A Cloudflare Worker script that provides a UniFi-compatible DDNS API to dynamically update the IP address of a DNS A record.
UniFi Dream Machine Pro (UDM-Pro) or UniFi Security Gateway (USG) users may need to update Cloudflare domain name DNS records when their public IP address changes. UniFi does not natively support Cloudflare as a DDNS provider.
Ensure you have a Cloudflare account and your domain is configured to point to Cloudflare nameservers.
- Deploy the Worker:
- Navigate to the Cloudflare Workers dashboard.
- After deployment, note the
\*.workers.dev
route.
- Clone or download this project.
- Ensure you have Wrangler CLI installed.
- Log in with Wrangler and run
wrangler deploy
. - Note the
\*.workers.dev
route after creation.
An API Token will be needed for each UniFi client performing DDNS updates. To create the token(s):
-
Tokens can now be created at the user level or account level
User token:
- Go to https://dash.cloudflare.com/profile/api-tokens
- Key differences:
- Access to all accounts for which the user is a member and has permissions (unless explicitly limited in token settings)
- Actions performed by this token are associated with the user
- Viewable/Editable only by the creating user
Account token: (Recommended)
- On the CloudFlare Dashboard, open the account which manages the target zone(s)
- Select Manage Account > Account API Tokens
- Key differences:
- Access limited to only the account for which it is created
- Actions performed by this token are not attributed to a user
- Viewable/Editable by all account members (with the appropriate permissions)
-
Click "Create Token"
-
Click "Use Template" for "Edit zone DNS"
-
Under "Zone Resources," include the target zone or select "All zones from an account." (If using a user token, "All zones" is also an option.)
Set a token name and/or additional restrictions as desired. -
Click "Continue to summary" then "Create Token."
Copy and save the generated token for later use configuring the UniFi OS Controller.
- Log in to your UniFi OS Controller.
- Navigate to Settings > Internet > WAN and scroll down to Dynamic DNS.
- Click Create New Dynamic DNS and provide:
Service
: Choosecustom
ordyndns
.Hostname
: Full subdomain and hostname to update (e.g.,subdomain.mydomain.com
ormydomain.com
for root domain).Username
: Domain name containing the record (e.g.,mydomain.com
).Password
: Cloudflare API Token.Server
: Cloudflare Worker route<worker-name>.<worker-subdomain>.workers.dev/update?ip=%i&hostname=%h
.- For older UniFi devices, omit the URL path.
- Remove
https://
from the URL.
To test the configuration and force an update on a UDM-Pro:
- SSH into your UniFi device.
- Run
ps aux | grep inadyn
. - Note the configuration file path.
- Run
inadyn -n -1 --force -f <config-path>
(e.g.,inadyn -n -1 --force -f /run/ddns-eth4-inadyn.conf
). - Check
/var/log/messages
for related error messages.
To test the configuration and force an update on a USG:
- SSH into your USG device.
- Run
ls /run/ddclient/
(e.g.:/run/ddclient/ddclient_eth0.pid
) - Note the pid file path as this will tell you what configuration to use. (e.g.:
ddclient_eth0
) - Run
sudo ddclient -daemon=0 -verbose -noquiet -debug -file /etc/ddclient/<config>.conf
(e.g.,sudo ddclient -daemon=0 -verbose -noquiet -debug -file /etc/ddclient/ddclient_eth0.conf
). - This should output
SUCCESS
when the DNS record is set.
- For subdomains (
sub.example.com
), create an A record manually in Cloudflare dashboard first. - If you encounter a hostname resolution error (
inadyn[2173778]: Failed resolving hostname https: Name or service not known
), removehttps://
from theServer
field. - If you are using wildcard subdomains, be sure to enter your
Hostname
in UniFi OS as*.mydomain.com
- There seems to be a bug in the UniFi OS UI that makes it impossible to edit the Dynamic DNS settings, you may need to remove the configuration and create a new one each time you need to make a change.