From 4e12581deaa3a93b22e9b6ec73210e0f89ff007f Mon Sep 17 00:00:00 2001 From: Mike Heier Date: Wed, 13 Jul 2022 20:39:22 -0400 Subject: [PATCH] Created a script to keep Azure DNS pointed to the public IP --- .env-sample | 9 +++++ .gitignore | 1 + update-dns.sh | 92 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 102 insertions(+) create mode 100644 .env-sample create mode 100644 .gitignore create mode 100755 update-dns.sh diff --git a/.env-sample b/.env-sample new file mode 100644 index 0000000..7e349f4 --- /dev/null +++ b/.env-sample @@ -0,0 +1,9 @@ +SUBSCRIPTION_ID= +CLIENT_ID= +CLIENT_SECRET= +TENANT_ID= + +RESOURCE_GROUP_NAME= +ZONE_NAME= +RECORD_TYPE=A +RELATIVE_RECORD_SET_NAME=@ \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2eea525 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.env \ No newline at end of file diff --git a/update-dns.sh b/update-dns.sh new file mode 100755 index 0000000..7c5ff7a --- /dev/null +++ b/update-dns.sh @@ -0,0 +1,92 @@ +#!/usr/bin/env bash + +# set -x +set -e + +# +# Source the environment variables +# +if [[ ! -f .env ]]; then + echo "MISSING .env FILE!" + exit -1 +fi +source .env + +# +# CURL to get the bearer token for the following calls +# +get_token() { + curl -s -X POST \ + -d "grant_type=client_credentials&client_id=$CLIENT_ID&client_secret=$CLIENT_SECRET&resource=https%3A%2F%2Fmanagement.azure.com%2F" \ + https://login.microsoftonline.com/9da185bf-c68b-4143-af97-f6744a41c9db/oauth2/token | jq --raw-output '.access_token' +} + +# +# CURL to get the recordset +# +get_recordset() { + curl -s -X GET \ + -H "Authorization: Bearer $ACCESS_TOKEN" \ + -H "Content-Type: application/json" \ + https://management.azure.com/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP_NAME/providers/Microsoft.Network/dnsZones/$ZONE_NAME/$RECORD_TYPE/$RELATIVE_RECORD_SET_NAME?api-version=2018-05-01 \ + | jq '.' +} + +# +# Parses the IPv4 IP Address from the Record Set response +# +get_recordset_address() { + get_recordset | jq --raw-output '.properties.ARecords[].ipv4Address' +} + +# +# Updates and formats the record set to be used in the PUT request body +# +update_recordset() { + echo $AZURE_RECORDSET | jq -r ".properties.ARecords[].ipv4Address = \"$1\" | del(.name,.type,.id,.properties.fqdn,.properties.provisioningState) | @text" +} + +# +# CURL to PUT the updated record set +# +put_recordset() { + curl -s -X PUT \ + -H "Authorization: Bearer $ACCESS_TOKEN" \ + -H "Content-Type: application/json" \ + --data-raw "$1" \ + https://management.azure.com/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP_NAME/providers/Microsoft.Network/dnsZones/$ZONE_NAME/$RECORD_TYPE/$RELATIVE_RECORD_SET_NAME?api-version=2018-05-01 +} + +# Get an Accesss Token +ACCESS_TOKEN=$(get_token) +# echo $ACCESS_TOKEN + +# Get the Record Set +AZURE_RECORDSET=$(get_recordset) +echo "Azure Record Set: $AZURE_RECORDSET" + +# Parse the Record Set +AZURE_IP_ADDRESS=$(get_recordset_address) +echo "Azure IP: $AZURE_IP_ADDRESS" + +# Get the currently assigned Public IP +ISP_IP_ADDRESS=$(dig +short myip.opendns.com @resolver1.opendns.com) +echo "ISP IP: $ISP_IP_ADDRESS" + +# If the currently assigned public IP doesn't match the configured IP address in Azure... +# update the Azure record set. +if [ $AZURE_IP_ADDRESS != $ISP_IP_ADDRESS ]; then + echo "IP ADDRESSES DON'T MATCH. UPDATING..." + + # Prepare the request content + AZURE_RECORDSET_UPDATE=$(update_recordset $ISP_IP_ADDRESS) + echo $AZURE_RECORDSET_UPDATE + + # Perform the Update + AZURE_PUT_RESPONSE=$(put_recordset $AZURE_RECORDSET_UPDATE) + echo "Azure PUT Response: $AZURE_PUT_RESPONSE" + + echo "Azure IP Address updated successfully" +else + echo "IP Address is up to date." +fi \ No newline at end of file