PowerDNS + PowerDNS-Admin

Posted weavepub

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了PowerDNS + PowerDNS-Admin相关的知识,希望对你有一定的参考价值。

一、基础配置

1.1 环境说明

Centos 7.5.1804
PDNS 4.1.1
MariaDB 5.5.6

1.2 关闭防火墙和 selinux

setenforce 0
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config
systemctl stop firewalld.service && systemctl disable firewalld.service
firewall-cmd --state

 

二、 安装 MariaDB

2.1 安装 MariaDB

默认安装的版本为5.5

yum install -y epel-release yum-plugin-priorities
yum install -y mariadb-server mariadb
systemctl enable mariadb.service
systemctl start mariadb.service

2.2 设置密码

mysql_secure_installation
回车,
y, #设置root密码
root密码,
重复root密码,
y, #删除匿名登入
n, #运行root远程登入
y, #删除test库
y #刷新权限

2.3 设置字符集

vim /etc/my.cnf

[mysqld]
init_connect=SET collation_connection = utf8_unicode_ci
init_connect=SET NAMES utf8
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
vim /etc/my.cnf.d/client.cnf

[client]
default-character-set=utf8
vim /etc/my.cnf.d/mysql-clients.cnf

[mysql]
default-character-set=utf8

2.4 重启 MariaDB

systemctl restart mariadb.service

再次登录 MariaDB,查看字符集,发现已是 utf8 了。

show variables like "%character%";show variables like "%collation%";

 

三、安装 PowerDNS

3.1 安装 PowerDNS

yum install -y pdns pdns-backend-mysql

PowerDNS 的配置文件位于 /etc/pdns/pdns.conf

3.2 新建数据库

mysql -uroot -p
CREATE DATABASE powerdns;
GRANT ALL ON powerdns.* TO powerdns@localhost IDENTIFIED BY powerdns;
FLUSH PRIVILEGES;

3.3 创建数据库表

use powerdns;

CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT DEFAULT NULL,
  account               VARCHAR(40) DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE UNIQUE INDEX name_index ON domains(name);

CREATE TABLE records (
  id                    BIGINT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  change_date           INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX recordorder ON records (domain_id, ordername);

CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) NOT NULL,
  PRIMARY KEY (ip, nameserver)
) Engine=InnoDB;

CREATE TABLE comments (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  name                  VARCHAR(255) NOT NULL,
  type                  VARCHAR(10) NOT NULL,
  modified_at           INT NOT NULL,
  account               VARCHAR(40) NOT NULL,
  comment               VARCHAR(64000) NOT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE INDEX comments_domain_id_idx ON comments (domain_id);
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);

CREATE TABLE domainmetadata (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  kind                  VARCHAR(32),
  content               TEXT,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);

CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  content               TEXT,
  PRIMARY KEY(id)
) Engine=InnoDB;

CREATE INDEX domainidindex ON cryptokeys(domain_id);

CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

flush privileges;
show databases;
show tables;

3.4 配置PowerDNS

cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak
vim /etc/pdns/pdns.conf

# backend 
launch=gmysql
gmysql-host=localhost
gmysql-port=3306
gmysql-dbname=powerdns
gmysql-user=powerdns
gmysql-password=powerdns

# pdns API
webserver=yes
webserver-address=0.0.0.0
webserver-allow-from=0.0.0.0/0
webserver-port=8081
api=yes
api-key=wmqpdns
api-logfile=/var/log/pdns-api.log

3.5 开机启动

systemctl enable pdns.service
systemctl start pdns.service
systemctl status pdns.service

查看8081、53两个端口

netstat -tulnp|grep pdns_server

tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 9712/pdns_server 
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 9712/pdns_server 
tcp6 0 0 :::53 :::* LISTEN 9712/pdns_server 
udp 0 0 0.0.0.0:53 0.0.0.0:* 9712/pdns_server 
udp6 0 0 :::53 :::* 9712/pdns_server

 

四、安装PowerDNS-Admin

4.1 安装python3.6 + pip

yum install -y epel-release
yum install -y https://centos7.iuscommunity.org/ius-release.rpm
yum install -y python36u python36u-devel python36u-pip
pip3.6 install -U pip
pip install -U virtualenv
rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3

4.2 安装构建python库所需包

use default Centos mariadb (5.5)

yum install -y gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel

4.3 安装 Nodejs 10

curl -sL https://rpm.nodesource.com/setup_10.x | bash -
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
yum install yarn

4.4 创建python3 virtualenv环境

git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
virtualenv -p python3 flask

激活 python3 环境并安装python库(后续操作都是基于python3 环境下操作

. ./flask/bin/activate
pip install python-dotenv
pip install -r requirements.txt

4.5 创建数据库

mysql -u root -p
CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON powerdnsadmin.* TO pdnsadminuser@% IDENTIFIED BY p4ssw0rd;
FLUSH PRIVILEGES;

4.6 配置 config.py

cp config_template.py config.py
vim config.py

BIND_ADDRESS = 0.0.0.0
# 配置数据库连接信息,库/用户/密码是之前手动创建的,不是pdns数据库
SQLA_DB_USER = pdnsadminuser
SQLA_DB_PASSWORD = p4ssw0rd
SQLA_DB_HOST = localhost
SQLA_DB_NAME = powerdnsadmin
# 取消注释
# DATABASE - MySQL
SQLALCHEMY_DATABASE_URI = mysql://+SQLA_DB_USER+:+SQLA_DB_PASSWORD+@+SQLA_DB_HOST+:+str(SQLA_DB_PORT)+/+SQLA_DB_NAME
# 注释sqlite
# DATABASE - SQLite
# SQLALCHEMY_DATABASE_URI = sqlite:/// + os.path.join(basedir, pdns.db)

# pds api
PDNS_STATS_URL = http://127.0.0.1:8081/
# pdns的api密码
PDNS_API_KEY = wmqpdns

4.7 创建表并创建资产文件

#创建表
export FLASK_APP=app/__init__.py flask db upgrade
#创建资产文件
yarn install --pure-lockfile flask assets build

4.8 启动

./run.py

访问PowerDNS-Admin Web界面:http://192.168.159.128:9191

1、先注册用户,第一个用户将处于管理员角色。

2、第一次登录时,将被重定向到设置页面以配置PDNS API信息。

PDNS API URL:http://192.168.159.128:8081
PDNS API KEY:wmqpdns

 

五、配置 systemd 服务和 nginx

5.1 配置systemd服务

使用systemd管理PowerDNS-Admin

vim /usr/lib/systemd/system/powerdns-admin.service
[Unit] Description
=PowerDNS-Admin After=network.target [Service] User=root Group=root WorkingDirectory=/opt/web/powerdns-admin ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app [Install] WantedBy=multi-user.target

启动Powerdns-Admin服务并将其设置为在启动时启动:

systemctl daemon-reload
systemctl start powerdns-admin
systemctl enable powerdns-admin

可以运行systemctl status powerdns-admin命令确认状态是否正在运行,没问题的话会返回相关的成功信息。

systemctl status powerdns-admin

● powerdns-admin.service - PowerDNS-Admin
   Loaded: loaded (/usr/lib/systemd/system/powerdns-admin.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2019-07-09 01:30:54 CST; 5s ago
 Main PID: 10870 (gunicorn)
   CGroup: /system.slice/powerdns-admin.service
           ├─10870 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app
           ├─10873 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app
           └─10874 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app

Jul 09 01:30:54 centos7.5 systemd[1]: Started PowerDNS-Admin.
Jul 09 01:30:54 centos7.5 systemd[1]: Starting PowerDNS-Admin...
Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10870] [INFO] Starting gunicorn 19.7.1
Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10870] [INFO] Listening at: unix:/opt/web/powerdns-admin/powerdns-admin.sock (10870)
Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10870] [INFO] Using worker: sync
Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10873] [INFO] Booting worker with pid: 10873
Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10874] [INFO] Booting worker with pid: 10874

5.2 安装nginx

yum install -y nginx

配置nginx

server 
  listen *:80;
  server_name               192.168.159.128;

  index                     index.html index.htm index.php;
  root                      /opt/web/powerdns-admin;
  access_log                /var/log/nginx/powerdns-admin.local.access.log combined;
  error_log                 /var/log/nginx/powerdns-admin.local.error.log;

  client_max_body_size              10m;
  client_body_buffer_size           128k;
  proxy_redirect                    off;
  proxy_connect_timeout             90;
  proxy_send_timeout                90;
  proxy_read_timeout                90;
  proxy_buffers                     32 4k;
  proxy_buffer_size                 8k;
  proxy_set_header                  Host $host;
  proxy_set_header                  X-Real-IP $remote_addr;
  proxy_set_header                  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_headers_hash_bucket_size    64;

  location ~ ^/static/  
    include  /etc/nginx/mime.types;
    root /opt/web/powerdns-admin/app;

    location ~*  \\.(jpg|jpeg|png|gif)$ 
      expires 365d;
    

    location ~* ^.+.(css|js)$ 
      expires 7d;
    
  

  location / 
    proxy_pass            http://unix:/opt/web/powerdns-admin/powerdns-admin.sock;
    proxy_read_timeout    120;
    proxy_connect_timeout 120;
    proxy_redirect        off;
  

启动nginx

nginx -t
systemctl restart nginx
systemctl enable nginx

浏览器访问 192.168.159.128 即可打开powerdns-admin登入页

技术图片

 

 

参考

官网仓库:https://github.com/ngoduykhanh/PowerDNS-Admin

官网安装 MariaDB wiki:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin

官网安装 PowerDNS-Admin wiki:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7

其他链接:https://windyboy.github.io/post/2017/10/setup-powerdns-authoritative-with-dnssec/

https://computingforgeeks.com/install-powerdns-and-powerdns-admin-on-ubuntu-18-04-debian-9-mariadb-backend/

 

以上是关于PowerDNS + PowerDNS-Admin的主要内容,如果未能解决你的问题,请参考以下文章

PowerDNS简单教程:管理篇

基于LAMP 搭建PowerDNS

实现web管理的powerdns

实现web管理的powerdns

powerdns

Centos7.4下部署PowerDNS的操作记录