Linux BIND Web 管理
软件介绍:NamedManager
NamedManager 安装配置
@默认已经安装好了 Bind(named)服务,如果没有安装自行查阅资料安装
@本文档支持针对已经存在的域名服务器进行增加 WEB 页面管理
注: 在已经存在的 Named 服务器下增加 WEB 管理页面一定要备份原配置文件!备份原配置文件!备份原配置文件!
下载
安装
# wget https://repos.jethrocarr.com/pub/jethrocarr/linux/centos/7/jethrocarr-custom/x86_64/namedmanager-www-1.9.0-2.el7.centos.noarch.rpm
# wget https://repos.jethrocarr.com/pub/jethrocarr/linux/centos/7/jethrocarr-custom/x86_64/namedmanager-bind-1.9.0-2.el7.centos.noarch.rpm
# yum -y install namedmanager*.rpm
# yum -y install httpd && systemctl enable httpd
配置
数据库使用现有的数据库即可,或者自行搜索本地 Mysql
或者 mariadb
- APACHE
# cat /etc/httpd/conf/httpd.conf # 新增如下
Listen 0.0.0.0:8030 端口自定义
# cat /etc/httpd/conf.d/namedmanager.conf # 增加如下
ServerName dns.magic.com:8030 # 端口同样可以自定义
<Directory />
AllowOverride none
allow from all
#Require all denied
</Directory>
Alias /namedmanager /usr/share/namedmanager/htdocs
<Location /namedmanager>
Order allow,deny
Allow from all
AllowOverride None
Require all granted
</Location>
- Mysql
# 同步数据库,如果数据库地址不是本机,可以编辑该文件指定主机,运行以下脚本无报错即可
/usr/share/namedmanager/resources/autoinstall.pl #输入mysql的root用户的passwd
-
NamedManager
php 管理页面需要配置 /etc/namedmanager/config-bind.php 文件
- 定时任务说明
######################################################## ## crond.d 下计划任务说明,每分钟把 mysql 中的 DNS 数据数据刷新并记录到日志中 vi /etc/cron.d/namedmanager-bind # # NAMEDMANAGER INTEGRATION # Cron Jobs # # check for new configuration every minute */1 * * * * root php -q /usr/share/namedmanager/bind/namedmanager_bind_configwriter.php >> /var/log/namedmanager_bind_configwriter # PHP slowly leaks memory, restart the process weekly to prevent it getting too large over months 01 01 * * 0 root /etc/init.d/namedmanager_logpush restart >> /dev/null 2>&1 # /etc/init.d/namedmanager_logpush start ## 验证 namedmanager 配置文件是否正确(因为此时还未配置,所以会报错) # /usr/bin/php -q /usr/share/namedmanager/bind/namedmanager_bind_configwriter.php
- 配置php及http及hosts文件
# 增加配置 /etc/namedmanager/config.php $_SERVER['HTTPS'] = "TRUE"; // 关闭 HTTPS # 修改配置 /etc/namedmanager/config-bind.php $config["api_url"] = "http://dns.magic.com:8080/namedmanager"; // 域名与 HTTP 配置文件一致 $config["api_server_name"] = "dns.magic.com"; // 域名与 HTTP 配置文件一致 $config["api_auth_key"] = "1qazxsw2"; // 在 NamedManager web 页面使用的自定义的认证 key $config["log_file"] = "/var/log/namedmanager_bind_configwriter"; #修改配置 /etc/php.ini max_input_vars = 1000
-
Named
# 新增 /etc/named.conf 如下内容,如果不存在直接手动创建一个即可,权限为 named:named, 该文件的做作用是在 web 页面所配置的 domain 域名会在该文件内自动生成配置,所以不建议手动更改此文件就算更改了也会自动还原。
include "/etc/named.namedmanager.conf";
-
配置rndc远程控制管理(可选配置,如果已经运行一段时间了的 named 可以忽略次步,如果是新建 Named 服务,推荐做此步骤)
- 生成 rndc-key
根据输出配置相应的配置文件
# rndc-confgen -r /dev/urandom # Start of rndc.conf # 新增配置文件 /etc/rndc.conf key "rndc-key" { algorithm hmac-md5; secret "ZZWvBMLgcswCdvDo9xjgfg=="; }; options { default-key "rndc-key"; default-server 127.0.0.1; default-port 953; }; # End of rndc.conf # Use with the following in named.conf, adjusting the allow list as needed: #增加配置 /etc/named.conf # key "rndc-key" { # algorithm hmac-md5; # secret "ZZWvBMLgcswCdvDo9xjgfg=="; # }; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndc-key"; }; # }; # End of named.conf
- 删除原有key及重启named
rm -rf /etc/rcdn.key systemctl restart named
- 检查 rndc 是否可用
rndc status
NamedManager WEB 使用
- 登陆
- 配置连接DNS 服务器
- 添加域名(Domain)
- 添加 A记录
- 验证
dig xxx.magic.com
; <<>> DiG 9.10.6 <<>> xxx.magic.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41529
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;xxx.magic.com. IN A
;; ANSWER SECTION:
xxx.magic.com. 120 IN A 192.168.1.63
;; AUTHORITY SECTION:
magic.com. 86400 IN NS dns.magic.com.
;; ADDITIONAL SECTION:
dns.magic.com. 120 IN A 192.168.1.89
;; Query time: 0 msec
;; SERVER: 192.168.1.89#53(192.168.1.89)
;; WHEN: Thu Dec 16 18:35:43 CST 2021
;; MSG SIZE rcvd: 99