Hi, i want to have multiple services running from my network. I do not have accses to a static ip and i use ddns from cloudflare. I want to have (https://ddns.mydomain.com/bitwarden) as an example. I have looked at HAproxy in pfsense. i would like to hear if there are better ways, or help to what i am proposing.
I have an A record that points my home ip, which is not static, to home.mydomain.com using cloudflare. I update the record with a python script that i run every 30 minutes on my server using cron. The script first checks if my ip has changed and if it has, it updates my home’s DNS A Record using Cloudflare’s api.
Below is the code I use.
#!/usr/bin/env python3
import requests
import json
from os import path
import re
import datetime
#get the current time for logging
ts = datetime.datetime.now()
print("Running the ddns updater script. The time is %s" % ts)
# regular expression for validating an Ip-address
regex = "^((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])$"
# function for validating the Ip addess
def check(Ip):
# pass the regular expression
# and the string in search() method
if not (re.search(regex, Ip)):
print("Invalid Ip address detected")
quit()
#get current wan ip
response = requests.get('https://api.ipify.org').text
if response:
ip = response
else:
print("error while trying to connect to https://api.ipify.org")
quit()
check(ip)
#read saved old ip from text file
file_name='ddns_ip_storage.txt'
#get current working directory
dir_path = path.dirname(path.abspath(__file__))
file_path=path.join(dir_path, file_name)
#check if the text file used for storing ip exist
if path.exists(file_path) == False:
f=open(file_path, 'w')
f.write(ip)
f.close()
f=open(file_path, 'r')
old_ip=f.read()
f.close()
#check if old ip has changed
if old_ip != ip:
zone_id = "5890485lkjlkjdlfksjfsdkljf"
email = "[email protected]"
auth_key = "fdlfjlkjfkldjfljdlfjkj343k3l4j3klj4kj"
dns_data = {"type": "A", "name":"subdomain.mydomain.com", "content":ip, "ttl":1}
dns_id="j32kljlkjlkjlfjdlkjfldkfjldkfjlkj"
dns_url = "https://api.cloudflare.com/client/v4" \
"/zones/" + zone_id + \
"/dns_records/" + dns_id
headers = {"X-Auth-Email": email , "X-Auth-Key": auth_key , "Content-Type":"application/json"}
#updates subdomain.domain.com dns A record with current ip
response = requests.put(dns_url, headers=headers, json=dns_data).json()
if response:
print("successful dns update")
else:
print("error updating dns")
#writes new ip to text file
f=open(file_path, 'w')
f.write(ip)
f.close()
print("the new ip is %s \n" % ip)
else:
print("Ip %s has not changed. \n" % old_ip)
What you’re looking for is a reverse proxy. You can configure a Web server like Apache or nginx to do that. You then port forward all web traffic to the web server and then create sites which will proxy to the servers you want to connect to. You can also use this to add TLS to the service.
If you have a search for bitwarden reverse proxy you’ll find a guide for it.
I’ve had a similar setup and found HAProxy in pfSense pretty helpful for routing traffic. It can balance requests to different services smoothly.
1 Like
I’ve been in a similar situation before, trying to run multiple services from a dynamic IP. Using DDNS is a solid choice, and HAProxy in pfSense can work really well for your use case. If you want to simplify things, you could also look into using NGINX as a reverse proxy—it’s lightweight, flexible, and can handle your routing needs pretty easily.When I was setting up my network, I ran into some issues with stability, especially when trying to access services remotely. I used Cloudflare’s DDNS too, and while it worked fine, I also made sure to secure my network with firewalls and some extra monitoring. I had a scare once where I noticed some strange traffic from an ip stresser site, and it made me realize how important it is to lock down services with proper security layers.