Set up Dynamic DNS with Cloudflare on Synology DSM 6

DDNS

In the Synology DSM there are several DDNS services available. Unfortunately Cloudflare isn’t among them. But there is a way to get it up and running thanks to joshuaavalon at github.

First of all you need a domain name already using cloudflare. If you don’t, there might not be any reason for you to read this tutorial.

Steps

  1. Download and install script to NAS
  2. Get needed info from Cloudflare
  3. Update the script
  4. Activate DDNS in DSM

1. Download and install script to NAS

a. log in to your nas with SSH as admin. If SSH isn’t activated, do the following

  • Login to your DSM
  • Go to Control Panel > Terminal & SNMP > Enable SSH service
  • Open a terminal of choice and type ssh admin@NASHOSTNAME or IP

b. Download cloudflareddns.sh from joshuavalons githup repository to /sbin/cloudflaredns.sh by entering the following command

sudo wget https://raw.githubusercontent.com/joshuaavalon/SynologyCloudflareDDNS/master/cloudflareddns.sh -O /sbin/cloudflaredns.sh


c. Change permissions of cloudflareddns.sh file

sudo chmod +x /sbin/cloudflaredns.sh

d. Add cloudflareddns.sh to synology by pasting the following lines into your terminal and press enter.

sudo echo "[Cloudflare]">>/etc.defaults/ddns_provider.conf
sudo echo " modulepath=/sbin/cloudflaredns.sh">>/etc.defaults/ddns_provider.conf
sudo echo " queryurl=https://www.cloudflare.com/">>/etc.defaults/ddns_provider.conf

2. Get needed info from Cloudflare

a. Log in to your cloudflare account and select the domain you intend to use and go to “overview”.
b. Copy your “Zone ID:”
c. Copy your API key by selecting “Get your API key”

cloudflare-overview

d. Edit the script below by replacing keys with the keys your retrieved earlier.
e. Get your record ID by pasting the updated script in your terminal and press enter.

curl -X GET "https://api.cloudflare.com/client/v4/zones/xxxxxxxxxxZONE-IDxxxxxxxxxxxxxx/dns_records" \
   -H "X-Auth-Email: your@email.com" \
   -H "X-Auth-Key: xxxxxxxxxxxxxAPI-KEYxxxxxxxxxxxxxxxx" \
   -H "Content-Type: application/json"


The record ID is the first ID listed in the output {“result”:[{“id”:”xxxxxxxxxxxRECORD-IDxxxxxxxxxxxxxxx“..

 

3. Update the script

a. You now need to update /sbin/cloudflaredns.sh with the paramaters you have retrieved. I do this with Nano because vim doesn’t make sense =)
If you don’t have nano installed you can do it by installing entware or optware. I recommendthe following guide keestalkstech.com
in the script scroll down and edit the followin paramaters.

# CloudFlare Config
__RECTYPE__="A"
__RECID__="xxxxxxxxxxxRECORD-IDxxxxxxxxxxxxxxx"
__ZONE_ID__="xxxxxxxxxxZONE-IDxxxxxxxxxxxxxx"
__TTL__="1"
__PROXY__="true"

4 Activate DDNS in DSM

a. Log in to DSM, open the control panel and go to External Access and click Add under DDNS

b. Choose Cloudflare as service and enter your details in the DDNS window. Your password is your API-KEY and not your cloudflare password.

DDNS

You should be all set! If not, don’t hesitate to comment and I’ll see if I can help.

Oh and as usual, if something breaks, blame the bad guys..

 

16 Comments

  1. I am sure I am not the only one, you’ve mentionned to comment if not… can I say that I wanted to thanks you a lot and add that it worked PERFECTLY ?
    This tutorial is just top because only few of the other mentionned so clearly how to make it match with DDNS on synology !
    Thanks a lot, a lot, a lot :)

    • Sorry you’re experiencing trouble. Please check step 1:D and make sure there weren’t any additional line-breaks or characters entered (This can also happen if you copied the code from above. Copying from a browser to the terminal can create mischief every now and then) The only thing I can think of is if something broke the etc.defaults/ddns_provider.conf -file. That’s were all the ddns-providers are listed. Check the file and make sure it’s “okay”. If it’s corrupted I can send you an original. The setup above should still be working. Hope that helps

  2. Hi!. First thanks for this script and sorry for my bad English.
    When I executed the cloudflaredns.sh script say this error.

    {“success”:false,”errors”:[{“code”:9106,”message”:”Missing X-Auth-Email header”},{“code”:9107,”message”:”Missing X-Auth-Key header”}],”messages”:[],”result”:null}

    But when I configured in the Synology the status is normal.

    • Hey Luis,
      As long as it’s working, that error code is most likely a result of an update in the cloudflare API. This script is quite old but I’m sure cloudflare will stay backward-compatible for a while longer. If it stops working we’ll have to update the script according to the new api. Let’s hope it won’t be needed =)

  3. admin@SLEESTAK:~$ sudo echo “[Cloudflare]”>>/etc.defaults/ddns_provider.conf
    -sh: /etc.defaults/ddns_provider.conf: Permission denied

    Was going well until this I get permission denied. I had to login as admin and “sudo -i” enter admin password again and I got the root prompt. After this no issues!

    Will this get replaced each time i update DSM?

    • Hi Nnyan. This might be a permissions error in Synology. There are many reports on how permissions break, often after upgrading from DSM 5 to DSM6. I had several permissions problems myself after the update and eventually reset my entire machine and installed DSM6 fresh without issues. But as long as sudo -i works, you should be fine. However, just sudo should in fact work so somethings fishy. I’m glad you got it figured out!

      Regarding if the update will change the files. The answer is maybe. Every time Synology makes an update, they don’t necessarily push updates to every single file, only the ones they are infact updating. Which means, if those specific files get updated, then yes, most likely they will be changed. It’s a good idea to keep a copy or just run the command again. I have set up cron jobs that I can run manually that re-does all my personal changes on my NAS depending on the situation. That’s a quite handy way to go since you can choose to run with root privileges.

  4. All done. Seems to work, but how to test?
    Another question, does it also works for sundomains? Or should you setup every sub domain in DDNS on Synology?

    • I would test it by first changing to a random wrong ip in cloudflare dns. Then press the “Update now” button and it should update the ip if it’s working. Regarding sub domains it won’t update them automatically and unfortunately I don’t think you’ll have much luck with this script since we are updating the domain through the “record ID” and each domain only has one record ID and the subdomains don’t have a different record. I don’t think cloudflare will know it’s a different domain and it will either not do anything or it will just update the main dns. If you do figure something out don’t hesitate to write it here, that would be great information.

      • It does work for subdomains. You have to create a subdomain first and then put its id in __RECID__=””. In the synology settings you put your domain (without subdomain) and it should work.

  5. Hi David, thx for the walk though, worked like a charm. Quick question however, when the update fails, the error is not propagated to the “Status” in “External Access -> DDNS”. You need to go to the log to see that it failed. It’s a bit of a shame because you don’t get notified by email. Do you know how to change the status on failure?

    • Hey man, glad it worked out!
      I actually started using DNS-O-Matic just recently myself. They have implemented support for cloudflare so it works pretty well. This tutorial still works but as iK mentioned in a previous comment, there’s an updated script for cloudflare’s API which I have not yet tried. I could write a quick tutorial on how to use DNS-O-Matic it if needed, it’s fairly simple to use. It utilises the normal status of DDNS for errors too. I’ll leave this tutorial up for those who don’t want to create an additional account and leave the management to a third party, at least as long as it works. I might update with the latest script as well at some point.

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.