Atomia DynDNS Agent

This manual describes how to install, set up, and use the Atomia DynDNS Agent that allows your customers to automatically point subdomains to their home computers.

Overview

The DynDNS agent allows your customers to automatically point subdomains to their home computers using the popular DynDNS protocol.

Installation

The DynDNS server must be installed on a linux machine. The preconditions are that the machine has access to Automation Server and Account API. The actual installation is done like this:

apt-get install atomia-dyndns

After that you need to change the config file /etc/dyndns.conf and configure there the urls to access Automation Server and Account API.

[Automation Server API]
api_url=https://automationserver.test.hetzner1.atomiademo.com/CoreAPIBasicAuth.svc?wsdl

[Account API]
api_url=https://accountapi.test.hetzner1.atomiademo.com/AtomiaAccountApiBasicAuth.svc?wsdl

The second part involves changing the /etc/dyndns-server.conf config file:

port=8245

The only thing that can be set there is the port. Last but not least the server needs to be restarted:

stop atomia-dyndns
start atomia-dyndns

Setting up SSL support

1. SSL support is achieved through pound server, which is used to redirect and decrypt traffic. First thing you need is to have the SSL certificate and private key in PEM format.
   1. Export the certificate and private key from the Atomia application servers (usually it is the certificate starting with a star (*)). During export select the options “Include all certificates in the certification path” and “Export all extended properties”.
   2. Copy the certificate to the linux server.
   3. Convert the certificate using openssl pkcs12 -in star.pfx -out star.pem -nodes
2. The next step is to set up the pound server. We first create a new user to run, secure the certificate and then install pound.

   adduser pound
   chown pound:pound /etc/pound/star.pem
   chmod 400 /etc/pound/star.pem
   apt-get install pound
   

3. Then we change the /etc/pound/pound.cfg as follows:

   User            "pound"
   Group           "pound"
   
   LogLevel        1
   Alive           30
   Control "/var/run/pound/poundctl.socket"
   
   ListenHTTPS
           Address 0.0.0.0
           Cert "/etc/pound/star.pem"
           Port 443
   
           Service
                   BackEnd
                           Address 127.0.0.1
                           Port    8245
                   End
           End
   End
   

4. The port 8245 correspends to the port above and 443 is the defaut SSL port. star.pem is our certificate file we create above. If listening on port 80 is also desired add the following section at the end of the file:

   ListenHTTP
           Address 0.0.0.0
           Port 80
   
           Service
                   BackEnd
                           Address 127.0.0.1
                           Port    8245
                   End
           End
   End
   

5. Lastly the pond server needs to be activated. Just change the /etc/default/pound file:

   startup=1
   

6. And then start the pound server:

   /etc/init.d/pound start
   

   This will cause the SSL support to work on top of the HTTP version already working on port 8245.