Home Automation Domotica Forum Europe, Bwired Forum

Hi all, I tried to write an HOWTO to achieve a ssl enabled ddns domain for toon with a valid letsencrypt certificate.

... and I ended up with a script called ddns_client.sh which installs a dyndns client for dynu.com and also acme.sh for creating and automatic updating a let'sencrypt SSL certifcate.

As a result you'll get external password protected SSL (mobile) access for rooted Toon on a -always free- dynu ddns domain.

I published the script on github

in short:

• Specify username and pasword in Toon for mobile access
• Create an account on dynu.com and register one of their free third level ddns domains and make a note of Client_id and secret.
• Create a port forwarding rule on your router
• After logging in in Toon with putty I can (maybe you can too) install the script online directly from github:

  Code: Select all

  curl https://raw.githubusercontent.com/gerlag/ddns_for_toon/main/ddns_client_download.sh -O && sh ddns_client_download.sh install

Feel free to test, use or fork it,
Tested on Toon1. I don't have access to a Toon 2. Assume this script could work on Toon 2 too, maybe with minor changes.

Use at your own risk...

Nice! Didn't try it yet but studied the code.

Acme uses contrab to update the certificate when needed but crontab isn't installed normally on toon1/toon2. So that is one thing to keep in mind before running this script.

And a toon2 doesn't have cron binary in the installed list. That's also why we stopped installing it per default on rooting scripts.

The script will install crontab when it's not installed and then it reboots Toon. One of my Toon's 1 had crontab installed, the other (spare) Toon had not.

I didn't know Toon 2 has no crontab at all. Acme.sh needs crontab too, so without it it seems to be a problem to get it running on Toon2.

[edit] I saw that . acme.sh can be installed without cron: Maybe putting a small script in init.d with an infinite loop that triggers the acme letsencrypt update once a month could do the trick. I'll have a look at it next week.

BTW, I tested the ssl quality, it gets an 'A' from https://www.ssllabs.com/ssltest/ . Not so bad for such a 'light' device as Toon1 is...

Think we can add the acme.sh in the tsc script to run each week or so. Let me think about that

That's of course a good alternative. In that case, the ddns update script should also be triggered every (half an) hour or so.

Zo Berlag. Goed bezig, ik ga hem eens proberen op een toon 2.

In eerste instantie wordt de update-rooted.sh niet gevonden.. misschien een path dingetje. Nu eerst zelf even sh update-rooted.sh -o gegeven en daarna het script gestart.

Zoals aangegeven wordt de cron niet geinstalleerd.
Unknown package 'cron'.
Collected errors:
* opkg_install_cmd: Cannot install package cron.

Thanks, oepi loepi, for the confirmation I will look for a nonCron solution. In that case update-rooted.sh is't needed anymore, so that problem will be solved 'automatically'. Maybe next week or so.

I made a minor update to my script on github. It appeared that the crontab in toon 1 does not support 'after boot' tasks. Now the script reloads its settings once a day,. That prevents the problem of losing contact after an automatic update of Toon.
Note: script works for Toon1 only!