Skip to content

Instantly share code, notes, and snippets.

@mueslo
Last active July 22, 2023 11:31
Show Gist options
  • Save mueslo/9258f8b75fe942d36eea4a6d67019f81 to your computer and use it in GitHub Desktop.
Save mueslo/9258f8b75fe942d36eea4a6d67019f81 to your computer and use it in GitHub Desktop.
Dynamic A-Record DNS Updater for united-domains.de (OpenWRT/LEDE)
#!/bin/sh
# requires: wget, ca-certificates, grep
#rm /tmp/cookies.txt
cookiefile="/tmp/cookies.txt"
#domain should contain "domain_id-record_id"
domain_id=$(echo $domain | tr "-" "\n" | sed -n "1p")
record_id=$(echo $domain | tr "-" "\n" | sed -n "2p")
#csrf tokens for login + language xmlhttprequest required to login (nice try blocking my API access, UD)
loginpage=$(/usr/bin/wget --save-cookies $cookiefile --keep-session-cookies --delete-after -qO- "https://www.united-domains.de/login/")
csrf=$(echo "$loginpage" | /bin/grep -oP -m 2 "(?<=<input type=\"hidden\" name=\"csrf\" value=\")[^\"]*(?=\"( /)?>)" | tail -1)
csrfmeta=$(echo "$loginpage" | /bin/grep -oP -m 1 "(?<=<meta name=\"csrf\" content=\")[^\"]*(?=\"( /)?>)")
csrfscript=$(echo "$loginpage" | /bin/grep -oP -m 1 "(?<=\"CSRF_TOKEN\":\")[^\"]*(?=\")")
/usr/bin/wget --load-cookies $cookiefile --save-cookies $cookiefile --keep-session-cookies --delete-after --post-data "language=en-US" --header="HTTP-X-CSRF-TOKEN: $csrfmeta" --header="X-Csrf-Token: $csrfscript" --header="X-Requested-With: XMLHttpRequest" -qO- "https://www.united-domains.de/set-user-language"
ipv4=$1
#login
echo 'login'
loginresp=$(/usr/bin/wget --load-cookies $cookiefile --save-cookies $cookiefile --keep-session-cookies --post-data "csrf=$csrf&email=$username&pwd=$password&selector=login&loginBtn=Login" -qO- "https://www.united-domains.de/login/")
#get current dns record json object & modify ip
record=$(/usr/bin/wget --load-cookies $cookiefile --save-cookies $cookiefile --keep-session-cookies -qO- "https://www.united-domains.de/pfapi/dns/domain/$domain_id/records" | jsonfilter -e "$[\"data\"][\"A\"][@.id=$record_id]" | sed "s/ //g" | sed "s/\"address\":\"[0-9.]\+\"/\"address\":\"$ipv4\"/g")
payload="{\"record\":$record,\"domain_lock_state\":{\"domain_locked\":false,\"email_locked\":false}}"
url="https://www.united-domains.de/pfapi/dns/domain/$domain_id/records"
#send changes
output=$(/usr/bin/wget --load-cookies $cookiefile --method=PUT --header=Content-Type:application/json --header="Http-X-Csrf-Token: $csrf" --body-data=$payload -qO- $url 2>&1)
echo "UD answered: $output"
write_log 7 "UD answered:\n$output"
echo $output | /usr/grep "$ipv4" >/dev/null 2>&1
success=$?
#write_log 7 "Retval: $success"
echo "Retval: $success"
return $success
@izphi78
Copy link

izphi78 commented May 24, 2020

I ported the script to run with certbot... I can confirm that the authentication still works. I also experienced an issue while doing several tests. Due to the many login requests my account was forced into 2fa via mail. So I temporarily had to enter an otp which was send via mail.

Can you check if you can still login via browser without 2fa?

For futher help I need more information.

Best regards

@mueslo
Copy link
Author

mueslo commented May 24, 2020

Still works for me.

@esskar
Copy link

esskar commented May 26, 2020

@izphi78 yes, i run into the same 2fa via mail problem, but that is resolved (for information: grabbing a new ip from your provider resolves it immediately), but i still cant get it to work.
it's my first time with golang - maybe i am missing something - will try on the weekend again

@schmyd
Copy link

schmyd commented Dec 10, 2021

had some issues getting it to work with openwrt 21.02.1. One issue is related to a different path of grep (simple fix). The other is caused by http422 errors that were thrown and could be resolved by using a different Http-X-Csrf-Token header. Also I couldn't pass : for the domain via luci, so I changed the separator to -.

Below you find my patch

diff --git a/ddns_ud.sh b/ddns_ud.sh
index 277cbb5..f86387d 100644
--- a/ddns_ud.sh
+++ b/ddns_ud.sh
@@ -4,15 +4,15 @@

 cookiefile="/tmp/cookies.txt"

-#domain should contain "domain_id:record_id"
-domain_id=$(echo $domain | tr ":" "\n" | sed -n "1p")
-record_id=$(echo $domain | tr ":" "\n" | sed -n "2p")
+#domain should contain "domain_id-record_id"
+domain_id=$(echo $domain | tr "-" "\n" | sed -n "1p")
+record_id=$(echo $domain | tr "-" "\n" | sed -n "2p")

 #csrf tokens for login + language xmlhttprequest required to login (nice try blocking my API access, UD)
 loginpage=$(/usr/bin/wget --save-cookies $cookiefile --keep-session-cookies --delete-after -qO- "https://www.united-domains.de/login/")
-csrf=$(echo "$loginpage" | /usr/bin/grep -oP -m 2 "(?<=<input type=\"hidden\" name=\"csrf\" value=\")[^\"]*(?=\"( /)?>)" | tail -1)
-csrfmeta=$(echo "$loginpage" | /usr/bin/grep -oP -m 1 "(?<=<meta name=\"csrf\" content=\")[^\"]*(?=\"( /)?>)")
-csrfscript=$(echo "$loginpage" | /usr/bin/grep -oP -m 1 "(?<=\"CSRF_TOKEN\":\")[^\"]*(?=\")")
+csrf=$(echo "$loginpage" | /bin/grep -oP -m 2 "(?<=<input type=\"hidden\" name=\"csrf\" value=\")[^\"]*(?=\"( /)?>)" | tail -1)
+csrfmeta=$(echo "$loginpage" | /bin/grep -oP -m 1 "(?<=<meta name=\"csrf\" content=\")[^\"]*(?=\"( /)?>)")
+csrfscript=$(echo "$loginpage" | /bin/grep -oP -m 1 "(?<=\"CSRF_TOKEN\":\")[^\"]*(?=\")")
 /usr/bin/wget --load-cookies $cookiefile --save-cookies $cookiefile --keep-session-cookies --delete-after --post-data "language=en-US" --header="HTTP-X-CSRF-TOKEN: $csrfmeta" --header="X-Csrf-Token: $csrfscript" --header="X-Requested-With: XMLHttpRequest" -qO- "https://www.united-domains.de/set-user-language"

 ipv4=$1
@@ -28,12 +28,11 @@ payload="{\"record\":$record,\"domain_lock_state\":{\"domain_locked\":false,\"em
 url="https://www.united-domains.de/pfapi/dns/domain/$domain_id/records"

 #send changes
-output=$(/usr/bin/wget --load-cookies $cookiefile --method=PUT --header=Content-Type:application/json --header="Http-X-Csrf-Token: $csrf" --body-data=$payload -qO- $url 2>&1)
-echo "UD answered: $output"
+output=$(/usr/bin/wget --load-cookies $cookiefile --method=PUT --header=Content-Type:application/json --header="Http-X-Csrf-Token: $csrfscript" --body-data=$payload -qO- $url 2>&1)
 write_log 7 "UD answered:\n$output"

-echo $output | /usr/bin/grep "$ipv4" >/dev/null 2>&1
+echo $output | /bin/grep "$ipv4" >/dev/null 2>&1
 success=$?
 #write_log 7 "Retval: $success"
-echo "Retval: $success"
 return $success

@ManuGithubSteam
Copy link

This seems to be broken.

I tried to fix it but i get a 404 response...

this is my payload (Ip already xhanged):

{"data":{"A":[{"address":"157.91.144.248","content":"157.91.144.248","id":102270702,"filter_value":"some.one","ttl":600,"type":"A","standard_value":false,"sub_domain":"","domain":"some.one","webspace":false,"ssl":false,"udag_record_type":5},{"address":"157.91.144.248","content":"157.91.144.248","id":102270705,"filter_value":"some,one","ttl":600,"type":"A","standard_value":false,"sub_domain":"*","domain":"some.one","webspace":false,"ssl":false,"udag_record_type":5},{"address":"95.222.29.243","content":"116.203.91.142","id":106534996,"filter_value":"cloud.some.one","ttl":600,"type":"A","standard_value":false,"sub_domain":"cloud","domain":"some.one","webspace":false,"ssl":false,"udag_record_type":5}],"MX":[{"prio":10,"mail_server":"mx00.udag.de","content":"mx00.udag.de","id":101973276,"filter_value":"some.one","ttl":3600,"type":"MX","standard_value":true,"sub_domain":"","domain":"some.one","webspace":false,"ssl":false,"udag_record_type":4},{"prio":20,"mail_server":"mx01.udag.de","content":"mx01.udag.de","id":101973279,"filter_value":"some.one","ttl":3600,"type":"MX","standard_value":true,"sub_domain":"","domain":"some.one","webspace":false,"ssl":false,"udag_record_type":4}],"AAAA":[],"TXT":[],"SRV":[],"CNAME":[],"NS":[],"CAA":[]}}

I tried also with the original Payload but its the same.

upload to united...
Useing this command:

/usr/bin/wget --load-cookies $cookiefile --method=PUT --header=Content-Type:application/json --header="Http-X-Csrf-Token: $csrfscript" --body-data=$payload -qO- $url

--2022-07-30 16:09:10-- https://www.united-domains.de/pfapi/dns/domain/7130160/records
Resolving www.united-domains.de (www.united-domains.de)... 89.31.137.221
Connecting to www.united-domains.de (www.united-domains.de)|89.31.137.221|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2022-07-30 16:09:10 ERROR 404: Not Found.

Response code is 8

Any tipps ?

Thanks!

@izphi78
Copy link

izphi78 commented Jul 31, 2022

I migrated to another DNS Provider which has an API. Not worth the struggle.
In my optinion united-domains DNS is inferior. Last time I checked you couldn't even set CAA etc.
You can keep your Domain at UD, you can simply set NS to point to another Provider.
You can even keep the Mail functionality by setting MX to UDs Servers at the net Provider.

I used dynv6 (perfect for ipv6 dyndns) for a long time but it is very unreliable.
I am now using cloudflare and he.net

@schmyd
Copy link

schmyd commented Aug 2, 2022

Hi @ManuGithubSteam,

it's not really clear to me why you're getting a 404. Script is still working for me. Were you able to resolve it?

@x4FF3
Copy link

x4FF3 commented Jul 21, 2023

Hi,

did they change the login again? cannot login with this script.

EDIT: using the curl command from here: https://gist.github.com/bjuretko/abee8435c8d6f6de39a61322ad44699a does work, but cannot update the ip

@schmyd
Copy link

schmyd commented Jul 21, 2023

still worked for me this morning

@rapkin61
Copy link

Hi @izphi78,
where did you go?
I'm severly thinking about moving my domain to another hoster, that offers an API.

I'm fed up with with that scripting stuff. The shell script here worked for a while, but United Domains seem to permanently change their website. For a while I worked around this with a python script, but even this fails more and more often, because of permanent changes in the html/css code of UD.
This is extremely annoying!
Can you recommend me a good hoster, that has an API?

@mueslo
Copy link
Author

mueslo commented Jul 22, 2023

@rapkin61 FWIW, inwx was recommended to me by a friend, specifically for API access

@izphi78
Copy link

izphi78 commented Jul 22, 2023

@rapkin61 I went to cloudflare. No need to transfer your Domain. Just add it to the Dashboard and set the NS records. If you want to keep mail functionality, set it accordingly in the UD settings and set the MX records as shown in the instructions.

Never had any trouble with it after going that route. And much stuff has integration for Cloudflare like certbot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment