DIY Dynamic DNS with Cloudflare -


I have a server in my home which I would like to be able to ssh to from anywhere, but since I am on a residential internet plan, my ISP is allowed to change my public IP address at will.One option would be to use the dynamic DNS that is baked into my TP Link router. I had used www.noip.com, but their yearly cost at time of writing is $25 per year. I already own a domain name, aasifversi.com, and I am able to write code, there must be a DNS provider that has a usable API. As I was searching I found that Cloudflare had great documentation for their API and “at-cost” pricing for renewals, so I transfered my dns from Hover to Cloudflare. Transferring to Cloudflare meant that I could not only reduce my costs for owning a domain, but also set up my own dynamic DNS.


  1. Create a Cloudflare API token with the permissions that are described here by Lexicon, using the Cloudflare instruction here
  2. Clone cloudflare-dns-updater
  3. Create a .env file in the in the root directory of the cloned repo and insert a single line with LEXICON_CLOUDFLARE_AUTH_TOKEN=<Token from Cloudflare>
  4. Install all the dependencies
     python3 -m pipenv install
  5. Test maunally by running the following command:
     python3 -m pipenv run python cloudflare-dns-updater.py --domain example.com --subdomain test
  6. Run the following command, update the domain and subdomain
     echo "cd ${PWD} && python3 -m pipenv run python cloudflare-dns-updater.py --domain example.com --subdomain test"
  7. Run crontab -e and add the following, which will update our DNS every 10 minutes:
     */10 * * * * <output from previous step>
  8. If you would like to se the output of the cron jobs you can install postfix and take a look at /var/mail/${USER}.
  9. After some time (about 30 minutes) has passed confirm that the DNS entry has been updated by running dig test.example.com


The script that is run every 10 minutes will use an api provided by ipify.org, to get the current IP address of the host, then compare with a “cache” file to see if the IP address has been changed, before making an API call to Cloudflare through Lexicon, to update the DNS entry. Lexicon is useful becuse it allows you to use the same API for any DNS provider, meaning you could theoretically use the same script, with a different .env file for any provider.