DNS-omatic

[git3smurf]

The DNS-o-matic part is not clear to me. It has a lot of services... which are as far as I can see all 3rd party services. What is the point \ advantage in using dns-o-matic instead of a service like dynu dynamic dns? Or should I use the cloudflare service?

Second question: With a domain name, cloudflare as dns supplier, and the dynamic dns service setup at the router (pfsense) it should work with out opening any ports in the router?

Edit: I have a paid domain. The suggested freenom.com doesn't seem to have any domain avaiable (free or paid)… and at questions there is no reply.

[git3smurf]

After some trial and error I found out what the Idea is to link my domain, CloudFlare, DNS-o-Matic and pfSense all together..:

In your Domain <example.com>, make sure to use the assigned CloudFlare nameservers, you can find them on the cloudflare site when logged in under DNS management.

In DNS-o-matic choose CloudFlare as service to add. Under the faq of the Cloudflare-website I found this which was very helpful to me:

Configuration of DNS-O-Matic requires prior knowledge of the following information. Content within <> brackets below must be determined for the particular domain: Email: <CLOUDFLARE ACCOUNT EMAIL ADDRESS> API Token: <CLOUDFLARE GLOBAL API KEY> Domain: <example.com> Hostname: dynamic Email is the email address corresponding to the account used to log in to Cloudflare. If using Cloudflare’s Multi-user account feature, this email address must have sufficient privileges for managing DNS. To find your API Token the Cloudflare UI: Log in to the Cloudflare dashboard. Select My Profile from the dropdown located in the top right. Under API Keys, click View beside Global API

Key. https://support.cloudflare.com/hc/en-us/articles/360020524512

For DNS-o-matic to be used by pfsense: Choose in pfSense to add DNS-o-matic under Services>Dynamic DNS>Dynamic DNS Clients. Interface to monitor: WAN (in most cases) As a host you can use: all.dnsomatic.com (not sure if this is needed) Fill in your dns-o-matic credentials for username and password and leave the rest blank Click "save and force update"

Now, if all works out well, CloudFlare should indicate your WAN-IP which it points to.

[git3smurf]

Above set as decribed. Script installed and ran succesfully... But I cannot reach nextcloud.... instead I get an error 522 from cloudflare... what could be wrong?

[git3smurf]

Have not been able to solve the problem completely sofar... I Have got rid of the 522 error by whitelisting the cloudflare ip# in pfsense / pfblocker ng as indicate on the cloudflare faq site . ... But then I got this error: Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding Try accessing the router by IP address instead of by hostname. Iwonder if nextcloud is functioning in the right way... Should you be able to log in to nextcloud via the local jail_ip? How can I make sure nextcloud is actualy running?

[vroomr]

My guess is you have your pfSense setup borked. You need to NAT ports 80 and/or 443 (most likely both) to your nextcloud internal IP. Also, you might be hitting your pfSense ui instead of nextcloud. (might need to change the port for your pfSense webui also.

You ever get this sorted?

[PrivatePuffin]

@danb35 Please remove the crap about DNS-O-MATIC and Cloudflare completely... Cloudflare already has its own API which can be used on a lot of platforms to setup dyndns.

[danb35]

Cloudflare already has its own API which can be used on a lot of platforms to setup dyndns.

Indeed it does, but DNS-O-Matic's is much more widely supported. But I can probably clarify that DNS-O-Matic is not necessarily required in order to do dynamic DNS.