# DDNS for Route53 and UniFi

- [DDNS for Route53 and UniFi](#ddns-for-route53-and-unifi)
  - [Configuration](#configuration)
  - [Route53 Configuration](#route53-configuration)
  - [UniFi DNS Configuration](#unifi-dns-configuration)
  - [Testing](#testing)
  - [Building Container Image](#building-container-image)

This service automatically keeps IPv4 and IPv6 records updated in AWS Route53 and UniFi DNS policies.

## Configuration

All environment variables can be set directly or via a `.env` file in the project root. The `.env` file is gitignored and should contain:

```env
RECORDS_FILE=/etc/ddns/records.yaml
GLOBAL_SKIP_IPV4=false
GLOBAL_SKIP_IPV6=false

ROUTE53_HOSTED_ZONE_ID=ABC123
AWS_ACCESS_KEY_ID=your-access-key-here
AWS_SECRET_ACCESS_KEY=your-secret-key-here

UNIFI_HOST=https://unifi.local:8443
UNIFI_SITE_ID=default
UNIFI_API_TOKEN=your-api-token-here
UNIFI_VERIFY_SSL=false
```

## Route53 Configuration

Set `ROUTE53_HOSTED_ZONE_ID` for the single hosted zone. Records in `RECORDS_FILE` with `provider: route53` will use this zone.

AWS credentials are read from `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` in the `.env` file.

## UniFi DNS Configuration

Set the following environment variables:

- `UNIFI_HOST` - UniFi controller URL (e.g., `https://unifi.local:8443`)
- `UNIFI_SITE_ID` - UniFi site ID
- `UNIFI_API_TOKEN` - UniFi API token
- `UNIFI_VERIFY_SSL` - Verify SSL certificates (`true`/`false`, default: `false`)

## Testing

```bash
uv run pytest
```

## Building Container Image

```bash
# Build
podman build -t gitea.reeseapps.com/services/ddns:latest -f ./Containerfile

# Run
podman run \
--env-file .env \
-v ./records:/records:z \
-it --rm \
gitea.reeseapps.com/services/ddns:latest
```