通过IPv6访问群晖DDNS脚本(Cloudflare)

在什么值得买上看到一篇《移动宽带只能内网穿透? 手把手教你IPV6下的群晖DDNS访问》,于是也尝试了一下通过IPv6访问自己家里的黑群晖NAS。由于我的域名托管在Cloudflare上,所以我参考网上的Cloudflare DDNS脚本做了修改。

首先,家里的宽带是移动宽带,没有公网IP(移动大内网),但是已经支持IPv6并且分配了IPv6地址,下文前提是群晖分配到了一个IPv6地址。

准备工作:

  1. 在Cloudflare上给域名创建一条记录,例如nas.example.com,类型设为AAAA,地址可先随便填一个,如2408:823b:4005:1472:cd24:33c1:a10a:fdeb
  2. 申请Cloudflare API key。
  3. 通过以下请求获取域名example.com的zone id。
curl -X GET "https://api.cloudflare.com/client/v4/zones" \
 -H "X-Auth-Email: {Cloudflare邮箱地址}" \
 -H "X-Auth-Key:  {Cloudflare API key}" \
 -H "Content-Type: application/json"

然后通过以下请求获取之前创建子域名nas.example.com的record id

curl -X GET "https://api.cloudflare.com/client/v4/zones/{Cloudflare域名的 zone id}/dns_records" \
 -H "X-Auth-Email:  {Cloudflare邮箱地址} " \
 -H "X-Auth-Key:  {Cloudflare API key} " \
 -H "Content-Type: application/json"

在群晖控制面板开启SSH并进入,输入sudo -i,回车,输入密码即可进入root环境。然后在/root目录创建cloudflaredns6.sh,对以下内容做修改后保存到文件:

#!/bin/sh
# cloudflareddns6.sh - dynamic dns IPV6 updater module for Synology
#
# Description:
#       copy to /root/cloudflaredns6.sh
#       make executable (chmod +x)
#       add the following entry to task scheduler
#

__USERNAME__="{Cloudflare邮箱地址}"
__PASSWORD__="{Cloudflare API key}"
__HOSTNAME__="{Cloudflare 子域名如 nas.example.com} "
__MYIP__="$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^f | grep -m1 '')"

# log location
__LOGFILE__="/var/log/cloudflareddns.log"

# additional parameters needed for CloudFlare
__RECTYPE__="AAAA"
__RECID__="{Cloudflare 子域名record id}"
__ZONE_ID__="{Cloudflare 域名zone id}"
__TTL__="1"
__PROXY__="false"

log() {
    __LOGTIME__=$(date +"%b %e %T")
    if [ "${#}" -lt 1 ]; then
        false
    else
        __LOGMSG__="${1}"
    fi
    if [ "${#}" -lt 2 ]; then
        __LOGPRIO__=7
    else
        __LOGPRIO__=${2}
    fi

    logger -p ${__LOGPRIO__} -t "$(basename ${0})" "${__LOGMSG__}"
    echo "${__LOGTIME__} $(basename ${0}) (${__LOGPRIO__}): ${__LOGMSG__}" >> ${__LOGFILE__}
}

__URL__="https://api.cloudflare.com/client/v4/zones/${__ZONE_ID__}/dns_records/${__RECID__}"

# Update DNS record:
log "Updating with ${__MYIP__}..."
__RESPONSE__=$(curl -s -X PUT "${__URL__}" \
     -H "X-Auth-Email: ${__USERNAME__}" \
     -H "X-Auth-Key: ${__PASSWORD__}" \
     -H "Content-Type: application/json" \
     --data "{\"type\":\"${__RECTYPE__}\",\"name\":\"${__HOSTNAME__}\",\"content\":\"${__MYIP__}\",\"ttl\":${__TTL__},\"proxied\":${__PROXY__}}")

# Strip the result element from response json
__RESULT__=$(echo ${__RESPONSE__} | grep -Po '"success":\K.*?[^\\],')
echo ${__RESPONSE__}
case ${__RESULT__} in
    'true,')
        __STATUS__='good'
        true
        ;;
    *)
        __STATUS__="${__RESULT__}"
        log "__RESPONSE__=${__RESPONSE__}"
        false
        ;;
esac
log "Status: ${__STATUS__}"

printf "%s" "${__STATUS__}"

保存后,设置可运行权限chmod +x /root/cloudflaredns6.sh

可以在SSH终端里先运行一次bash /root/cloudflaredns6.sh试试,看能否成功,在/var/log/cloudflareddns.log中查看运行日志。

在群晖控制面板“计划任务”里面新增”计划任务>用户定义的脚本“,设为每10分钟运行一次,脚本内容为bash /root/cloudflaredns6.sh

如果DDNS更新成功,那么在IPv6环境下就可以通过nas.example.com:5000来访问群晖了。