用Mariadb后端安装Ubuntu 18.04/Debian 9上的PowerDNS和PowerDNS-admin
时间:2020-02-23 14:33:02 来源:igfitidea点击:
在本教程中,我们将在Ubuntu 18.04和Debian 9的Linux中介绍PowerDNS权威名称服务器和PowerDNS-Admin的安装。
PowerDNS是DNS服务器,用C ++编写并在GPL下获得许可。
它运行大多数Linux和所有其他UNIX衍生品。
在Ubuntu 18.04/Debian 9上安装PowerDNS
在本节中,我们将要安装和配置:MariaDB数据库服务器.POWERDNS服务
第1步:安装和配置MariaDB数据库服务器
我们需要安装PowerDNS将使用的数据库服务器存储区域文件。
请注意,我们还可以选择使用绑定等文本文件。
我们的首选数据库服务器是MariaDB。
在Ubuntu 18.04上安装MariaDB,检查
在Ubuntu 18.04和Centos 7上安装MariaDB 10.x
对于Debian 9/Debian使用:
如何在Debian 9/Debian 8上安装MariaDB 10.3
安装并运行数据库服务器后,继续在MariaDB中创建PowerDNS数据库和用户帐户。
$mysql -u root -p CREATE DATABASE powerdns;
接下来是创造 powerdns数据库用户和分配权限:
GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' \ IDENTIFIED BY 'strongpassword';
刷新权限以更新用户设置:
FLUSH PRIVILEGES;
切换到 powerdns数据库要创建表:
USE powerdns;
创建所需的表:
CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT UNSIGNED DEFAULT NULL, account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX ordername ON records (ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL, comment TEXT CHARACTER SET 'utf8' NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
我们可以确认表已创建:
MariaDB [powerdns]> show tables; +——————–+ | Tables_in_powerdns | +——————–+ | comments | | cryptokeys | | domainmetadata | | domains | | records | | supermasters | | tsigkeys | +——————–+ 7 rows in set (0.000 sec)
现在我们有一个数据库和一个空表。
PowerDNS现在应该能够使用它启动。
第2步:在Ubuntu 18.04/Debian 9上安装PowerDNS
Ubuntu 18.04附带系统D-Destwe,我们需要禁用,因为它绑定到端口53,它将与PowerDNS端口冲突。
运行以下命令以禁用已解析的服务:
sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved
此外,删除符号链接的resolv.conf文件
$ls -lh /etc/resolv.conf lrwxrwxrwx 1 root root 39 May 24 15:50 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf $sudo rm /etc/resolv.conf
然后创建新的rollev.conf文件。
sudo echo "nameserver 8.8.8.8" > /etc/resolv.conf
请注意,我们可以从官方APT存储库或者PowerDNS存储库安装PowerDNS。
要从APT存储库安装,请运行:
sudo apt-get update sudo apt-get install pdns-server pdns-backend-mysql
为Ubuntu 18.04添加官方PowerDNS存储库。
$cat /etc/apt/sources.list.d/pdns.list deb [arch=amd64] http://repo.powerdns.com/ubuntu bionic-auth-41 main
导入GPG密钥:
curl https://repo.powerdns.com/FD380FBB-pub.asc | sudo apt-key add
更新包列表并安装PowerDNS包(PDNS-Server)和MySQL后端(PDNS-Backend-MySQL)。
sudo apt-get update sudo apt-get install pdns-server pdns-backend-mysql
对于Debian 9,请从APT存储库安装软件包,而无需添加新的repo:
sudo apt-get update sudo apt-get install pdns-server pdns-backend-mysql
当询问是否使用dbconfig-common配置PowerDNS数据库时,答案否
配置PowerDNS以使用MySQL后端:
以下是PowerDNS的MySQL配置:
# cat /etc/powerdns/pdns.d/pdns.local.gmysql.conf # MySQL Configuration # Launch gmysql backend launch+=gmysql # gmysql parameters gmysql-host=localhost gmysql-port=3306 gmysql-dbname=powerdns gmysql-user=powerdns gmysql-password=strongpassword gmysql-dnssec=yes # gmysql-socket=
重新启动PDNS服务
sudo systemctl restart pdns
我们现在可以测试PowerDNS以确认该服务在线:
# netstat -tap | grep pdns tcp 0 0 0.0.0.0:domain 0.0.0.0:* LISTEN 31719/pdns_server tcp6 0 0 [::]:domain [::]:* LISTEN 31719/pdns_server
检查PowerDNS服务是否正确响应:
# dig @127.0.0.1 ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @127.0.0.1 ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 65465 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1680 ;; QUESTION SECTION: ;. IN NS ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Aug 10 15:57:10 UTC 2016 ;; MSG SIZE rcvd: 28
在Ubuntu 18.04安装PowerDNS - 管理/Debian的9
PowerDNS-Admin是具有以下先进功能PowerDNS Web界面:多域managementDomain templateUser managementUser访问管理基于domainUser活动loggingLocal DB/LDAP/Active Directory的用户authenticationSupport SAML authenticationGoogle的OAuth authenticationGithub的OAuth authenticationSupport双因素身份验证(TOTP)仪表板和PDNS Service StatisticDyndns 2协议支持IPv6 PTR直接使用IPv6地址(没有更多的文字地址编辑!)
安装Python 3开发包
sudo apt-get install python3-dev
安装从Resiges.txt文件构建Python库的所需软件包
sudo apt-get install -y libmysqlclient-dev python-mysqldb libsasl2-dev libffi-dev \ libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev pkg-config
安装yarn以构建资产文件:
sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add sudo echo "deb https://dl.yarnpkg.com/debian/stable main" > /etc/apt/sources.list.d/yarn.list sudo apt-get update sudo apt-get install yarn
结帐源代码并创建virtualenv:
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin cd /opt/web/powerdns-admin virtualenv -p python3 flask
Already using interpreter /usr/bin/python3 Using base prefix '/usr' New python executable in /opt/web/powerdns-admin/flask/bin/python3 Also creating executable in /opt/web/powerdns-admin/flask/bin/python Installing setuptools, pkg_resources, pip, wheel...done.
激活Python3环境并安装库:
. ./flask/bin/activate pip install -r requirements.txt
创建和配置数据库:
$mysql -u root -p CREATE DATABASE powerdnsadmin; GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' \ IDENTIFIED BY 'strongpassword'; FLUSH PRIVILEGES; quit
在运行PowerDNS-Admin之前,请确保我们提供Config.py。
让我们从模板中创建一个:
cp config_template.py config.py
编辑文件
vim config.py
这些是必需的配置:DB Connection InformationPnds API服务端点和API KeyPort号码UNDBIND地址
注释出 SQLite SQLALCHEMY_DATABASE_URI线路和取消注释mysql一个:
# DATABASE CONFIG #You'll need MySQL-python SQLA_DB_USER = 'powerdns' SQLA_DB_PASSWORD = 'strongpassword' SQLA_DB_HOST = 'localhost' SQLA_DB_NAME = 'powerdns' #MySQL SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'\ +SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+'/'+SQLA_DB_NAME #SQLite #SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
见下面的屏幕截图:
一旦Config.py已准备就绪。
通过运行命令创建数据库架构:
(flask) $export FLASK_APP=app/__init__.py (flask)$flask db upgrade INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> 787bdba9e147, Init DB
然后运行 db migrate:
(flask)$flask db migrate -m "Init DB" INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.autogenerate.compare] Detected removed index 'domainidindex' on 'cryptokeys' INFO [alembic.autogenerate.compare] Detected removed table 'cryptokeys' INFO [alembic.autogenerate.compare] Detected removed index 'namealgoindex' on 'tsigkeys' INFO [alembic.autogenerate.compare] Detected removed table 'tsigkeys' INFO [alembic.autogenerate.compare] Detected removed table 'supermasters' INFO [alembic.autogenerate.compare] Detected removed index 'nametype_index' on 'records' INFO [alembic.autogenerate.compare] Detected removed table 'records' INFO [alembic.autogenerate.compare] Detected removed index 'domainmetadata_idx' on 'domainmetadata' INFO [alembic.autogenerate.compare] Detected removed table 'domainmetadata' INFO [alembic.autogenerate.compare] Detected removed index 'name_index' on 'domains' INFO [alembic.autogenerate.compare] Detected removed table 'domains' INFO [alembic.autogenerate.compare] Detected removed index 'comments_name_type_idx' on 'comments' INFO [alembic.autogenerate.compare] Detected removed index 'comments_order_idx' on 'comments' INFO [alembic.autogenerate.compare] Detected removed table 'comments' Generating /opt/web/powerdns admin/migrations/versions/42ca771ac430_init_db.py ... done
使用纱线生成资产文件:
(flask)$yarn install --pure-lockfile yarn install v1.9.4 [1/4] Resolving packages... [2/4] Fetching packages... [3/4] Linking dependencies... [4/4] Building fresh packages... Done in 14.59s. (flask)$flask assets build Building bundle: generated/login.js [INFO] Building bundle: generated/login.js Building bundle: generated/login.css [INFO] Building bundle: generated/login.css Building bundle: generated/main.js [INFO] Building bundle: generated/main.js Building bundle: generated/main.css [INFO] Building bundle: generated/main.css
测试PowerDNS-Admin运行正常:
(flask)$./run.py [INFO] * Running on http://127.0.0.1:9191/(Press CTRL+C to quit) [INFO] * Restarting with stat [WARNING] * Debugger is active! [INFO] * Debugger PIN: 466-405-858
配置Systemd服务和nginx
我们将使用SystemD管理PowerDNS-Admin。
创建如下所示的服务单元文件:
$sudo vim /etc/systemd/system/powerdns-admin.service [Unit] Description=PowerDNS-Admin After=network.target [Service] User=root Group=root WorkingDirectory=/opt/web/powerdns-admin ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app [Install] WantedBy=multi-user.target
启动PowerDNS-Admin Service并将其设置为启动启动:
sudo systemctl daemon-reload sudo systemctl start powerdns-admin sudo systemctl enable powerdns-admin
确认状态正在运行状态:
# systemctl status powerdns-admin
● powerdns-admin.service - PowerDNS-Admin
Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2016-08-10 16:45:16 UTC; 22s ago
Main PID: 10405 (gunicorn)
Tasks: 3 (limit: 1152)
CGroup: /system.slice/powerdns-admin.service
├─10405 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn –workers 2 –bind unix:/opt/web/powerdns-admi
├─10427 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn –workers 2 –bind unix:/opt/web/powerdns-admi
└─10428 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn –workers 2 –bind unix:/opt/web/powerdns-admi
Aug 10 16:45:16 ubuntu-01 systemd[1]: Started PowerDNS-Admin.
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2016-08-10 16:45:17 +0000] [10405] [INFO] Starting gunicorn 19.7.1
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2016-08-10 16:45:17 +0000] [10405] [INFO] Listening at: unix:/opt/web/powerdns-admin/powerdns-admin.sock (
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2016-08-10 16:45:17 +0000] [10405] [INFO] Using worker: sync
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2016-08-10 16:45:17 +0000] [10427] [INFO] Booting worker with pid: 10427
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2016-08-10 16:45:17 +0000] [10428] [INFO] Booting worker with pid: 10428
安装和配置nginx for powerdns-admin
安装nginx使用:
sudo apt-get install nginx
配置nginx.
sudo vim /etc/nginx/conf.d/powerdns-admin.conf
添加如下内容:
server {
listen *:80;
server_name powerdns-admin.example.com www.powerdns-admin.example.com;
index index.html index.htm index.php;
root /opt/web/powerdns-admin;
access_log /var/log/nginx/powerdns-admin.local.access.log combined;
error_log /var/log/nginx/powerdns-admin.local.error.log;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_redirect off;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
proxy_buffer_size 8k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_headers_hash_bucket_size 64;
location ~ ^/static/ {
include /etc/nginx/mime.types;
root /opt/web/powerdns-admin/app;
location ~* \.(jpg|jpeg|png|gif)${
expires 365d;
}
location ~* ^.+.(css|js)${
expires 7d;
}
}
location/{
proxy_pass http://unix:/opt/web/powerdns-admin/powerdns-admin.sock;
proxy_read_timeout 120;
proxy_connect_timeout 120;
proxy_redirect off;
}
}
检查nginx语法然后重新启动nginx服务:
# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful # systemctl restart nginx
访问PowerDNS-Admin Web界面。
http://powerdns-admin.example.com/
单击"创建帐户"按钮并注册用户。
第一个用户将在管理员角色中。
