Synpse is an end-to-end platform to manage your device fleet that can grow to hundreds of thousands of devices,
perform OTA software updates, collect metrics, logs, deploy your containerized applications and facilitate tunnel-based
SSH access to any of your device. You can find a
Quick Start here
One of the challenges of running an application at the edge is to be able to access it the same way as any other application running in the normal hosting environments. In this blog post we will show you how to use DDNS client with [DuckDNS]https://www.duckdns.org/) to expose your application to the outside world! Let’s get started!
Important: This will not work if your devices are not able to be accessed via an external IP address.
For this to work you might need to configure your router with a port forwarding. Which is out of scope for this blog post.
Synpse for hosting and running applications anywhere
DDNS for managing DNS records for multiple DNS providers
We could stop here, as this shows already how to expose an application.
But we will do one more step, add TLS certificate.
For this, we will add “Let’s Encrypt” container to the mix and we will use CertBot
###Let’s Encrypt with DuckDNS
Let’s create a configuration for “CertBot” (same credentials as in DDNS). We gonna use them from the script, because all script is treated as a secret in Synpse.
This script will renew the certificate on a periodic basis as certbot is not able to run as a daemon, which is required for containers:
# Small hack script to renew "Let's Encrypt" certs each week# Once deployed in production remove --test-cert flag to generate valid certificate# doing development without this flag will get you banned from Lets Encrypt very fast!
pip install certbot_dns_duckdns
while[ : ]doecho"Renewing Let's Encrypt certs"
certbot certonly -v \
--preferred-challenges dns \
--authenticator dns-duckdns \
--email [email protected]\
--dns-duckdns-token 68466070-xxxx-xxxx-xxx-xxxxxxxxxx \
echo"Sleeping for 7d"
This stack now gives us a device at the edge, with TLS certificates from “Let’s Encrypt” with dynamic refresh and dynamic DNS updates for “DuckDNS”!
This can be used for any other applications like “Drone”, “Prometheus”, “Grafana”.
We will use this pattern in the future to show how you can deploy other applications!
In the next blog post we will show how you can use similar stack to expose application with your owned customer domain!
If you have any questions or suggestions, feel free to start a new discussion in our forum or drop us a line on Discord