PowerDNS + PowerDNS-Admin
Posted weavepub
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了PowerDNS + PowerDNS-Admin相关的知识,希望对你有一定的参考价值。
一、基础配置
1.1 环境说明
Centos 7.5.1804 PDNS 4.1.1 MariaDB 5.5.6
1.2 关闭防火墙和 selinux
setenforce 0 sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config systemctl stop firewalld.service && systemctl disable firewalld.service firewall-cmd --state
二、 安装 MariaDB
2.1 安装 MariaDB
默认安装的版本为5.5
yum install -y epel-release yum-plugin-priorities yum install -y mariadb-server mariadb systemctl enable mariadb.service systemctl start mariadb.service
2.2 设置密码
mysql_secure_installation
回车,
y, #设置root密码
root密码,
重复root密码,
y, #删除匿名登入
n, #运行root远程登入
y, #删除test库
y #刷新权限
2.3 设置字符集
vim /etc/my.cnf [mysqld] init_connect=‘SET collation_connection = utf8_unicode_ci‘ init_connect=‘SET NAMES utf8‘ character-set-server=utf8 collation-server=utf8_unicode_ci skip-character-set-client-handshake
vim /etc/my.cnf.d/client.cnf [client] default-character-set=utf8
vim /etc/my.cnf.d/mysql-clients.cnf [mysql] default-character-set=utf8
2.4 重启 MariaDB
systemctl restart mariadb.service
再次登录 MariaDB,查看字符集,发现已是 utf8 了。
show variables like "%character%";show variables like "%collation%";
三、安装 PowerDNS
3.1 安装 PowerDNS
yum install -y pdns pdns-backend-mysql
PowerDNS 的配置文件位于 /etc/pdns/pdns.conf
3.2 新建数据库
mysql -uroot -p CREATE DATABASE powerdns; GRANT ALL ON powerdns.* TO ‘powerdns‘@‘localhost‘ IDENTIFIED BY ‘powerdns‘; FLUSH PRIVILEGES;
3.3 创建数据库表
use powerdns; CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT DEFAULT NULL, account VARCHAR(40) DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX recordorder ON records (domain_id, ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB; CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) NOT NULL, comment VARCHAR(64000) NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX comments_domain_id_idx ON comments (domain_id); CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB; CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); flush privileges; show databases; show tables;
3.4 配置PowerDNS
cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak
vim /etc/pdns/pdns.conf # backend launch=gmysql gmysql-host=localhost gmysql-port=3306 gmysql-dbname=powerdns gmysql-user=powerdns gmysql-password=powerdns # pdns API webserver=yes webserver-address=0.0.0.0 webserver-allow-from=0.0.0.0/0 webserver-port=8081 api=yes api-key=wmqpdns api-logfile=/var/log/pdns-api.log
3.5 开机启动
systemctl enable pdns.service
systemctl start pdns.service
systemctl status pdns.service
查看8081、53两个端口
netstat -tulnp|grep pdns_server tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 9712/pdns_server tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 9712/pdns_server tcp6 0 0 :::53 :::* LISTEN 9712/pdns_server udp 0 0 0.0.0.0:53 0.0.0.0:* 9712/pdns_server udp6 0 0 :::53 :::* 9712/pdns_server
四、安装PowerDNS-Admin
4.1 安装python3.6 + pip
yum install -y epel-release yum install -y https://centos7.iuscommunity.org/ius-release.rpm yum install -y python36u python36u-devel python36u-pip pip3.6 install -U pip pip install -U virtualenv rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
4.2 安装构建python库所需包
use default Centos mariadb (5.5)
yum install -y gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
4.3 安装 Nodejs 10
curl -sL https://rpm.nodesource.com/setup_10.x | bash - curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo yum install yarn
4.4 创建python3 virtualenv环境
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin cd /opt/web/powerdns-admin virtualenv -p python3 flask
激活 python3 环境并安装python库(后续操作都是基于python3 环境下操作)
. ./flask/bin/activate pip install python-dotenv pip install -r requirements.txt
4.5 创建数据库
mysql -u root -p CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci; GRANT ALL PRIVILEGES ON powerdnsadmin.* TO ‘pdnsadminuser‘@‘%‘ IDENTIFIED BY ‘p4ssw0rd‘; FLUSH PRIVILEGES;
4.6 配置 config.py
cp config_template.py config.py
vim config.py BIND_ADDRESS = ‘0.0.0.0‘ # 配置数据库连接信息,库/用户/密码是之前手动创建的,不是pdns数据库 SQLA_DB_USER = ‘pdnsadminuser‘ SQLA_DB_PASSWORD = ‘p4ssw0rd‘ SQLA_DB_HOST = ‘localhost‘ SQLA_DB_NAME = ‘powerdnsadmin‘ # 取消注释 # DATABASE - MySQL SQLALCHEMY_DATABASE_URI = ‘mysql://‘+SQLA_DB_USER+‘:‘+SQLA_DB_PASSWORD+‘@‘+SQLA_DB_HOST+‘:‘+str(SQLA_DB_PORT)+‘/‘+SQLA_DB_NAME # 注释sqlite # DATABASE - SQLite # SQLALCHEMY_DATABASE_URI = ‘sqlite:///‘ + os.path.join(basedir, ‘pdns.db‘) # pds api PDNS_STATS_URL = ‘http://127.0.0.1:8081/‘ # pdns的api密码 PDNS_API_KEY = ‘wmqpdns‘
4.7 创建表并创建资产文件
#创建表
export FLASK_APP=app/__init__.py flask db upgrade
#创建资产文件
yarn install --pure-lockfile flask assets build
4.8 启动
./run.py
访问PowerDNS-Admin Web界面:http://192.168.159.128:9191
1、先注册用户,第一个用户将处于管理员角色。
2、第一次登录时,将被重定向到设置页面以配置PDNS API信息。
PDNS API URL:http://192.168.159.128:8081 PDNS API KEY:wmqpdns
五、配置 systemd 服务和 nginx
5.1 配置systemd服务
使用systemd管理PowerDNS-Admin
vim /usr/lib/systemd/system/powerdns-admin.service
[Unit] Description=PowerDNS-Admin After=network.target [Service] User=root Group=root WorkingDirectory=/opt/web/powerdns-admin ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app [Install] WantedBy=multi-user.target
启动Powerdns-Admin服务并将其设置为在启动时启动:
systemctl daemon-reload systemctl start powerdns-admin systemctl enable powerdns-admin
可以运行systemctl status powerdns-admin命令确认状态是否正在运行,没问题的话会返回相关的成功信息。
systemctl status powerdns-admin ● powerdns-admin.service - PowerDNS-Admin Loaded: loaded (/usr/lib/systemd/system/powerdns-admin.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2019-07-09 01:30:54 CST; 5s ago Main PID: 10870 (gunicorn) CGroup: /system.slice/powerdns-admin.service ├─10870 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app ├─10873 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app └─10874 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app Jul 09 01:30:54 centos7.5 systemd[1]: Started PowerDNS-Admin. Jul 09 01:30:54 centos7.5 systemd[1]: Starting PowerDNS-Admin... Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10870] [INFO] Starting gunicorn 19.7.1 Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10870] [INFO] Listening at: unix:/opt/web/powerdns-admin/powerdns-admin.sock (10870) Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10870] [INFO] Using worker: sync Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10873] [INFO] Booting worker with pid: 10873 Jul 09 01:30:55 centos7.5 gunicorn[10870]: [2019-07-09 01:30:55 +0800] [10874] [INFO] Booting worker with pid: 10874
5.2 安装nginx
yum install -y nginx
配置nginx
server listen *:80; server_name 192.168.159.128; index index.html index.htm index.php; root /opt/web/powerdns-admin; access_log /var/log/nginx/powerdns-admin.local.access.log combined; error_log /var/log/nginx/powerdns-admin.local.error.log; client_max_body_size 10m; client_body_buffer_size 128k; proxy_redirect off; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffers 32 4k; proxy_buffer_size 8k; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_headers_hash_bucket_size 64; location ~ ^/static/ include /etc/nginx/mime.types; root /opt/web/powerdns-admin/app; location ~* \\.(jpg|jpeg|png|gif)$ expires 365d; location ~* ^.+.(css|js)$ expires 7d; location / proxy_pass http://unix:/opt/web/powerdns-admin/powerdns-admin.sock; proxy_read_timeout 120; proxy_connect_timeout 120; proxy_redirect off;
启动nginx
nginx -t
systemctl restart nginx
systemctl enable nginx
浏览器访问 192.168.159.128 即可打开powerdns-admin登入页
参考
官网仓库:https://github.com/ngoduykhanh/PowerDNS-Admin
官网安装 MariaDB wiki:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Prepare-MySQL-or-MariaDB-Database-for-PowerDNS-Admin
官网安装 PowerDNS-Admin wiki:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
其他链接:https://windyboy.github.io/post/2017/10/setup-powerdns-authoritative-with-dnssec/
以上是关于PowerDNS + PowerDNS-Admin的主要内容,如果未能解决你的问题,请参考以下文章