Cloudflare DDNS with Ansible
2 min read

Cloudflare DDNS with Ansible

I've created an Ansible role to help you install the Cloudflare DDNS Docker container. Read here about it!
Cloudflare DDNS with Ansible

Until recently, I had my blog hosted with Dreamhost. It was great (both when hosting wordpress and then a static CMS): I could cache things, It had Cloudflare integration, and I could just deploy things with SSH. At the same time, I had a server running various services for (photo manager, HomeAssistant etc.). As I always liked the idea of hosting things myself, I thought:

Why not self-hosting the blog itself?

A while ago I stumbled over the r/selfhosted sub-reddit and someone mentioned using dynamic DNS to host their own site. I thought this was an excellent idea, but I was always ambivalent about automatising the process, as it inevitably resulted in some downtime. In the summer I decided to take the plunge and move my blog from Dreamhost to a totally self-hosted solution (thanks @geerlingguy?). This practically implies that my public address (dynamic) gets propagated to the DNS host periodically so:

  1. Browser requests laurivan.com
  2. DNS (from Cloudflare) translates to my public IP address
  3. Request goes through my gateway to my reverse proxy
  4. Reverse proxy sends the request to my local install of the blog
  5. Blog replies with the requested page

I chose to use Cloudflare for DNS because they're free and there is a container already built. As I've already automated some stuff with Ansible, I've decided to go on the same route and create an Ansible role for this too.

How to use the role?


The role's function is simple:

1. Create a configuration for the names to be updated and
2. Install a docker image with that configuration.

The container than runs periodically and updates the public IP address. Easy.

At the time of writing, the configuration looks like this:

dns_container_name: "cloudflare-dns"
dns_image_version: "latest"
dns_volume_config: "/tmp"
dns_domains:
  auth:
    scopedToken: ScOpEd-Token-from-Cloudflare
  domains:
  - name: foo.example.com
    type: A
    proxied: true
    create: true
    zoneId: JBFRZWzhTKtRFWgu3X7f3YLX
  - name: bar.example.com
    type: A
    proxied: true
    create: true
    zoneId: JBFRZWzhTKtRFWgu3X7f3YLY

It:

  • requires the API keys for cloudflare
  • allows you to configure propagation for multiple domain names (and subnames).

Conclusion

I encourage you to read the documentation as it is the de-facto reference for this role and is up to date.

Note: You could run multiple instances of the service for e.g. redundancy or different domains.

Important note: Dreamhost is a great service. They offer a free domain with hosting and an even greater Wordpress hosting (my blog had its peak days there!).

HTH,