DDNS and multiple domains

[Telos]

I just acquired a second domain, and I am seeking a "best practice" to keep my IP updated on both domains.

Both domains are registered with Cloudflare. With "domain1" I set up a Cloudflare DDNS updater which uses my API token to communicate IP updates to Cloudflare.

With the second domain (domain2), I thought about spinning up a second container specifically for domain2. But that got me wondering if I could just use "domain1" as my reference IP in the "domain2" DNS settings on Cloudflare, because domain2 likely has its own unique API key.

Maybe there's a better way to do this. If I had ten domains, I would not want 10 containers running expressly to keep my single IP address current.

What's the better way to handle this? Thanks!

 

[leriak]

I use the DSM ddns functionality using the script below. I haven't tried but I guess adding an additional entry to the ddns updater with the new api key should be possible:

GitHub - joshuaavalon/SynologyCloudflareDDNS: 📜 Cloudflare DDNS script for Synology

📜 Cloudflare DDNS script for Synology. Contribute to joshuaavalon/SynologyCloudflareDDNS development by creating an account on GitHub.

github.com

Beware: this modification needs to be re-done on every DSM update, you can store the script on a folder that does not get "refreshed" but the modification to /etc.defaults/ddns_provider.conf will be removed.

The same developer has a docker container also (but I haven't tried it), there it seems to be easy to set up a second domain:

GitHub - joshuaavalon/docker-cloudflare: Cloudflare DDNS minimal docker.

Cloudflare DDNS minimal docker. Contribute to joshuaavalon/docker-cloudflare development by creating an account on GitHub.

github.com

As for what's better, updating the ip of the second domain or using a CNAME entry to the first one, I guess that depends on what you need to do: if every subdomain is ultimately going to the same ip and all your subdomains use (or don't use) the cloudflare proxy I guess it's just easier to do and maintain the CNAME thing.

 

[one-eyed-king]

Like @leriak wrote: if it points to the same wan ip. Use one main DDNS domain A-record entry and create as many CNAME-record entries like you need and point them to the A-record domain.

It doesn't make sense to DDNS update each domain individually if they would all point to the same ip.

 

[Telos]

Use one main DDNS domain A-record entry and create as many CNAME-record entries like you need and point them to the A-record domain.

So would I enter "domain2.com" as a CNAME to "domain1.com"?

Would I also enter "*.domain2.com" as a CNAME to "domain1.com"?

If so, I would deregister "domain2.com" from Cloudflare? Yes?

How would certs then work for "domain2.com"? Would I need to do that manually, since it is under the "domain1.com" Cloudflare account?

Thank you!

I use the DSM ddns functionality using the script below.

Thank you. I'll read more into this. I've been looking to migrate to this Docker as well. More homework ahead.

 

[one-eyed-king]

I assume both domains are managed in CF.

In the domain "domain2.com", the *-entry would be CNAME Records that point to domain1.com (or whatever subdomain you use for the ddns update). I am not sure if the @-entry can be a CNAME Record as well.

- LE HTTP-Challenge: the client will try to access the tokenfile using the domain the certificate should be issued for. This will work right out of the box, regardless if the certificate should be issue for domain1. com or domain2.com, as long as the CNAME points to an A-Record that points to the correct ip.

- LE DNS-Challenge: the txt record with the token will be/needs to be added in the authoritative dns zone, which for domain1.com certificates is still the dns zone for domain1.com. For domain2.com certificates the dns zone for domain2.com still remains domain2.com.

 

[Telos]

I assume both domains are managed in CF.

Yes. Thanks for your response. I'm now beginning to think multiple DDNS containers is simpler, and I've found one container image, mentioned above, that seems capable of managing multiple domains. Somehow I feel like I'm re-inventing the wheel.

 

[Telos]

Just an update...

I ran across an image that manages multiple domains, as well as overcoming security issues in the now-deprecated oznu image.

If you need a Cloudflare DDNS container, check out favonia/cloudflare-ddns. Its developer is active and responsive to user issues.