If you're logged in, the link just redirects to the dashboard homepage. Since users will typically still be logged in when the email arrives (they just clicked the change password button from inside the dashboard), they'll need to logout first.
Either a "log out first" line in the email, or having the link end the current session before serving the reset page, would smooth this over.
I am not an expert in the domain of DDNS. Wanted to bring your attention to desec.io, in case you didn't knew about them. They offer a similar feature set like you mentioned (IPv6, DNSSEC, BYOD, ...). It is an open source project and they offer a very reliable free hosted service. As you said, they originated from the 2010-era (2014). I've used them for several years now and they bring everything to the table that I need.
For inspiration: They even have a feature that I use which I haven't spotted in your documentation (but maybe I just didn't looked close enough): Support for IPv6 prefix delegation. Routers that get assigned an IPv6 prefix from the ISP, can update the IPv6 prefix of arbitrary domains. In Europe this prefix is not static and rotated each time a new connection to the ISP is established. This feature allows the router to automatically update the IPv6 _prefix_ of selected domains. The host part of the IP is left untouched, but the network part is updated.
e.g.: /update?myipv6:nas.home.mydomain.tld=2003:e6:bee:affe::/56
And really, dynip came to be from fortinet/fortigate that have excellent support via their genericDDNS setup and things keep of of grew from there to what you see today.
And the subnet ipv6 sounds really interesting. Will need to check that out, sounds like that could be a feature request
i really had a bad time trying to get a letsencrypt certificate through the regular auth because it does require ports 80 and 443 tcp that by ISP blocks.
(you can get a letsencrypt cert through a TXT entry too, but most free DDNS´s providers dont seem to offer that)
Which was a bit confusing when I clicked the confirm-your-email link. No confirmation or status or anything.
Nameserver [ns1.dynip.dev] doesn't exist at the registry (Code 480)
Also, is there anycasting?
right now there is no anycast available, possible in the future
I still can not figure out any economical way to roll out anycast.
How did you set up PowerDNS? Single/multiple instances? One DB shared by many or multiple authoritative with one hidden primary?
if you register a zone and open the snippets quickly, there is a green notification saying tsig replication underway for x amount of seconds and until that happens RFC 2136 updates are not possible but the ones that use api are available right off the bat.
Doesn't that cause security issues by making it possible to put other people's private servers (that you want to do XSS-type attacks against) into your domains or something? I have a vague memory of it being a security no-no somehow.
The defense against this has to happen either on the resource you want to protect or in the browser.
< is there anything else you would like me to answer or is that good enough - GenericAI answer>
But jokes aside, words are difficult and also not my first language
Just more hidden cost of AI.. it's sufficiently hard to avoid these kinds of structural smells that I've gone back to just writing my own copy everywhere.
I just used the em dash twice, and have been doing so for 35 years. This is now supposedly a dead give-away for slop.
Call it slop when it's slop. When it's not total garbage, give it a rest.
Nice work, good luck.
The website is also vibecoded; at least partially - it has the exact same design choices like that purpleish blue colour scheme that Claude likes to spit out by default.