Docker deploys ddns-go, dynamic domain name resolution public network IPv6 address
ddns-go, automatically obtain your public network IPv4 or IPv6 address, and resolve to the corresponding domain name service.
Do you think IPv6 addresses are too difficult to remember? ddns to solve, use the public network IPv6 address at home!
foreword
Why do you need DDNS
Because the WAN ip obtained by ordinary home or business users is not fixed, but will change from time to time. Once changed, our domain name’s class A resolution record for ip will become invalid, so we need DDNS (Dynamic Domain Name Resolution Service), in Automatically change our domain name resolution record value when ip changes.
ddns-go project address:
GitHub address: https://github.com/jeessy2/ddns-go
Gitee address: https://gitee.com/OtherCopy/ddns-go
video address
This tutorial is supplemented by video, link: https://www.bilibili.com/video/BV1S24y1q79Z
Preparation
Public IP
First of all, it is necessary to ensure that the home has a public network IP address. Most homes now have dynamic public network IPv6 addresses.
We can enter the command in the console to check the IP of the current machine
- Windows:
ipconfig - Linux:
ip addr
Find the corresponding network adapter and check the IP. If it is a public network IPv6, it will have the following characteristics:
| operator | feature |
|---|---|
| telecommunications | 240e beginning |
| move | Beginning with 2409 |
| China Unicom | Beginning with 2408 |
Next, let's visit this website https://ipw.cn/ipv6ping/ , which is a website to test whether the IPv6 address can be pinged. If your IPv6 address can be pinged, it means that it can be used as a If the public network IP is used, the step of checking the firewall can be skipped.
check firewall
If you are not pinged, don’t worry. This is because of the complex network environment at home and the firewalls that may exist in each node, so the ip may not be pinged from the outside. At this time, carefully check the optical modem, router, and host at home. For firewall settings, you can ping their ip addresses one by one in the order of optical modem->router->host. If there is a ping that fails, it means that the upper-level firewall is not closed.
Here I give an example of turning off the firewall here:
- Light cat: uncheck
使能IPv6防火墙控制转发报文
- router:
关闭防火墙
- Host:
关闭防火墙
win: Windows Security Center -> Firewall and Security Protection -> Close the public network firewall
linux:sudo ufw disable
Security issues: Some people worry about whether it is unsafe to turn off the firewall? For most people, since the public network IPv6 address will change every two or three days, there is no need to worry too much about being attacked by violence. However, if you are very sensitive to security, you can control and open some internal network IPs or ports by yourself. But the content of this article is not the focus, please do your own research,
Environment configuration
For ease of use, docker composedeployment is adopted, so docker needs to be installed first
# 安装docker
curl -fsSL get.docker.com -o get-docker.sh
sudo sh get-docker.sh --mirror Aliyun
Tips: If there is no curl command, execute
sudo apt install curland install curl, and then execute the above two commands.
Install
You can choose docker composeor dockerchoose one of the two. I recommend docker composeinstallation, easy maintenance, and no need to type a long list of parameter command lines.
docker compose install
Select a placement directory, for example ~/data/docker_data/, create a new folder to place ddns-go
mkdir ddns-go
cd ddns-go
Create a file in the ddns-go folder docker-compose.ymlwith the following content:
version: "3.9"
services:
ddns-go:
image: jeessy/ddns-go
restart: always
network_mode: "host"
volumes:
- ./ddns-go_data:/root
ps: It is best to execute the following docker-related commands under the root user. Since some file operations are involved, there may be file permission problems if root permissions are not provided.
docker compose up -d
Open in the browser http://主机IP:9876, modify your configuration, success
Note
It is recommended to use reverse proxy software such as Nginx to enable HTTPS access when enabling public network access to ensure security.
docker installation
Mount host directory, use docker host mode. You can /opt/ddns-goreplace with any directory of your host, and the configuration file is a hidden file
docker run -d --name ddns-go --restart=always --net=host -v /opt/ddns-go:/root jeessy/ddns-go
Open in the browser http://主机IP:9876, modify your configuration, success
use
configuration
After the installation is complete, we can access http://主机IP:9876the ddns-go management page.
Here I take the domain name managed by Tencent DNSPod as an example, enter 腾讯DNSPod账号中心-> API密钥-> DNSPod Token->创建密钥
Save IDand Token, this will be the certificate for dns-go to modify dns resolution, go back to the management panel of ddns-go, select the DNS service provider Dnspod(腾讯云), enter the corresponding IDandToken
Configure ipv6 according to your own needs, and Domainsconfigure the domain name in .
Other configurations: Configure according to your own needs to prohibit public network access and login user name and password to prevent tampering by attacks.
Click SaveSave.
After success, you should be able to see the current resolution record of the domain name in your own DNS resolution, and visit https://ipw.cn/ipv6ping/ website again, ping this domain name, and you're done!
renew
docker compose pull
docker compose up -d
uninstall
docker compose down
stop
docker compose stop
reboot
docker compose restart