I recently bought a UniFi Dream Machine Pro (UDM Pro). I did a ton of research before getting it and saw Dynamic DNS (DDNS) support. But it only supported a hand full of DDNS providers. My domains are in AWS Route53, and I did not want to pay premium pricing for the supported DDNS providers. So I embarked on a journey to create a personal provider to update a subdomain hosted in AWS Route53.

我最近购买了UniFi Dream Machine Pro(UDM Pro)。 在获得它之前，我做了很多研究，并看到了动态DNS(DDNS)支持。 但是它只支持一堆DDNS提供程序。 我的域位于AWS Route53中，我不想为受支持的DDNS提供商支付高价。 因此，我开始了创建个人提供商以更新AWS Route53中托管的子域的旅程。

I first need to figure out how I am going to do it. What does the UDM Pro do? What do the other DDNS providers have that allows the UDM Pro to update them? Any specific configurations I need to set on the UDM Pro?

我首先需要弄清楚我将如何做。 UDM Pro会做什么？ 其他DDNS提供商有哪些可以让UDM Pro更新它们？ 我需要在UDM Pro上设置任何特定的配置吗？

UDM Pro如何通知DDNS提供商？ (How does UDM Pro notify a DDNS Provider?)

To figure this out, I had to go through the logs of my UDM Pro and see what happens when I set up a dummy DDNS Provider. I gave it fake credentials, so it would fail and spit something out to the logs. It turns out that the UDM Pro uses Internet Automated Dynamic DNS Client (Inadyn), which is an Open Source tool!

为了弄清楚这一点，我必须仔细阅读UDM Pro的日志，看看设置虚拟DDNS提供程序时会发生什么。 我给它提供了伪造的凭证，因此它将失败并向日志中吐出一些东西。 事实证明，UDM Pro使用Internet自动动态DNS客户端 (Inadyn)，这是一个开放源代码工具！

Inadyn has excellent documentation and even supports more providers than UniFi OS (the software that UDM Pro runs) allows. But since Route53 is just a DNS provider without a native way to dynamically update records, I would still have to roll out a custom solution. Luckily, Inadyn supported custom configuration, which means I could set up any API I wanted, and I could get Inadyn to communicate with it appropriately!

Inadyn具有出色的文档资料，甚至比UniFi OS(UDM Pro运行的软件)所允许的支持更多的提供商。 但是由于Route53只是一个DNS提供程序，没有本机方式来动态更新记录，因此我仍然必须推出自定义解决方案。 幸运的是，Inadyn支持自定义配置，这意味着我可以设置所需的任何API，而且我可以让Inadyn与其进行适当的通信！

But I know there has to be a standard DDNS API somewhere. I went through some of the supported providers and found that https://dyn.com had some documentation around their APIs (https://help.dyn.com/remote-access-api/). It went through the whole cycle and what the expected response codes were!

但是我知道某处必须有一个标准的DDNS API。 我浏览了一些受支持的提供程序，发现https://dyn.com上有一些有关其API的文档( https://help.dyn.com/remote-access-api/ )。 它经历了整个周期以及预期的响应代码是什么！

So, with all that figured out, I need to write a service that accepts and appropriately handles the following HTTP request:

因此，在找出所有这些之后，我需要编写一个接受并适当处理以下HTTP请求的服务：

GET /nic/update?hostname=home.mydomain.net&myip=192.168.0.1 HTTP/1.0Host: ddns.mydomain.netAuthorization: Basic base-64-authorizationUser-Agent: Company - Device - Version Number

And a response that looks like:

响应如下：

HTTP/1.0 200 OKContent-Length: 4Content-Type: text/plaingood

I will be handling other error code responses to ensure that the Inadyn handles the response appropriately.

我将处理其他错误代码响应，以确保Inadyn正确处理响应。

使用自定义DDNS提供程序更新UDM Pro (Update UDM Pro with Custom DDNS Provider)

Now I need to figure out how to configure the UDM Pro to use a custom DDNS provider.

现在，我需要弄清楚如何配置UDM Pro以使用自定义DDNS提供程序。

I quickly set up an EC2 instance and wrote a simple Go service that listened to port 443. All it did was print out information about the request then respond with a status of good. I pointed my ddns subdomain to the EC2 instance and set up TLS with Let’s Encrypt (Inadyn supports HTTPS by default). If you are following along, don’t forget to update your security groups to allow port 80 (for Let’s Encrypt) and 443 (for Inadyn running on UDM Pro) on all IP addresses.

我Swift设置了一个EC2实例，并编写了一个简单的Go服务，该服务侦听了端口443。它所做的只是打印出有关请求的信息，然后以状态good进行响应。 我将ddns子域指向EC2实例，并使用Let's Encrypt (默认情况下，Inadyn支持HTTPS)设置TLS。 如果您遵循此步骤，请不要忘记更新安全组，以在所有IP地址上允许端口80(用于Let's Encrypt)和443(用于在UDM Pro上运行的Inadyn)。

package mainimport (        "log"        "net/http")func main() {        err := http.ListenAndServeTLS(":443", "/etc/letsencrypt/live/ddns.mydomain.net/fullchain.pem", "/etc/letsencrypt/live/ddns.mydomain.net/privkey.pem", &handler{})        if err != nil {                log.Fatal(err)        }}type handler struct{}func (*handler) ServeHTTP(resp http.ResponseWriter, req *http.Request) {        log.Println(req.URL.String())        auth, found := req.Header["Authorization"]        if found {                log.Println(auth)        }        agent, found := req.Header["User-Agent"]        if found {                log.Println(agent)        }        h := resp.Header()        h.Set("Content-Type", "text/plain")        resp.WriteHeader(http.StatusOK)        resp.Write([]byte("good"))}

I logged into my UDM Pro and set up the setting how I thought they should be for that server (set Service to dyndns, Server to ddns.mydomain.net, and filling the rest in as I would any other provider). When I hit apply, my Go application didn’t return anything. I went digging through UDM Pro logs and found:

我登录到UDM Pro，并设置了我认为该服务器应使用的设置(将Service设置为dyndns ，将Server为ddns.mydomain.net ，然后像其他任何提供程序一样填充其余内容)。 当我点击apply时，我的Go应用程序未返回任何内容。 我浏览了UDM Pro日志，发现：

Aug 13 01:46:32 Home user.warn inadyn[18541]: Fatal error in DDNS server response:Aug 13 01:46:32 Home user.warn inadyn[18541]: [400 Bad Request] 400 Bad RequestAug 13 01:46:32 Home user.warn inadyn[18541]: Error response from DDNS server, ignoring ...

I felt like there should be more output, so I looked up a way to manually run Inadyn without waiting for my IP address to change. Notice: configuration file for UDM Pro is different than the default location for Inadyn.

我觉得应该有更多的输出，因此我寻找了一种无需等待IP地址更改即可手动运行Inadyn的方法。 注意：UDM Pro的配置文件与Inadyn的默认位置不同。

/usr/sbin/inadyn -n -s -C -f /run/inadyn.conf -1 -l debug --foreground

The above showed me that Inadyn made this request:

上面显示了Inadyn发出的请求：

GET home.mydomain.net HTTP/1.0Host: ddns.mydomain.netAuthorization: Basic dXNlcjpwYXNzd29yZA==User-Agent: inadyn/2.5 https://github.com/troglobit/inadyn/issues

Notice how the home.mydomain.net portion is not a valid path. It’s missing the first forward-slash. Digging around in Ubiquiti forums and turns out this is a hidden feature. UniFi OS is supposed to save the Inadyn file a certain way but does so in strange ways. The following was the configuration file UniFi OS created (/run/inadyn.conf).

请注意， home.mydomain.net部分不是有效路径。 它缺少第一个正斜杠。 在Ubiquiti论坛上四处浏览，发现这是一个隐藏功能。 UniFi OS应该以某种方式保存Inadyn文件，但是这样做的方式很奇怪。 以下是创建的UniFi OS配置文件( /run/inadyn.conf )。

## Generated automatically by ubios-udapi-server#iface = eth8custom ddns.mydomain.net {    hostname = "home.mydomain.net"    username = "user"    password = "password"    ddns-server = "ddns.mydomain.net"}

Even though I specified a Service of dyndns, it knows it is a custom DDNS provider because I set the Server field! I went through Inadyn documentation again. It turns out, with the above configuration, it appends hostname to ddns-server. What I want instead is for me to be able to set the query parameters of the URL. Inadyn has a way to do that! The following is the line I want to put in the configuration file.

即使我指定了dyndns Service ，它也知道它是自定义DDNS提供程序，因为我设置了Server字段！ 我再次浏览了Inadyn文档。 事实证明，使用上述配置，它将hostname附加到ddns-server 。 相反，我想要的是能够设置URL的查询参数。 Inadyn有办法做到这一点！ 以下是我要放入配置文件中的行。

ddns-path = "/nic/update?hostname=%h&myip=%i"

I don’t want to modify it directly as firmware updates will overwrite the file! So I appended /nic/update?hostname=%h&myip=%i to the Server configuration and tried again.

我不想直接修改它，因为固件更新将覆盖该文件！ 因此，我将/nic/update?hostname=%h&myip=%i附加到Server配置中，然后重试。

GET nic/update?hostname=home.mydomain.net&myip=192.168.0.1home.mydomain.net HTTP/1.0Host: ddns.mydomain.netAuthorization: Basic dXNlcjpwYXNzd29yZA==User-Agent: inadyn/2.5 https://github.com/troglobit/inadyn/issues

So close! It appears to be still appending the hostname field to the path, and the path needs to have a forward-slash at the beginning for it to be valid. I did try some finagling of escaping the forward-slash to no avail. But a user on the Ubiquiti forum found a solution. It turns out that UniFi OS is trimming off the forward-slashes. So if you put a dummy one first, then “escape” the second one, you should get the expected results.

很近！ 它似乎仍在将hostname段附加到路径，并且该路径必须在开始处带有正斜杠才能生效。 我确实尝试过一些转义正斜杠的尝试，但无济于事。 但是Ubiquiti论坛上的用户找到了解决方案。 事实证明，UniFi OS正在修剪正斜线。 因此，如果您先放置一个虚拟对象，然后再“转义”第二个对象，则应该获得预期的结果。

ddns.mydomain.net/\/nic/update?hostname=%h&myip=%i

Kind of…

有点儿…

## Generated automatically by ubios-udapi-server#iface = eth8custom ddns.mydomain.net {    hostname = "home.mydomain.net"    username = "user"    password = "password"    ddns-server = "ddns.mydomain.net"    ddns-path = "\/nic/update?hostname=%h&myip=%i"}

Even though the back-slash is in the configuration, Inadyn seems to handle it beautifully, and I got a response from my dummy Go service!

即使在配置中使用了反斜杠，Inadyn似乎也能很好地处理它，并且我的虚拟Go服务得到了响应！

2020/08/13 02:23:36 /nic/update?hostname=home.mydomain.net&myip=192.168.0.12020/08/13 02:23:36 [Basic dXNlcjpwYXNzd29yZA==]2020/08/13 02:23:36 [inadyn/2.5 https://github.com/troglobit/inadyn/issues]

结论 (Conclusion)

1. It doesn’t matter what Service is set to as UDM Pro will create a custom Inadyn configuration if Server is configured.

   不管将什么Service设置为UDM Pro(如果已配置Server )都会创建自定义Inadyn配置。

2. Server setting is very particular in how it is configured. ddns.mydomain.net/\/nic/update?hostname=%h&myip=%i

   Server设置在配置方面非常特别。 ddns.mydomain.net/\/nic/update?hostname=%h&myip=%i

3. There is a very useful command for running inadyn manually while trying to develop something. /usr/sbin/inadyn -n -s -C -f /run/inadyn.conf -1 -l debug — foreground

   在尝试开发某些东西时，有一个非常有用的命令可以手动运行inadyn。 /usr/sbin/inadyn -n -s -C -f /run/inadyn.conf -1 -l debug — foreground

While digging around, I did find the need to clear Inadyn’s cache. It caches the last successful update of an IP address, so it doesn’t make too many calls. The following locations are the directories in which Inadyn will cache those IPs.

在深入研究时，我确实发现需要清除Inadyn的缓存。 它缓存上一次成功更新的IP地址，因此不会进行太多呼叫。 以下位置是Inadyn将在其中缓存这些IP的目录。

• /root/.inadyn — created when running the manual command

  /root/.inadyn运行手动命令时创建

• /.inadyn — created when the UDM Pro service runs Inadyn

  /.inadyn —在UDM Pro服务运行Inadyn时创建

下一步是什么？ (What’s Next?)

After all that, I think it is time to define how my DDNS provider will look. I believe using AWS’s API Gateway and Lambda functions will be the best course of action. And because I want to have fun, I may write the Lambda functions in Rust!

毕竟，我认为是时候定义DDNS提供程序的外观了。 我相信使用AWS的API网关和Lambda函数将是最好的做法。 而且因为我想玩得开心，所以我可以用Rust编写Lambda函数！

免责声明 (Disclaimer)

I replaced the domain that I will be using with mydomain.net, which I do not own. I also replaced all IPs that would have shown my public IP with 192.168.0.1 .

我用我不拥有的mydomain.net替换了将要使用的域。 我还用192.168.0.1替换了将显示我的公共IP的所有IP。

The above information is with my UDM Pro. It is running Controller Version 5.13.30 and Firmware Version 1.7.2.2620.

以上信息与我的UDM Pro有关。 它正在运行控制器版本5.13.30和固件版本1.7.2.2620。