本文详细介绍了在Ubuntu18.04和Debian9上安装PowerDNS权威名称服务器及PowerDNS-Admin的过程,包括配置MariaDB数据库、安装PowerDNS服务、设置PowerDNS-Admin Web界面及其高级功能。
原作者:Josphat Mutai 转载来源:https://computingforgeeks.com/install-powerdns-and-powerdns-admin-on-ubuntu-18-04-debian-9-mariadb-backend/
使用MariaDB后端在Ubuntu18.04/Debian 9上安装PowerDNS和PowerDNS-Admin
在本指南中,我们将介绍在Ubuntu 18.04和Debian 9版Linux上安装PowerDNS权威名称服务器和PowerDNS-Admin。PowerDNS是一个DNS服务器,用C ++编写并根据GPL许可。它运行在大多数Linux和所有其他Unix衍生产品上。在撰写本文时,最新版本是4.1.X版本。
在Ubuntu 18.04 / Debian 9上安装PowerDNS
在本节中,我们将安装和配置:
- MariaDB数据库服务器。
- PowerDNS服务
步骤1:安装和配置MariaDB数据库服务器
我们需要安装数据库服务器,PowerDNS将使用它来存储区域文件。请注意,您还可以选择使用BIND等文本文件。我们选择的数据库服务器是MariaDB。
要在Ubuntu 18.04上安装MariaDB,请检查
在Ubuntu 18.04和CentOS 7上安装MariaDB 10.x.
对于Debian 9 / Debian使用:
如何在Debian 9 / Debian 8上安装MariaDB 10.3
安装并运行数据库服务器后,继续在MariaDB中创建PowerDNS数据库和用户帐户。
$ mysql -u root -p
create database powerdns;接下来是创建powerdns 数据库用户和分配权限:
grant all on powerdns *.* 'powerdns'@'localhost' identified by 'password';
刷新权限以更新用户设置:
flush privileges;切换到powerdns数据库以创建表:
use powerdns;创建所需的表:
CREATE TABLE domains (
id INT AUTO_INCREMENT,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT UNSIGNED DEFAULT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id BIGINT AUTO_INCREMENT,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(10) DEFAULT NULL,
content VARCHAR(64000) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
disabled TINYINT(1) DEFAULT 0,
ordername VARCHAR(255) BINARY DEFAULT NULL,
auth TINYINT(1) DEFAULT 1,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);
CREATE TABLE supermasters (
ip VARCHAR(64) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
PRIMARY KEY (ip, nameserver)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE TABLE comments (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
name VARCHAR(255) NOT NULL,
type VARCHAR(10) NOT NULL,
modified_at INT NOT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
comment TEXT CHARACTER SET 'utf8' NOT NULL,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
CREATE TABLE domainmetadata (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
kind VARCHAR(32),
content TEXT,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
CREATE TABLE cryptokeys (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
flags INT NOT NULL,
active BOOL,
content TEXT,
PRIMARY KEY(id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX domainidindex ON cryptokeys(domain_id);
CREATE TABLE tsigkeys (
id INT AUTO_INCREMENT,
name VARCHAR(255),
algorithm VARCHAR(50),
secret VARCHAR(255),
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);您可以确认您的表已创建:
MariaDB [powerdns]> show tables;
+--------------------+
| Tables_in_powerdns |
+--------------------+
| comments |
| cryptokeys |
| domainmetadata |
| domains |
| records |
| supermasters |
| tsigkeys |
+--------------------+
7 rows in set (0.000 sec)现在我们有了一个数据库和一个空表。PowerDNS现在应该可以用它启动了。
第2步:在Ubuntu 18.04 / Debian 9上安装PowerDNS
Ubuntu 18.04附带systemd-resolve,你需要禁用它,因为它绑定到端口 53 ,这将与PowerDNS端口冲突。
运行以下命令以禁用已解析的服务:
sudo systemctl禁用systemd-resolved
sudo systemctl stop systemd-resolved另外,删除符号链接的resolv.conf文件
$ ls -lh /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Jul 24 15:50 /etc/resolv.conf - > ../run/systemd/resolve/stub-resolv.conf
$ sudo rm /etc/resolv.conf然后创建新的resolv.conf文件。
sudo echo“nameserver 8.8.8.8”> /etc/resolv.conf请注意,您可以从官方apt存储库或PowerDNS存储库安装PowerDNS。要从apt存储库安装,请运行:
sudo apt-get update
sudo apt-get install pdns-server pdns-backend-mysql为Ubuntu 18.04添加官方PowerDNS存储库。
$ cat /etc/apt/sources.list.d/pdns.list
deb [arch = amd64] http://repo.powerdns.com/ubuntu bionic-auth-41 main导入GPG密钥:
卷曲https://repo.powerdns.com/FD380FBB-pub.asc | sudo apt-key add - 更新软件包列表并安装PowerDNS软件包(pdns-server)和MySQL后端(pdns-backend-mysql)。
sudo apt-get update
sudo apt-get install pdns-server pdns-backend-mysql对于Debian 9,从apt存储库安装软件包而不添加新的repo:
sudo apt-get update
sudo apt-get install pdns-server pdns-backend-mysql当询问是否使用dbconfig-common配置PowerDNS数据库时 ,请 回答 否
配置PowerDNS以使用MySQL后端:
这是我对PowerDNS的MySQL配置:
#cat /etc/powerdns/pdns.d/pdns.local.gmysql.conf
#MySQL配置
#启动gmysql后端
推出+ = gmysql
#gmysql参数
gmysql主机=本地主机
gmysql端口= 3306
gmysql-DBNAME = powerdns
gmysql用户= powerdns
gmysql密码= strongpassword
gmysql-DNSSEC = YES
#gmysql-socket =重新启动pdns服务
sudo systemctl restart pdns您现在可以测试PowerDNS以确认该服务是否在线:
# netstat -tap | grep pdns
tcp 0 0 0.0.0.0:domain 0.0.0.0:* LISTEN 31719/pdns_server
tcp6 0 0 [::]:domain [::]:* 检查PowerDNS服务是否正确响应:
# dig @127.0.0.1
; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @127.0.0.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 65465
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;. IN NS
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Aug 10 15:57:10 UTC 2018
;; MSG SIZE rcvd: 28在Ubuntu 18.04 / Debian 9上安装PowerDNS-Admin
PowerDNS-Admin是一个具有以下高级功能的PowerDNS Web界面:
- 多域管理
- 域模板
- 用户管理
- 基于域的用户访问管理
- 用户活动记录
- 本地DB / LDAP / Active Directory用户身份验证
- 支持SAML身份验证
- Google OAuth身份验证
- Github OAuth身份验证
- 支持双因素身份验证(TOTP)
- 仪表板和pdns服务统计信息
- DynDNS 2协议支持
- 直接使用IPv6地址编辑IPv6 PTR(不再编辑文字地址!)
安装Python 3开发包
sudo apt-get install python3-dev从requirements.txt文件安装构建python库所需的包
sudo apt-get install -y libmysqlclient-dev python-mysqldb libsasl2-dev libffi-dev \
libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev pkg-config安装纱线以构建资产文件:
sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
sudo echo“deb https://dl.yarnpkg.com/debian/ stable main”> /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt-get安装纱线结帐源代码并创建virtualenv:
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git / opt / web / powerdns-admin
cd / opt / web / powerdns-admin
virtualenv -p python3 flask输出:
已经使用解释器/ usr / bin / python3
使用基本前缀'/ usr'
/ opt / web / powerdns-admin / flask / bin / python3中的新python可执行文件
还在/ opt / web / powerdns-admin / flask / bin / python中创建可执行文件
安装setuptools,pkg_resources,pip,wheel ...... done。激活python3环境并安装库:
。./flask/bin/activate
pip install -r requirements.txt创建和配置数据库:
$ mysql -u root -p
CREATE DATABASE powerdnsadmin;
grant all privileges on powerdnsadmin.* to 'pdnsadminuser'@'%' identified by 'password';
flush privileges;
在运行PowerDNS-Admin之前,请确保您具有config.py可用。让我们从模板中创建一个:
cp config_template.py config.py编辑文件到
vim config.py这些是必需的配置:
- 数据库连接信息
- PNDS API服务端点和API密钥
- 使用的端口号
- 绑定地址
注释掉SQLite SQLALCHEMY_DATABASE_URI行并取消注释MySQL:
# DATABASE CONFIG
#You'll need MySQL-python
SQLA_DB_USER = 'powerdns'
SQLA_DB_PASSWORD = 'strongpassword'
SQLA_DB_HOST = 'localhost'
SQLA_DB_NAME = 'powerdns'
#MySQL
SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'\
+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+'/'+SQLA_DB_NAME
#SQLite
#SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')见下面的截图:
一旦你的config.py准备好了。通过运行命令创建数据库模式:
(flask) $ export FLASK_APP=app/__init__.py
(flask)$ flask db upgrade
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> 787bdba9e147, Init DB然后运行db migrate:
(flask)$ flask db migrate -m "Init DB"
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.autogenerate.compare] Detected removed index 'domainidindex' on 'cryptokeys'
INFO [alembic.autogenerate.compare] Detected removed table 'cryptokeys'
INFO [alembic.autogenerate.compare] Detected removed index 'namealgoindex' on 'tsigkeys'
INFO [alembic.autogenerate.compare] Detected removed table 'tsigkeys'
INFO [alembic.autogenerate.compare] Detected removed table 'supermasters'
INFO [alembic.autogenerate.compare] Detected removed index 'nametype_index' on 'records'
INFO [alembic.autogenerate.compare] Detected removed table 'records'
INFO [alembic.autogenerate.compare] Detected removed index 'domainmetadata_idx' on 'domainmetadata'
INFO [alembic.autogenerate.compare] Detected removed table 'domainmetadata'
INFO [alembic.autogenerate.compare] Detected removed index 'name_index' on 'domains'
INFO [alembic.autogenerate.compare] Detected removed table 'domains'
INFO [alembic.autogenerate.compare] Detected removed index 'comments_name_type_idx' on 'comments'
INFO [alembic.autogenerate.compare] Detected removed index 'comments_order_idx' on 'comments'
INFO [alembic.autogenerate.compare] Detected removed table 'comments'
Generating /opt/web/powerdns-
admin/migrations/versions/42ca771ac430_init_db.py ... done使用yarn生成资产文件:
(flask)$ yarn install --pure-lockfile
yarn install v1.9.4
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
[4/4] Building fresh packages...
Done in 14.59s.
(flask)$ flask assets build
Building bundle: generated/login.js
[INFO] Building bundle: generated/login.js
Building bundle: generated/login.css
[INFO] Building bundle: generated/login.css
Building bundle: generated/main.js
[INFO] Building bundle: generated/main.js
Building bundle: generated/main.css
[INFO] Building bundle: generated/main.css测试您的PowerDNS-Admin是否正常运行:
$ ./run.py
[INFO] *在http://127.0.0.1:9191/上运行(按CTRL + C退出)
[INFO] *使用stat重新启动
[警告] *调试器处于活动状态!
[INFO] *调试器密码:466-405-858配置systemd服务和Nginx
我们将使用systemd管理PowerDNS-Admin。创建如下的服务单元文件:
$ sudo vim /etc/systemd/system/powerdns-admin.service
[Unit]
Description=PowerDNS-Admin
After=network.target
[Service]
User=root
Group=root
WorkingDirectory=/opt/web/powerdns-admin
ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app
[Install]
WantedBy=multi-user.target启动Powerdns-Admin服务并将其设置为在启动时启动:
sudo systemctl daemon-reload
sudo systemctl start powerdns-admin
sudo systemctl enable powerdns-admin确认状态是否正在运行状态:
# systemctl status powerdns-admin
● powerdns-admin.service - PowerDNS-Admin
Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2018-08-10 16:45:16 UTC; 22s ago
Main PID: 10405 (gunicorn)
Tasks: 3 (limit: 1152)
CGroup: /system.slice/powerdns-admin.service
├─10405 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admi
├─10427 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admi
└─10428 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admi
Aug 10 16:45:16 ubuntu-01 systemd[1]: Started PowerDNS-Admin.
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10405] [INFO] Starting gunicorn 19.7.1
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10405] [INFO] Listening at: unix:/opt/web/powerdns-admin/powerdns-admin.sock (
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10405] [INFO] Using worker: sync
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10427] [INFO] Booting worker with pid: 10427
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10428] [INFO] Booting worker with pid: 10428为Powerdns-Admin安装和配置Nginx
使用以下命令安装Nginx:
sudo apt-get install nginx配置Nginx
sudo vim /etc/nginx/conf.d/powerdns-admin.conf添加如下内容:
server {
listen *:80;
server_name powerdns-admin.example.com www.powerdns-admin.example.com;
index index.html index.htm index.php;
root /opt/web/powerdns-admin;
access_log /var/log/nginx/powerdns-admin.local.access.log combined;
error_log /var/log/nginx/powerdns-admin.local.error.log;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_redirect off;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
proxy_buffer_size 8k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_headers_hash_bucket_size 64;
location ~ ^/static/ {
include /etc/nginx/mime.types;
root /opt/web/powerdns-admin/app;
location ~* \.(jpg|jpeg|png|gif)$ {
expires 365d;
}
location ~* ^.+.(css|js)$ {
expires 7d;
}
}
location / {
proxy_pass http://unix:/opt/web/powerdns-admin/powerdns-admin.sock;
proxy_read_timeout 120;
proxy_connect_timeout 120;
proxy_redirect off;
}
}检查nginx语法然后重启nginx服务:
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# systemctl restart nginx访问PowerDNS-Admin Web界面。
http://powerdns-admin.example.com/
单击“创建帐户” 按钮并注册用户。第一个用户将处于管理员角色。
当您使用创建的用户名和密码登录时,您应该获得如下界面:
享受在Ubuntu 18.04 / Debian 9服务器上使用PowerDNS-Admin管理PowerDNS。
扫一扫
3775
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
