It’s fairly easy to setup and configure PowerDNS to get ready to use in your work environment. I’m gonna show step by step how to run it under PostgreSQL and MySQL. It’s gonna be a long post so i will divide post into two with different database apps i use.
Preparation
install mysql latest stable version, in this case i will using MySQL 5.7 because i heard pdns does not support version 8 ….. yet.
- Enable mysql 5.7 respository with the following command
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
- Now, install mysql as any other package using yum command
yum install mysql-community-server
- Next step is installing powerdns recursor and authoritative using the following command
yum install epel-release yum-plugin-priorities &&
curl -o /etc/yum.repos.d/powerdns-rec-42.repo https://repo.powerdns.com/repo-files/centos-rec-42.repo &&
yum install pdns-recursor
yum install epel-release yum-plugin-priorities &&
curl -o /etc/yum.repos.d/powerdns-auth-42.repo https://repo.powerdns.com/repo-files/centos-auth-42.repo &&
yum install pdns
Setup
Now we must prepare mysql server to be ready to operate by secure install mysql server.
- Start and enable automatically run on boot with the following command
systemctl enable mysqld
systemctl start mysqld
- before we start secure install, grap the generated temporary password using this command;
grep 'temporary password' /var/log/mysqld.log
The output should look something like this
- Now, run secure mysql installation with following command
mysql_secure_installation
Output should look something like this
mysql -u root -p
- Create empty database and user called “pdns”on the MySQL server
CREATE DATABASE pdns;
CREATE USER 'pdns'@'localhost' IDENTIFIED BY '<your preferred password>';
- grant the user all privileges to database pdns
GRANT ALL PRIVILEGES ON pdns.* TO 'pdns'@'localhost'
IDENTIFIED BY '<your preferred password>';
FLUSH PRIVILEGES;
EXIT;
- Now, copy paste database structure to your database server
CREATE TABLE domains (
id INT AUTO_INCREMENT,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
PRIMARY KEY (id)
) Engine=InnoDB;
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id INT AUTO_INCREMENT,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(10) DEFAULT NULL,
content VARCHAR(64000) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
disabled TINYINT(1) DEFAULT 0,
ordername VARCHAR(255) BINARY DEFAULT NULL,
auth TINYINT(1) DEFAULT 1,
PRIMARY KEY (id),
) Engine=InnoDB;
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX recordorder ON records (domain_id, ordername);
CREATE TABLE supermasters (
ip VARCHAR(64) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) NOT NULL,
PRIMARY KEY (ip, nameserver)
) Engine=InnoDB;
CREATE TABLE comments (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
name VARCHAR(255) NOT NULL,
type VARCHAR(10) NOT NULL,
modified_at INT NOT NULL,
account VARCHAR(40) NOT NULL,
comment VARCHAR(64000) NOT NULL,
PRIMARY KEY (id)
) Engine=InnoDB;
CREATE INDEX comments_domain_id_idx ON comments (domain_id);
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
CREATE TABLE domainmetadata (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
kind VARCHAR(32),
content TEXT,
PRIMARY KEY (id)
) Engine=InnoDB;
CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
CREATE TABLE cryptokeys (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
flags INT NOT NULL,
active BOOL,
content TEXT,
PRIMARY KEY(id)
) Engine=InnoDB;
CREATE INDEX domainidindex ON cryptokeys(domain_id);
CREATE TABLE tsigkeys (
id INT AUTO_INCREMENT,
name VARCHAR(255),
algorithm VARCHAR(50),
secret VARCHAR(255),
PRIMARY KEY (id)
) Engine=InnoDB;
CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
ALTER TABLE `records` ADD CONSTRAINT `records_ibfk_1` FOREIGN KEY (`domain_id`)
REFERENCES `domains` (`id`) ON DELETE CASCADE;
Or you can simply import this structure database to your database server
mysql -u root -p pdns < powerdns.sql
Or you can import from pdns schema by download powerdns backend schema using yum command
- you need to downloand backend for you database with following command
yum install pdns-backend-mysql
- import the schema from pdns-backend folder to your database
mysql -uroot -p pdns < /usr/share/doc/pdns-backend-mysql-4.2.0/schema.mysql.sql
Configuration
- Open powerdns configuration file using nano or text editor you like
nano /etc/pdns/pdns.conf
vim /etc/pdns/pdns.conf
- By default powerdns using bind as their backend. In this case, you need to put a comment tag “#” in front of “launch=bind” and copy paste the following command
launch=gmysql
gmysql-host=localhost
gmysql-user=pdns
gmysql-password=<pdnspassword you set on before>
gmysql-dbname=pdns
- And don’t forget to set the following command
api=yes
api-key=<your preferred api key>
daemon=yes
default-soa-name=ns1.yourdomain.com
disable-axfr=no
disable-syslog=no
local-address=127.0.0.1
log-dns-details=yes
logging-facility=0
local-port=5300
webserver=yes
guardian=yes
setgid=pdns
setuid=pdns
webserver-address=127.0.0.1
webserver-allow-from=0.0.0.0/0,::/0
webserver-port=8081
- Start and Enable powerdns service on startup
systemctl start pdns
systemctl enable pdns
Install PowerDNS Admin for GUI admin panel
This powerdns GUI will make your job easier as it help you to add new records in Graphical interface.
Prerequisite
- Create database and user for powerdns-admin
CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci;
- Grant all permission to it’s user
GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'y0urp4ssw0rd';
FLUSH PRIVILEGES;
Installation
- install epel and ius repositories
yum install epel-release
yum install https://centos7.iuscommunity.org/ius-release.rpm
- Install Python 3.6 and tools
yum install python36u python36u-devel python36u-pip
pip3.6 install -U pip
pip install -U virtualenv
rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
- Install required packages for building python libraries from requirements.txt file
yum install gcc mysql-community-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
- Install yarn to build asset files + Nodejs 10
curl -sL https://rpm.nodesource.com/setup_10.x | bash -
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
yum install yarn
- Checkout source code and create virtualenv
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
virtualenv -p python3 flask
- Activate your python3 environment and install libraries:
$ . ./flask/bin/activate
(flask) [khanh@localhost powerdns-admin] pip install python-dotenv
(flask) [khanh@localhost powerdns-admin] pip install -r requirements.txt
Note : Before running PowerDNS-Admin, make sure you have config.py available. You can clone it from config_template.py and adjust the database connection string. |
- Once your
config.py
is ready. Create the database schema by running the following command
(flask) [khanh@localhost powerdns-admin] export FLASK_APP=app/__init__.py
(flask) [khanh@localhost powerdns-admin] flask db upgrade
(flask) [khanh@localhost powerdns-admin] yarn install --pure-lockfile
(flask) [khanh@localhost powerdns-admin] flask assets build
- Now you can run PowerDNS-Admin by following command
(flask) [khanh@localhost powerdns-admin] ./run.py
Open your web browser and access to
http://localhost:9191
to visit PowerDNS-Admin web interface. Register an user. The first user will be in Administrator role.
At the first time you login into the PDA UI, you will be redirected to setting page to configure the PDNS API information.
Note: For production environment, i would recommend you to run PowerDNS-Admin with gunicorn or uwsgi instead of flask’s built-in web server, take a look at WIKI page to see how to configure them. |
For more detail information how to properly install powerdns-admin , you can check from this link