PowerDNS + PowerAdmin
https://www.powerdns.com/
http://www.poweradmin.org/
PowerDNS+PowerAdmin的組合就是一個有 WEB UI 的 DNS Service Solution ,
其功能同 Bind DNS ,以下為使用 tarball 安裝的SOP及重要參考的設定範例.
#tar -jvxf pdns-3.4.1.tar.bz2
#yum -y install libtool boost-devel
#yum -y install lua*
https://dl.fedoraproject.org/pub/epel/6/x86_64/
#rpm -ivh epel-release-6-8.noarch.rpm
#yum -y install php-mcrypt*
powerdns 3.4.1 tarball install
#./bootstrap
#./configure --prefix=/usr/local/pdns-3.4.1
#make
#make install
PowerDNS schema
/usr/local/src/pdns-3.4.1/modules/gmysqlbackend/schema.mysql.sql
#mysql pdns < schema.mysql.sql
WEB UI schema (PowerAdmin)
/var/www/html/poweradmin/sql
#mysql pdns < poweradmin-mysql-db-structure.sql
http://xxx.xxx.xxx.xxx/install (install )
========================================
powerdns 3.3.1 tarball install
# ./configure --prefix=/usr/local/pdns-3.3.1 --with-mysql --with-mysql-config=/usr/bin/mysql_config
#make
#make install
PowerDNS 3.3.1 schema
/usr/local/src/pdns-3.3.1/pdns/no-dnssec.schema.mysql.sql
#cat pdns.conf
setuid=pdns
setgid=pdns
launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=powerdnsadmin
gmysql-password=poweradminpwd
gmysql-dbname=powerdns
==============
Poweradmin 2.1.6
#cat config.inc.php
<?php
// NOTE: Do not edit this file, otherwise it's very likely your changes
// will be overwritten with an upgrade.
// Instead, create the file "inc/config.inc.php" and set the variables you
// want to set there. Your changes will override the defaults provided by us.
// Better description of available configuration settings you can find here:
// <https://www.poweradmin.org/trac/wiki/Documentation/ConfigurationFile>
// Database settings
$db_host = 'localhost';
$db_port = '3306';
$db_user = 'admin';
$db_pass = 'admin';
$db_name = 'powerdns';
$db_type = 'mysql';
//$db_file = ''; # used only for SQLite, provide full path to database file
//$db_debug = false; # show all SQL queries
$db_layer = 'PDO'; # or PDO
// Security settings
// This should be changed upon install
$session_key = '^SW!!h9@iQYBTOjqDjpAP9()1^oGeCZa_#oxMNj_C%Zg@@';
$password_encryption = 'md5'; // or md5salt
// Interface settings
$iface_lang = 'en_EN';
$iface_style = 'example';
$iface_rowamount = 50;
$iface_expire = 1800;
$iface_zonelist_serial = false;
$iface_title = 'Poweradmin';
// Predefined DNS settings
$dns_hostmaster = 'dns.xrcd2.com.tw';
$dns_ns1 = 'dns.xrcd2.com.tw';
$dns_ns2 = 'dns2.xrcd2.com.tw';
$dns_ttl = 86400;
$dns_fancy = false;
$dns_strict_tld_check = true;
// Timezone settings
// See <http://www.php.net/manual/en/timezones.php> for help.
//$timezone = 'UTC';
// Logging settings
// Syslog usage - writes authentication attempts to syslog
// This facility could be used in combination with fail2ban to
// ban IPs with break-in attempts
$syslog_use = false;
$syslog_ident = 'poweradmin';
// On Windows usually only LOG_USER is available
$syslog_facility = LOG_USER;
?>
[root@dns2 inc]#
==============================
powerdns 3.4.1
#cat pdns.conf
setuid=pdns
setgid=pdns
launch=gmysql
gmysql-host=localhost
gmysql-user=pdns
gmysql-password=password
gmysql-dbname=pdns
gmysql-socket=/var/lib/mysql/mysql.sock
config-dir=/usr/local/pdns-3.4.1/etc
daemon=no
guardian=yes
local-address=0.0.0.0
local-port=53
module-dir=/usr/local/pdns-3.4.1/lib/pdns
socket-dir=/var/run
version-string=DNS
recursor=168.95.1.1
Poweradmin 2.1.7
#cat config.inc.php
<?php
/**
* Sample configuration file with default values
*
* @package Poweradmin
* @copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
* @copyright 2010-2014 Poweradmin Development Team
* @license http://opensource.org/licenses/GPL-3.0 GPL
*/
// NOTE: Do not edit this file, otherwise it's very likely your changes
// will be overwritten with an upgrade.
// Instead, create the file "inc/config.inc.php" and set the variables you
// want to set there. Your changes will override the defaults provided by us.
// Better description of available configuration settings you can find here:
// <https://github.com/poweradmin/poweradmin/wiki/Configuration-File>
// Database settings
$db_host = 'localhost';
$db_port = '3306';
$db_user = 'pdns';
$db_pass = 'password';
$db_name = 'pdns';
$db_type = 'mysql';
//$db_file = ''; # used only for SQLite, provide full path to database file
//$db_debug = false; # show all SQL queries
$db_layer = 'PDO'; # or MDB2
//$db_ssl_ca = '';
// Security settings
// This should be changed upon install
$session_key = 'nwnAzC}nZ6RTx[w%)M=IxU7UZ(o(5PJ4k37tM0uI42_hf}';
$password_encryption = 'md5'; // or md5salt
// Interface settings
$iface_lang = 'en_EN';
$iface_style = 'example';
$iface_rowamount = 50;
$iface_expire = 1800;
$iface_zonelist_serial = false;
$iface_title = 'Poweradmin';
$iface_add_reverse_record = true;
// Predefined DNS settings
$dns_hostmaster = 'dns.xrcd2.com.tw';
$dns_ns1 = 'ns1.xrcd2.com.tw';
$dns_ns2 = 'ns2.xrcd2.com.tw';
$dns_ttl = 86400;
$dns_fancy = false;
$dns_strict_tld_check = false;
$dns_top_level_tld_check = false; // Don't allow to create top level TLDs
$dns_third_level_check = false;
// Timezone settings
// See <http://www.php.net/manual/en/timezones.php> for help.
//$timezone = 'UTC';
// Logging settings
// Syslog usage - writes authentication attempts to syslog
// This facility could be used in combination with fail2ban to
// ban IPs with break-in attempts
$syslog_use = false;
$syslog_ident = 'poweradmin';
// On Windows usually only LOG_USER is available
$syslog_facility = LOG_USER;
// PowerDNSSEC settings
$pdnssec_use = false;
$pdnssec_command = '/usr/bin/pdnssec';
// LDAP settings
$ldap_use = false;
$ldap_debug = false;
$ldap_uri = 'ldap://domaincontroller.example.com';
$ldap_basedn = 'OU=Users,DC=example,DC=com';
$ldap_binddn = 'GROUP\lookupuser';
$ldap_bindpw = 'some_password';
$ldap_user_attribute = 'sAMAccountName';
$ldap_proto = 3;
[root@Rsyslog inc]#
=========================
3.3.1
[root@centos64 init.d]# cat pdns
#!/bin/sh
# chkconfig: - 80 75
# description: PDNS is a versatile high performance authoritative nameserver
### BEGIN INIT INFO
# Provides: pdns
# Required-Start: $remote_fs $network $syslog
# Required-Stop: $remote_fs $network $syslog
# Should-Start: $all
# Should-Stop: $all
# Default-Start:
# Default-Stop: 0 1 6
# Short-Description: Start/stop PowerDNS authoritative server
# Description: Start/stop PowerDNS authoritative server
### END INIT INFO
set -e
#prefix=/usr
#exec_prefix=/usr
#BINARYPATH=/usr/bin
#SBINARYPATH=/usr/sbin
prefix=/usr/local/pdns-3.3.1
exec_prefix=/usr/local/pdns-3.3.1
BINARYPATH=/usr/local/pdns-3.3.1/bin
SBINARYPATH=/usr/local/pdns-3.3.1/sbin
SOCKETPATH=/var/run
[ -f "$SBINARYPATH/pdns_server" ] || exit 0
[ -r /etc/default/pdns ] && . /etc/default/pdns
cd $SOCKETPATH
suffix=$(basename $0 | cut -d- -f2- -s)
if [ -n "$suffix" ]
then
EXTRAOPTS=--config-name=$suffix
PROGNAME=pdns-$suffix
else
PROGNAME=pdns
fi
pdns_server="$SBINARYPATH/pdns_server $EXTRAOPTS"
doPC()
{
ret=$($BINARYPATH/pdns_control $EXTRAOPTS $1 $2 2> /dev/null)
}
NOTRUNNING=0
doPC ping || NOTRUNNING=$?
case "$1" in
status)
if test "$NOTRUNNING" = "0"
then
doPC status
echo $ret
else
echo "not running"
fi
;;
stop)
echo -n "Stopping PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "0"
then
doPC quit
rm -f /var/lock/subsys/pdns
echo $ret
else
echo "not running"
fi
;;
force-stop)
echo -n "Stopping PowerDNS authoritative nameserver: "
killall -v -9 pdns_server
rm -f /var/lock/subsys/pdns
echo "killed"
;;
start)
echo -n "Starting PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "0"
then
echo "already running"
else
if $pdns_server --daemon --guardian=yes
then
touch /var/lock/subsys/pdns
echo "started"
fi
fi
;;
condrestart)
if [ -f /var/lock/subsys/pdns ];
then
echo "running, restarting"
$0 restart
else
echo "not running"
fi
;;
force-reload | restart)
echo -n "Restarting PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "1"
then
echo "not running, starting"
else
echo -n stopping and waiting..
doPC quit
sleep 3
echo done
fi
$0 start
;;
reload)
echo -n "Reloading PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "0"
then
doPC cycle
echo requested reload
else
echo not running yet
$0 start
fi
;;
monitor)
if test "$NOTRUNNING" = "0"
then
echo "already running"
else
$pdns_server --daemon=no --guardian=no --control-console --loglevel=9
fi
;;
dump)
if test "$NOTRUNNING" = "0"
then
doPC list
echo $ret
else
echo "not running"
fi
;;
show)
if [ $# -lt 2 ]
then
echo Insufficient parameters
exit
fi
if test "$NOTRUNNING" = "0"
then
echo -n "$2="
doPC show $2 ; echo $ret
else
echo "not running"
fi
;;
mrtg)
if [ $# -lt 2 ]
then
echo Insufficient parameters
exit
fi
if test "$NOTRUNNING" = "0"
then
doPC show $2 ; echo $ret
if [ "$3x" != "x" ]
then
doPC show $3 ; echo $ret
else
echo 0
fi
doPC uptime ; echo $ret
echo PowerDNS daemon
else
echo "not running"
fi
;;
cricket)
if [ $# -lt 2 ]
then
echo Insufficient parameters
exit
fi
if test "$NOTRUNNING" = "0"
then
doPC show $2 ; echo $ret
else
echo "not running"
fi
;;
*)
echo pdns [start\|stop\|condrestart\|force-reload\|reload\|restart\|status\|dump\|show\|mrtg\|cricket\|monitor]
;;
esac
===========================
3.4.1
[root@cetnos66 init.d]# cat pdns
#!/bin/sh
# chkconfig: - 80 75
# description: PDNS is a versatile high performance authoritative nameserver
### BEGIN INIT INFO
# Provides: pdns
# Required-Start: $remote_fs $network $syslog
# Required-Stop: $remote_fs $network $syslog
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop: 0 1 6
# Short-Description: PowerDNS authoritative server
# Description: PowerDNS authoritative server
### END INIT INFO
set -e
prefix=/usr/local/pdns-3.4.1
exec_prefix=/usr/local/pdns-3.4.1
BINARYPATH=/usr/local/pdns-3.4.1/bin
SBINARYPATH=/usr/local/pdns-3.4.1/sbin
SOCKETPATH=/var/run
[ -f "$SBINARYPATH/pdns_server" ] || exit 0
[ -r /etc/default/pdns ] && . /etc/default/pdns
cd $SOCKETPATH
suffix=$(basename $0 | cut -d- -f2- -s)
if [ -n "$suffix" ]
then
EXTRAOPTS=--config-name=$suffix
PROGNAME=pdns-$suffix
else
PROGNAME=pdns
fi
pdns_server="$SBINARYPATH/pdns_server $EXTRAOPTS"
doPC()
{
ret=$($BINARYPATH/pdns_control $EXTRAOPTS $1 $2 2> /dev/null)
}
NOTRUNNING=0
doPC ping || NOTRUNNING=$?
case "$1" in
status)
if test "$NOTRUNNING" = "0"
then
doPC status
echo $ret
else
echo "not running"
exit 3
fi
;;
stop)
echo -n "Stopping PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "0"
then
doPC quit
rm -f /var/lock/subsys/pdns
echo $ret
else
echo "not running"
fi
;;
force-stop)
echo -n "Stopping PowerDNS authoritative nameserver: "
killall -v -9 pdns_server
rm -f /var/lock/subsys/pdns
echo "killed"
;;
start)
echo -n "Starting PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "0"
then
echo "already running"
else
if $pdns_server --daemon --guardian=yes
then
touch /var/lock/subsys/pdns
echo "started"
else
echo "starting failed"
exit 1
fi
fi
;;
condrestart)
if [ -f /var/lock/subsys/pdns ];
then
echo "running, restarting"
$0 restart
else
echo "not running"
fi
;;
force-reload | restart)
echo -n "Restarting PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "1"
then
echo "not running, starting"
else
echo -n stopping and waiting..
doPC quit
sleep 3
echo done
fi
$0 start
;;
reload)
echo -n "Reloading PowerDNS authoritative nameserver: "
if test "$NOTRUNNING" = "0"
then
doPC cycle
echo requested reload
else
echo not running yet
$0 start
fi
;;
monitor)
if test "$NOTRUNNING" = "0"
then
echo "already running"
else
$pdns_server --daemon=no --guardian=no --control-console --loglevel=9
fi
;;
dump)
if test "$NOTRUNNING" = "0"
then
doPC list
echo $ret
else
echo "not running"
fi
;;
show)
if [ $# -lt 2 ]
then
echo Insufficient parameters
exit
fi
if test "$NOTRUNNING" = "0"
then
echo -n "$2="
doPC show $2 ; echo $ret
else
echo "not running"
fi
;;
mrtg)
if [ $# -lt 2 ]
then
echo Insufficient parameters
exit
fi
if test "$NOTRUNNING" = "0"
then
doPC show $2 ; echo $ret
if [ "$3x" != "x" ]
then
doPC show $3 ; echo $ret
else
echo 0
fi
doPC uptime ; echo $ret
echo PowerDNS daemon
else
echo "not running"
fi
;;
cricket)
if [ $# -lt 2 ]
then
echo Insufficient parameters
exit
fi
if test "$NOTRUNNING" = "0"
then
doPC show $2 ; echo $ret
else
echo "not running"
fi
;;
*)
echo pdns [start\|stop\|condrestart\|force-reload\|reload\|restart\|status\|dump\|show\|mrtg\|cricket\|monitor]
;;
esac
