE) fi if [ $IP = $PREV_IP ] ; then echo "$DATE IP '$IP' has not changed" else echo "$DATE IP has been changed from '$PREV_IP' to '$IP'" echo "$DATE IP will be updated on DDNS server" /usr/bin/curl -u $DDNS_USER:$DDNS_PASS "https://dynupdate.no-ip.com/nic/update?hostname=$DDNS_HOSTS&myip=$IP" fi echo $IP > $IP_FILE # check BIND config cd /etc/bind if [ ! -e $ZONES_CONFIG ] ; then echo "$DATE File $ZONES_CONFIG not found!" exit 1 fi # read the list of active zones ZONE_FILES=$(grep file $ZONES_CONFIG | grep -v ^# | perl -ne '/file "(.+)"/ && print "$1\n"') for ZONE_FILE in $ZONE_FILES; do echo "$DATE Process the zone config $ZONE_FILE" cat $ZONE_FILE | perl -ne "s/([\t ]+IN[\t ]+A[\t ]+)[\d\.]*/\${1}${IP}/; print \${_}" > $ZONE_FILE.tmp if [ $(diff -w $ZONE_FILE $ZONE_FILE.tmp | wc -l) -ne 0 ] ; then # update serial number STAMP=$(date +%s) cat $ZONE_FILE.tmp | perl -ne "s/\d+(?=.+Serial)/$STAMP/; print \${_}" > $ZONE_FILE # reload BIND service bind9 reload echo "$DATE Config $ZONE_FILE is updated" else # nothing to do rm $ZONE_FILE.tmp echo "$DATE Config $ZONE_FILE is NOT changed" fi done 

The script must be run under the root (so that it has enough rights to update the BIND configs and restart it). Add to crontab root its launch every minute:

 * * * * * cd /home/root && ./update_bind_config.sh >> /var/log/update_bind_config.log 

A few words about the definition of the current IP-address. In the script above, this is done through the rezolving of the domain.ddns.net DDNS subdomain. That is, first our router prescribes it there, and then we read. This is not a very good option, since we are tied to a router and can lose a few minutes while the IP address is updated to the current one on the DDNS subdomain. All this time, our server will be unavailable.

Therefore, I have used an improved version of myself, which at the same time does not climb the Internet:

 IP=$(perl -le 'use LWP::UserAgent; my $content=LWP::UserAgent->new->get("http://router")->decoded_content(); $content =~ q(<span id="wan_ipaddr">([\d\.]+)</span>); print $1') 

In this embodiment, we load the main page of the router (via http), then we regexp it to find the current IP address. Of course, this option is not for everyone, but it works on DD-WRT firmware.

5. Configure the router

I already wrote about the need to configure access to the DDNS service, but do not forget about the need to set up forwarding ports on your router:

• HTTP - TCP, port 80
• DNS - TCP + UDP, port 53

Conclusion

So, what I got in the end:

• My sites live on a home server, for which I do not pay anyone;
• My domains are resolved via my own DNS server, the record lifetime is 1 minute, that is, the update is very fast;
• The NS records are not real IP addresses (which I often change), but DDNS subdomains;
• The urgency of the records in the DDNS subdomains and in the config of my DNS server is provided automatically, without any intervention on my part.

According to my measurements, when MTS (my provider) updates my IP address, then my sites start to work after about 2 minutes. This is perfectly acceptable to me.

PS If someone liked this note, then I can write the second part, where I will tell you how to set up work using Yandex DNS hosting. This will allow you to abandon your own DNS server, abandon DDNS subdomains, plus slightly improve the reliability of operation (since the DNS server will never change its IP). That is the scheme I use at the moment.