New Home Assistant Add-on: GoDaddy DNS

mrmichaelrb · August 11, 2021, 9:58am

Home Assistant Add-on: GoDaddy DNS

Automatically update your GoDaddy DNS IP address with integrated HTTPS support via Let’s Encrypt.

About

This add-on will update DNS records that are hosted by GoDaddy to an IP of your choice. It includes support for Let’s Encrypt and automatically creates and renews your certificates. You need to have a domain hosting account with GoDaddy and request API keys from GoDaddy before using this add-on.

For more information, read the documentation.

Installation

First, add the repository that contains the GoDaddy DNS add-on:

or:

Navigate in your Home Assistant frontend to Supervisor → Add-on Store.
Click the drop-down menu on the right and click “Repositories”.
Add the following URL to the list of repositories:
https://github.com/mrmichaelrb/hassio-addons
Close the list of repositories.

Follow these steps to get the add-on installed on your system:

Navigate in your Home Assistant frontend to Supervisor → Add-on Store.
Find the “GoDaddy DNS” add-on and click it.
Click on the “INSTALL” button.

CaptTom · August 11, 2021, 12:10pm

This is sweet! I almost missed this, thanks!!!

The way I’m reading this, if I have a GoDaddy-hosted domain name kicking around, I could simply point it to whatever IP address my provider is giving me today, and get to my HA system using that domain.

I think this is huge for a lot of users. I know I’m going to try it once version 2021.8.x settles down and I know I’ve got a stable environment.

lance.mccarthy · August 11, 2021, 3:30pm

Kudos! I’ll definitely use this in my next HA installation. It is much easier that setting up nginxproxymanager (and a script running on a 10m timer that updates the DNS using the GoDaddy API and ipify).

Foppotee · September 7, 2021, 11:20pm

Hi all.

This could be the answer to my problems, but I am having trouble getting it to work.

To troubleshoot I have installed a fresh installation of HA on a Pi. The only add-on I have installed is the GoDaddy DNS Add-On. I followed the instructions to fill out the config.

The add-on did update my subdomain A record with the correct IP and I do not see any errors in the Add-On Log.

When trying to browse to my domain from outside my network I receive [sub-domain].[domain].com “refused to connect” or “sent an invalid response.”

Any assistance would be extremely appreciated.

mrmichaelrb · September 8, 2021, 2:07am

Ok, your problem is probably something wrong with your HTTP configuration in HA, or the port forwarding on your router. You can look through these forums to find help, but I’ll provide a bit of background for you and anyone else who might run into similar problems.

First, did you add this to your configuration.yaml and restart HA?

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

If so, HA will now be using HTTPS (instead of HTTP) on port 8123.

Then, you need to use port forwarding on your router to map whatever external address:port you want to the private internal HA address:port.

For example, this would map port 12345 (number selected for no particular reason) on an external IP of 104.26.5.238 (just an example) to a private internal HA IP address located at 192.168.0.8 (again, just an example):

104.26.5.238:12345 → 192.168.0.8:8123

Following that, and assuming that my-hostname.my-godaddy-domain.com is your domain name, then this URL would be able to access your HA from the Internet:

https://my-hostname.my-godaddy-domain.com:12345/

If you used 443 (the default port for HTTPS) instead of 12345 for your external port, then this URL would also work (but only if your router or something else doesn’t block or use 443):

https://my-hostname.my-godaddy-domain.com/

If you try to access this URL from inside your private network, your router’s port forwarding may not support hairpinning (aka NAT loopback or NAT reflection), especially if it is older, and so you might only be able to access HA from the external Internet. If that’s your problem, then I’d suggest leaving HA with HTTP for internal private network access (by removing the http section from configuration.yaml), and using the NGINX Home Assistant SSL proxy add-on to provide HTTPS for external Internet access to HA. But, that’s beyond the scope of what I’m going to get into here.

Foppotee · September 8, 2021, 4:39am

Thank you so much for building this add-on and for responding to my post. I am up and running.

Summersky2017 · September 22, 2021, 8:48am

Where is the “DNS add-on configuration” in Godaddy?
I see DNS Management which has Records and Nameservers and then under Advanced Features I have the option to add Premium DNS.

Am I looking in the right section?

Major noob here.

mrmichaelrb · September 22, 2021, 11:34am

The add-on configuration is in Home Assistant, not on GoDaddy’s website.

Navigate in your Home Assistant front-end to “Supervisor”
In the list of installed add-ons, you should have “GoDaddy DNS”. Click on it.
At the top (or bottom) of the GoDaddy DNS add-on page, there will be a “Configuration” section. Click on it.
Change the configuration text and then click on “Save”.

I think HA will prompt you to restart the add-on if you make changes, which you should do.

Summersky2017 · September 22, 2021, 8:50pm

Thanks Michael. I won’t be quitting my day job any time soon.

Summersky2017 · September 23, 2021, 12:43am

Ok so GoDaddy DNS is up and running and everything seems to be ok in the log saying “Renewal successful for domain: <subdomain.my_domain>.com”

However I can’t access HA using .<my_domain>.com and the address ip:8123 is still not secure.

I’ve added the below in the configuration text file. (Assuming this is configuration.yaml)
http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

Am I missing something here?
Do I need to make any changes with regard to Forwarding within GoDaddy?

mrmichaelrb · September 23, 2021, 3:35am

From what you’ve said, I think you’re probably done with the GoDaddy website and configuring the GoDaddy DNS add-on in HA.

Did you restart HA after adding the http section to configuration.yaml?

If you try to connect like this (pretending 192.168.0.8 is your HA’s private IP address):
http://192.168.0.8:8123/
You should get some type of error about making an HTTP request to an HTTPS port.

If you try to connect like this (notice the s):
https://192.168.0.8:8123/
You should get a warning from your browser that the certificate cannot be validated and your connection may not be secure private. Usually, you can bypass this warning (by clicking “Advanced” and then proceeding or continuing).

The only way to connect without errors or warnings will now be through your host name (assuming my-hostname.my-godaddy-domain.com is your domain name and 12345 is the port you’ve randomly chosen to forward on your router):
https://my-hostname.my-godaddy-domain.com:12345/

Summersky2017 · September 23, 2021, 8:12am

Ok good to know.
I’ve had to re-input the below code using File editor.
http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

However I can only access HA by going to https://ip.8123 and clicking Advanced.
When I try to access HA using https://my-hostname.my-godaddy-domain.com I get taken to the below screenshot.

I haven’t chosen a port to forward on my router because I don’t know where and how this step is done?

mrmichaelrb · September 23, 2021, 10:27am

That screenshot looks like a login for your “TP-Link” router, which is allowing connections on HTTPS port 443 of your public IP address… Not something that I personally would want to see (not great security in my opinion), but maybe it’s only allowing it because you’re accessing it from your internal network…

Setting up port forwarding is a bit outside the scope of this thread. Every router is different, but in most cases you can do it by navigating your web browser to the router’s internal IP address, logging on, and then entering the forwarding settings into its web interface.

I’ve already explained earlier in this thread how to do the port forwarding, but you’ll have to figure out what model of router you have and how to configure it. You can probably download a manual for it from the manufacturer’s website. If it isn’t still set to a default username and password listed in the manual, then you might need to contact your ISP to get those. Or maybe they might be listed on a sticker on your router?

Just a bit of advice… Since the router already appears to be answering on external port 443, you’ll probably have to pick a different external port number to avoid a conflict. You could just use 8123 to keep things simple:

external/service port 8123 → 192.168.0.8:8123
(again, pretending 192.168.0.8 is your HA’s private IP address)

Because it isn’t the default 443, you’ll have to include the port number when connecting to your HA:
https://my-hostname.my-godaddy-domain.com:8123/

AlexPotter · January 16, 2022, 11:33am

Hi Michael,

I raised the issue in Github, but then found this thread and thought it could be actually better place to ask for help.

github.com/mrmichaelrb/hassio-addons

Can't install the plugin

opened 05:57AM - 15 Jan 22 UTC

AlexPotterOnGit

Hi Michael, Not sure it is something specific to my environment or some recen…t changes to Home Assistant - can't install the plugin. Errors in the log: 22-01-15 13:14:59 INFO (MainThread) [supervisor.store.git] Cloning add-on https://github.com/mrmichaelrb/hassio-addons repository 22-01-15 13:15:01 INFO (MainThread) [supervisor.store] Loading add-ons from store: 66 all - 2 new - 0 remove 22-01-15 13:15:01 INFO (MainThread) [supervisor.resolution.evaluate] Starting system evaluation with state CoreState.RUNNING 22-01-15 13:15:01 INFO (MainThread) [supervisor.resolution.evaluate] System evaluation complete 22-01-15 13:15:17 INFO (MainThread) [supervisor.addons] Creating Home Assistant add-on data folder /data/addons/data/423ea876_godaddy_dns 22-01-15 13:15:17 INFO (SyncWorker_1) [supervisor.docker.addon] Starting build for 423ea876/amd64-addon-godaddy_dns:1.0.3 22-01-15 13:15:23 ERROR (SyncWorker_1) [supervisor.docker.addon] Can't build 423ea876/amd64-addon-godaddy_dns:1.0.3: The command '/bin/ash -o pipefail -c apk add --no-cache openssl && curl -s -o /usr/bin/dehydrated "https://raw.githubusercontent.com/lukas2511/dehydrated/v${DEHYDRATED_VERSION}/dehydrated" && chmod a+x /usr/bin/dehydrated' returned a non-zero code: 1 22-01-15 13:15:23 ERROR (SyncWorker_1) [supervisor.docker.addon] Build log: Step 1/12 : ARG BUILD_FROM Step 2/12 : FROM $BUILD_FROM ---> bc9cabb4596e Step 3/12 : ARG DEHYDRATED_VERSION ---> Running in 3a49357c511a Removing intermediate container 3a49357c511a ---> caffde16250f Step 4/12 : RUN apk add --no-cache openssl && curl -s -o /usr/bin/dehydrated "https://raw.githubusercontent.com/lukas2511/dehydrated/v${DEHYDRATED_VERSION}/dehydrated" && chmod a+x /usr/bin/dehydrated ---> Running in 197e7cbc1313 fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz 140006463986504:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914: fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.14/main: Permission denied 140006463986504:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914: WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.14/community: Permission denied ERROR: unable to select packages: openssl (no such package): required by: world[openssl] Removing intermediate container 197e7cbc1313 Wondering if you could give any clues to potential reason? Cheers

Will be appreciated if you could have a look on the error.

Cheers,
Alex.

mrmichaelrb · January 16, 2022, 9:54pm

This is a known problem with running HA on some custom docker hosts (basically anything other than the Home Assistant Operating System) and installing add-ons which require OpenSSL. To fix, update libseccomp2 on the host.

See this thread for more information:

AlexPotter · January 19, 2022, 1:00am

Thanks Michael!
The problem is I do run Home Assistant Operating System in a full blown VM on ESXi host. So I guess issue above is not really my case? I commented in the thread you mentioned and Chris seems agreed.
Still can’t install the plugin and will be appreciated for any ideas.

Regards,
Alex.

CrYoGeNiC · March 26, 2022, 4:22pm

@mrmichaelrb

I am loving this addon, Thank you very much! Have it working perfectly for my GD subdomain. I also run Vaultwarden addon with a separate subdomain. Is there anyway to provide DNS updates to multiple subdomains?

Again, thank you!

gigatexel · October 17, 2022, 12:56pm

So how does this addon actually work? Does it detect a WAN-ip change and then calls to GoDaddy?
I’ve installed it, but the logs don’t give much info about the update process working or not.

(I’m not using Let’s Encrypt)

ShannyMan · February 7, 2023, 2:10am

Thank you so much for this Add-On! Its working beautifully and was super easy to setup. Cheers!

DrMor · October 15, 2023, 8:01am

Works beautifully, thank you so much for that!