Ddclient
Ddclient is a program that can dynamically update your DNS records for a variety of providers. This is helpful if you're hosting a server without a static IP address.
Installation & Configuration
Below is an example configuration to dynamically update your records in Cloudflare DNS
{
...
services.ddclient = {
enable = true;
interval = "5min";
protocol = "cloudflare";
username = "token";
passwordFile = "/path/to/api.key";
domains = [ "example.com" ];
zone = "example.com";
ssl = true;
};
...
}
Interval may be set to a time of your choosing, check your DNS provider's documentation to ensure that you aren't sending requests too often. For formatting run man 7 systemd.time or checkout the online man pages.
Using Your DNS Provider
For more in depth info on using ddclient for a specific DNS provider visit the ddclient documentation. If your provider isn't listed there try searching the ddclient source code for your DNS name, modifying the above configuration with the relevant protocol, username, passwordFile, domain, and zone.
Cloudflare
Configuration variables applicable to the 'cloudflare' protocol are:
protocol=cloudflare ##
server=fqdn.of.service ## defaults to api.cloudflare.com/client/v4
login=service-login ## login email when using a global API key
password=service-password ## An API token, it must have the permissions "Zone - DNS - Edit" and "Zone - Zone - Read". The Zone resources must be "Include - All zones".
fully.qualified.host ## the host registered with the service.This excerpt of ddclient.in describes the specific options needed for Cloudflare. Reference the above nix configuration to understand the mapping of ddclient config to Nix config.
Troubleshooting
Adding verbose = true to your ddclient config will enable debug logs on the systemd unit. The debug logs can help verify that the client is able to reach your DNS provider even if it doesn't need to change the DNS records.