Update multiple subdomains, useful for IPv6 where there is no NAT so each individual server publicly exposes their address instead of the router's, and you can't CNAME when another record (like AAAA) exists, so you end up with lots of duplicate A records. New configuration property string[] subdomains, backwards compatible with configuration using string subdomain. Added RuntimeUpgradeNotifier to restart the service if the .NET Runtime gets upgraded out from under the process before it crashes.

Author: Aldaviva

GandiDynamicDns/Configuration.cs

@@ -32,16 +32,26 @@ public string? gandiApiKey {
 
     public uint unanimity { get; init; } = 1;
 
-    private readonly string _subdomain = DOMAIN_ROOT;
-    public string subdomain {
-        get => _subdomain;
-        init => _subdomain = value.TrimEnd('.') is { Length: not 0 } s ? s : DOMAIN_ROOT;
+    public IList<string> subdomains { get; } = [];
+
+    [Obsolete($"Use {nameof(subdomains)} instead")]
+    public string? subdomain {
+        get => null;
+        set {
+            if (value is not null) {
+                subdomains.Add(value);
+            }
+        }
     }
 
-    public string fqdn => subdomain == DOMAIN_ROOT ? domain : $"{subdomain}.{domain}";
-
     public static bool isAuthTokenValid([NotNullWhen(true)] string? authToken) => authToken != null && validAuthTokenPattern().IsMatch(authToken);
 
+    public void sanitize() {
+        for (int i = 0; i < subdomains.Count; i++) {
+            subdomains[i] = subdomains[i].TrimEnd('.') is { Length: not 0 } s ? s : DOMAIN_ROOT;
+        }
+    }
+
     [GeneratedRegex("^[A-Za-z0-9]{24}|[a-f0-9]{40}$")]
     private static partial Regex validAuthTokenPattern();
 

GandiDynamicDns/DynamicDnsService.cs

@@ -23,6 +23,8 @@ public class DynamicDnsServiceImpl(ILiveDns liveDns, ISelfWanAddressClient stun,
 
     public IPAddress? selfWanAddress { get; private set; }
 
+    private readonly IDictionary<string, IPAddress?> initialRecordValues = new Dictionary<string, IPAddress?>(configuration.Value.subdomains.Count);
+
     private readonly EventLog? eventLog =
 #if WINDOWS
         new("Application") { Source = "GandiDynamicDns" };
@@ -32,18 +34,23 @@ public class DynamicDnsServiceImpl(ILiveDns liveDns, ISelfWanAddressClient stun,
 
     protected override async Task ExecuteAsync(CancellationToken ct) {
         try {
-            await Retrier.Attempt(
-                async _ => { // this retry is to handle the case where the service starts before the computer connects to the network on bootup, not where Gandi's API servers are down
-                    if ((await liveDns.Get(RecordType.A, configuration.Value.subdomain, ct))?.Values.First() is { } existingIpAddress) {
-                        try {
-                            selfWanAddress = IPAddress.Parse(existingIpAddress);
-                        } catch (FormatException) { }
-                    }
-                }, maxAttempts: null, delay: _ => TimeSpan.FromSeconds(3), ex => ex is not (OutOfMemoryException or GandiException { InnerException: ClientErrorException }),
-                beforeRetry: async (i, e) =>
-                    logger.LogWarning("Failed to fetch existing DNS record from Gandi HTTP API server, retrying (attempt {attempt}): {message}", i + 2, e.MessageChain()), ct);
-
-            logger.LogInformation("On startup, the {fqdn} DNS A record is pointing to {address}", configuration.Value.fqdn, selfWanAddress?.ToString() ?? "(nothing)");
+            foreach (string subdomain in configuration.Value.subdomains) {
+                // this retry is to handle the case where the service starts before the computer connects to the network on bootup, not where Gandi's API servers are down
+                await Retrier.Attempt(async _ => {
+                        IPAddress? initialRecordValue = null;
+                        if ((await liveDns.Get(RecordType.A, subdomain, ct))?.Values.First() is { } existingIpAddress) {
+                            try {
+                                initialRecordValue = IPAddress.Parse(existingIpAddress);
+                            } catch (FormatException) { }
+                        }
+                        initialRecordValues[subdomain] = initialRecordValue;
+                    }, maxAttempts: null, delay: Retrier.Delays.Constant(TimeSpan.FromSeconds(3)), ex => ex is not (OutOfMemoryException or GandiException { InnerException: ClientErrorException }),
+                    beforeRetry: async (i, e) =>
+                        logger.LogWarning("Failed to fetch existing DNS record from Gandi HTTP API server, retrying (attempt {attempt}): {message}", i + 2, e.MessageChain()), ct);
+
+                logger.LogInformation("On startup, the {subdomain}.{domain} DNS A record is pointing to {address}", subdomain, configuration.Value.domain,
+                    initialRecordValues[subdomain]?.ToString() ?? "(nothing)");
+            }
 
             if (configuration.Value.updateInterval > ONE_SHOT_MODE) {
                 logger.LogInformation("Checking for public IP address changes every {period}", configuration.Value.updateInterval);
@@ -74,26 +81,35 @@ await Retrier.Attempt(
 
     private async Task updateDnsRecordIfNecessary(CancellationToken ct = default) {
         SelfWanAddressResponse originalResponse = await stun.GetSelfWanAddress(ct);
-        if (originalResponse.SelfWanAddress != null && !originalResponse.SelfWanAddress.Equals(selfWanAddress)) {
-            int unanimity = (int) Math.Max(1, configuration.Value.unanimity);
-            if (await getUnanimousAgreement(originalResponse, unanimity, ct)) {
-                logger.LogInformation(
-                    "This computer's public IP address changed from {old} to {new} according to {server} ({serverAddr}) and {extraServerCount:N0} other STUN servers, updating {fqdn} A record in DNS server",
-                    selfWanAddress, originalResponse.SelfWanAddress, originalResponse.Server.Host, originalResponse.ServerAddress.ToString(), unanimity - 1, configuration.Value.fqdn);
+        if (originalResponse.SelfWanAddress != null) {
+            bool updateRequired = selfWanAddress == null
+                ? initialRecordValues.Any(pair => !originalResponse.SelfWanAddress.Equals(pair.Value))
+                : !originalResponse.SelfWanAddress.Equals(selfWanAddress);
+            if (updateRequired) {
+                int unanimity = (int) Math.Max(1, configuration.Value.unanimity);
+                if (await getUnanimousAgreement(originalResponse, unanimity, ct)) {
+                    logger.LogInformation(
+                        "This computer's public IP address changed from {old} to {new} according to {server} ({serverAddr}) and {extraServerCount:N0} other STUN servers, updating {recordCount} A records in DNS server",
+                        selfWanAddress, originalResponse.SelfWanAddress, originalResponse.Server.Host, originalResponse.ServerAddress.ToString(), unanimity - 1, configuration.Value.subdomains.Count);
 #if WINDOWS
-                eventLog?.WriteEntry(
-                    $"This computer's public IP address changed from {selfWanAddress} to {originalResponse.SelfWanAddress}, according to {originalResponse.Server.Host} ({originalResponse.ServerAddress}) and {unanimity - 1:N0} others, updating {configuration.Value.fqdn} A record in DNS server",
-                    EventLogEntryType.Information, 1);
+                    eventLog?.WriteEntry(
+                        $"This computer's public IP address changed from {selfWanAddress} to {originalResponse.SelfWanAddress}, according to {originalResponse.Server.Host} ({originalResponse.ServerAddress}) and {unanimity - 1:N0} others, updating {configuration.Value.subdomains.Count} A records in DNS server",
+                        EventLogEntryType.Information, 1);
 #endif
 
-                selfWanAddress = originalResponse.SelfWanAddress;
-                await updateDnsRecord(originalResponse.SelfWanAddress, ct);
+                    selfWanAddress = originalResponse.SelfWanAddress;
+                    await updateDnsRecords(originalResponse.SelfWanAddress!, ct);
+                } else {
+                    logger.LogWarning("Not updating DNS A record because there was a disagreement among {serverCount:N0} STUN servers about our public IP address, leaving it set to {value}",
+                        unanimity, selfWanAddress);
+                }
             } else {
-                logger.LogWarning("Not updating DNS A record for {fqdn} because there was a disagreement among {serverCount:N0} STUN servers about our public IP address, leaving it set to {value}",
-                    configuration.Value.fqdn, unanimity, selfWanAddress);
+                selfWanAddress ??= originalResponse.SelfWanAddress;
+                logger.LogDebug("Not updating DNS A records because they are all already set to {value}", selfWanAddress);
             }
         } else {
-            logger.LogDebug("Not updating DNS A record for {fqdn} because it is already set to {value}", configuration.Value.fqdn, selfWanAddress);
+            logger.LogDebug("STUN request to {server} ({serverAddr}) did not return a public WAN IP address, will try again with a different server next time", originalResponse.Server.Host,
+                originalResponse.ServerAddress.ToString());
         }
     }
 
@@ -110,19 +126,21 @@ private async Task<bool> getUnanimousAgreement(SelfWanAddressResponse originalRe
         return extraResponses.All(extra => originalResponse.SelfWanAddress!.Equals(extra.SelfWanAddress));
     }
 
-    private async Task updateDnsRecord(IPAddress currentIPAddress, CancellationToken ct = default) {
-        if (!configuration.Value.dryRun) {
-            try {
-                await liveDns.Set(new DnsRecord(RecordType.A, configuration.Value.subdomain, configuration.Value.dnsRecordTimeToLive, [currentIPAddress.ToString()]), ct);
-            } catch (GandiException e) {
-                logger.LogError(e, "Failed to update DNS record for {fqdn} to {newAddr} due to DNS API server error", configuration.Value.fqdn, currentIPAddress);
-                if (e is GandiException.AuthException or { InnerException: ForbiddenException or NotAuthorizedException }) {
-                    throw;
+    private async Task updateDnsRecords(IPAddress currentIPAddress, CancellationToken ct = default) {
+        foreach (string subdomain in configuration.Value.subdomains) {
+            if (!configuration.Value.dryRun) {
+                try {
+                    await liveDns.Set(new DnsRecord(RecordType.A, subdomain, configuration.Value.dnsRecordTimeToLive, [currentIPAddress.ToString()]), ct);
+                } catch (GandiException e) {
+                    logger.LogError(e, "Failed to update DNS record for {subdomain}.{domain} to {newAddr} due to DNS API server error", subdomain, configuration.Value.domain, currentIPAddress);
+                    if (e is GandiException.AuthException or { InnerException: ForbiddenException or NotAuthorizedException }) {
+                        throw;
+                    }
                 }
+            } else {
+                logger.LogInformation("Dry run mode, not updating {subdomain}.{domain} to {newAddr}. To actually make DNS changes, change {dryRun} from true to false in appsettings.json.", subdomain,
+                    configuration.Value.domain, currentIPAddress, nameof(Configuration.dryRun));
             }
-        } else {
-            logger.LogInformation("Dry run mode, not updating {fqdn} to {newAddr}. To actually make DNS changes, change {dryRun} from true to false in appsettings.json.", configuration.Value.fqdn,
-                currentIPAddress, nameof(Configuration.dryRun));
         }
     }
 

GandiDynamicDns/GandiDynamicDns.csproj

@@ -2,13 +2,13 @@
 
     <PropertyGroup>
         <OutputType>Exe</OutputType>
-        <TargetFrameworks>net8.0;net8.0-windows</TargetFrameworks> <!-- Windows TFM is for Event Log -->
+        <TargetFrameworks>net8.0-windows;net8.0</TargetFrameworks> <!-- Windows TFM is for Event Log -->
         <RuntimeIdentifiers>win-x64;win-arm64;linux-x64;linux-arm;linux-arm64</RuntimeIdentifiers>
         <ImplicitUsings>enable</ImplicitUsings>
         <Nullable>enable</Nullable>
         <RollForward>latestMajor</RollForward>
         <NoWarn>$(NoWarn);8524;VSTHRD200</NoWarn>
-        <Version>0.4.1</Version>
+        <Version>0.5.0</Version>
         <Authors>Ben Hutchison</Authors>
         <Copyright>© 2025 $(Authors)</Copyright>
         <Company>$(Authors)</Company>
@@ -18,6 +18,7 @@
         <ApplicationManifest>app.manifest</ApplicationManifest>
         <!-- <PublishSingleFile>true</PublishSingleFile> -->
         <SelfContained>false</SelfContained>
+        <DebugType>embedded</DebugType>
     </PropertyGroup>
 
     <ItemGroup>
@@ -35,6 +36,7 @@
         <PackageReference Include="Unfucked" Version="0.0.1-beta.1" />
         <PackageReference Include="Unfucked.DI" Version="0.0.1-beta.1" />
         <PackageReference Include="Unfucked.STUN" Version="0.0.1-beta.1" />
+        <PackageReference Include="RuntimeUpgradeNotifier" Version="1.0.0-beta3" />
     </ItemGroup>
 
     <ItemGroup Condition="$(RuntimeIdentifier.StartsWith('win'))">

GandiDynamicDns/Program.cs

@@ -3,6 +3,8 @@
 using GandiDynamicDns;
 using GandiDynamicDns.Util;
 using Microsoft.Extensions.Options;
+using RuntimeUpgrade.Notifier;
+using RuntimeUpgrade.Notifier.Data;
 using System.Net.Http.Headers;
 using System.Reflection;
 using Unfucked;
@@ -29,6 +31,7 @@
     .AddSystemd()
     .AddWindowsService(WindowsService.configure)
     .Configure<Configuration>(appConfig.Configuration)
+    .PostConfigure<Configuration>(configuration => configuration.sanitize())
     .AddSingleton<HttpClient>(_ => new UnfuckedHttpClient {
         DefaultRequestHeaders = {
             UserAgent = {
@@ -44,4 +47,9 @@
 
 using IHost app = appConfig.Build();
 
+using RuntimeUpgradeNotifier upgradeNotifier = new() {
+    LoggerFactory   = app.Services.GetRequiredService<ILoggerFactory>(),
+    RestartStrategy = RestartStrategy.AutoRestartService
+};
+
 await app.RunAsync();

GandiDynamicDns/appsettings.json

@@ -1,7 +1,7 @@
 {
 	"gandiAuthToken": "<Generate a Personal Access Token on https://admin.gandi.net/organizations/account, or use an API Key>",
 	"domain": "example.com",
-	"subdomain": "www",
+	"subdomains": ["www"],
 	"updateInterval": "0.0:05:00",
 	"dnsRecordTimeToLive": "0.0:05:00",
 	"dryRun": false,
@@ -10,5 +10,13 @@
 		"stun.bergophor.de",
 		"stun.usfamily.net",
 		"stun.finsterwalder.com"
-	]
+	],
+	"logging": {
+		"LogLevel": {
+			"Default": "Information",
+			"Program": "Information",
+			"GandiDynamicDns": "Information",
+			"RuntimeUpgrade.Notifier": "Debug"
+		}
+	}
 }