Trouble getting desec to work

Question

Trouble getting desec to work

Gontier-Julien opened this issue 2 years ago · 18 comments

So i've moved away from ddclient and came across your project.

I tried to get it working, but i don't really know why it does Error code 50: Authentication failure

Ddclient config:

daemon=300      # check every 300 seconds (5min)
syslog=yes      # log update msgs to syslog
pid=/var/run/ddclient.pid       # record PID in file
# Desec
protocol=dyndns2
curl=yes
use=web, web='https://api.ipify.org/'
ssl=yes
server=update.dedyn.io
login=DOMAIN.dedyn.io
password=TOKEN
DOMAIN.dedyn.io

My inadyn config:

period          = 300
user-agent      = Mozilla/5.0

# We override checkip server with the In-a-dyn built-in 'default',
# api.ipify.org, for details on this, see below.
provider default@desec.io {
    username       = DOMAIN.dedyn.io
    password       = TOKEN
    hostname       = DOMAIN.dedyn.io
    checkip-server = default
}

Inadyn logs from docker:

inadyn[1]: In-a-dyn version 2.10.0 -- Dynamic DNS update client.
inadyn[1]: Failed resolving hostname DOMAIN.dedyn.io: Name does not resolve
inadyn[1]: Update forced for alias DOMAIN.dedyn.io, new IP# MYIP
inadyn[1]: Fatal error in DDNS server response: Authentication failure
inadyn[1]: Error response from DDNS server, exiting!
inadyn[1]: Error code 50: Authentication failure

Answer 1 · 2023-04-23T14:43:18.000Z

Hi, support for desec.io is relatively new (not released yet), so it's great that you help out testing it!

Our current plugin uses https://update.dedyn.io/update.php, but according to the docs the update URL should be https://update.dedyn.io/ ... I can push a speculative fix for you to test, but it would be great if you could first verify, using the same settings, with curl:

curl --user <your domain>:<your token secret> "https://update.dedyn.io/?myipv4=1.2.3.4"

Answer 2 · 2023-04-23T15:11:57.000Z

Oh well happy to help testing it!

And i can confirm that the curl command is working perfectly and without issues !

Edit: it also working with https://update.dedyn.io/update.php

Answer 3 · 2023-04-23T15:18:48.000Z

Hmm OK, that was a bit unexpected ... expected the /update.php one to be the problem.

Answer 4 · 2023-04-23T15:26:02.000Z

Hmm OK, that was a bit unexpected ... expected the /update.php one to be the problem.

But it true that changing the endpoint to not have the update.php would be better if it might change in the futur

Answer 5 · 2023-04-23T15:33:58.000Z

Right, I'll fix that. Can you check one last thing? The curl line was from their docs, the following is closer to what the In-a-dyn plugin does:

curl "https://update.dedyn.io/?username=DOMAIN.dedyn.io&passwword=TOKEN&hostname=DOMAIN.dedyn.io&myipv4=1.2.3.4"

Optionally with this

curl --user <your domain>:<your token secret> "https://update.dedyn.io/?username=DOMAIN.dedyn.io&passwword=TOKEN&hostname=DOMAIN.dedyn.io&myipv4=1.2.3.4"

Answer 6 · 2023-04-23T15:56:48.000Z

Both is working on my side

Answer 7 · 2023-04-23T16:01:45.000Z

Awesome, I've just pushed fixes. Check https://github.com/troglobit/inadyn/actions for completion before you download a new build (container). If you build from source you can pull right now.

Also, remember to use "" or '' around your username/password settings in the .conf file. Sometimes the libConfuse parser tries to to interpret the contents.

Answer 8 · 2023-04-23T16:04:45.000Z

Awesome, I've just pushed fixes. Check https://github.com/troglobit/inadyn/actions for completion before you download a new build (container). If you build from source you can pull right now.

Also, remember to use "" or '' around your username/password settings in the .conf file. Sometimes the libConfuse parser tries to to interpret the contents.

Awesome going to test it when the new build is finish !

Answer 9 · 2023-04-23T16:16:35.000Z

Still the same issue unfortunately :(

With or without "" '' around the username/password

Answer 10 · 2023-04-23T16:37:45.000Z

Oh no, whatever could this be?! Just to be clear, it's this you mean:

inadyn[1]: Fatal error in DDNS server response: Authentication failure
inadyn[1]: Error response from DDNS server, exiting!

Could you try running with -l debug as command line options and post the result? (Make sure to anonymize the output)

Answer 11 · 2023-04-23T16:46:29.000Z

inadyn[1]: In-a-dyn version 2.11.0-rc1 -- Dynamic DNS update client.
inadyn[1]: Resolving hostname DOMAIN.dedyn.io => IP# MYIP
inadyn[1]: Get address for default@desec.io
inadyn[1]: Checking for IP# change, initiating HTTPS ...
inadyn[1]: Checking for IP# change, connecting to api.ipify.org([173.231.16.77]:443)
inadyn[1]: Certificate OK
inadyn[1]: SSL server cert subject: CN=*.ipify.org
inadyn[1]: SSL server cert issuer: C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Domain Validation Secure Server CA
inadyn[1]: Querying DDNS checkip server for my public IP#: GET / HTTP/1.0
Host: api.ipify.org
User-Agent: Mozilla/5.0
inadyn[1]: Successfully sent HTTPS request!
inadyn[1]: Successfully received HTTPS response (130/8191 bytes)!
inadyn[1]: Server response: HTTP/1.0 200 OK
Content-Length: 14
Content-Type: text/plain
Date: Sun, 23 Apr 2023 16:40:59 GMT
Vary: Origin
MYIP
inadyn[1]: Checked my IP, return code 0: OK
inadyn[1]: IP server response:
inadyn[1]: HTTP/1.0 200 OK
Content-Length: 14
Content-Type: text/plain
Date: Sun, 23 Apr 2023 16:40:59 GMT
Vary: Origin
MYIP
inadyn[1]: Checking IPv4 address MYIP ...
inadyn[1]: IPv4 address MYIP is valid.
inadyn[1]: No IP# change detected for default@desec.io, still at MYIP
inadyn[1]: Update forced for alias DOMAIN.dedyn.io, new IP# MYIP
inadyn[1]: Sending IP# update to DDNS server, initiating HTTPS ...
inadyn[1]: Sending IP# update to DDNS server, connecting to update.dedyn.io([88.99.64.5]:443)
inadyn[1]: Certificate OK
inadyn[1]: SSL server cert subject: CN=dedyn.io
inadyn[1]: SSL server cert issuer: C=US,O=Let's Encrypt,CN=R3
inadyn[1]: Sending alias table update to DDNS server: GET /?username=DOMAIN.dedyn.io&passwword=TOKEN&hostname=DOMAIN.dedyn.io&myipv4=MYIP HTTP/1.0
Host: update.dedyn.io
User-Agent: Mozilla/5.0
inadyn[1]: Successfully sent HTTPS request!
inadyn[1]: Successfully received HTTPS response (292/8191 bytes)!
inadyn[1]: DDNS server response: HTTP/1.1 401 Unauthorized
Server: nginx
Date: Sun, 23 Apr 2023 16:41:03 GMT
Content-Type: text/plain
Content-Length: 35
Connection: close
WWW-Authenticate: Token
Allow: GET, HEAD, OPTIONS
Vary: Origin
Strict-Transport-Security: max-age=31536000
No password URL parameter provided.
inadyn[1]: Fatal error in DDNS server response: Authentication failure
inadyn[1]: No password URL parameter provided.
inadyn[1]: Error response from DDNS server, exiting!
inadyn[1]: Error code 50: Authentication failure

Answer 12 · 2023-04-23T16:48:03.000Z

I've found what wrong!
There is a typo in the plugin at the password section!

Line 28 & 38

Answer 13 · 2023-04-23T16:50:34.000Z

Ha ha ha, you're right! Fixing right away :-D

Answer 14 · 2023-04-23T16:56:10.000Z

Also not related to this issue, but since the latest tag in docker is from the commits, wouldn't it be better to have a git specific tag and the latest tag to pull the latest version number?

Answer 15 · 2023-04-23T16:57:57.000Z

Yeah, I'm really bad at docker stuff, mostly faked the current workflows by cut-and-paste. Your suggestion sounds great, do you mind posting that as a separate issue?

Answer 16 · 2023-04-23T16:58:41.000Z

Latest build is soon done https://github.com/troglobit/inadyn/actions/runs/4779425731

Answer 17 · 2023-04-23T17:00:08.000Z

Yeah, I'm really bad at docker stuff, mostly faked the current workflows by cut-and-paste. Your suggestion sounds great, do you mind posting that as a separate issue?

Doing this right away!

Answer 18 · 2023-04-23T17:11:48.000Z

Really hope it works better now. Pushing the fix auto-closed the issue, but if the problem persists we can reopen it.