The Dummit
  • Tutorial
  • Tips & Tricks
  • About Me
  • Reference

PowerDNS Authoritative & MySQL: How to Setup for local DNS on Centos 7

Posted on 31 May 2019 in Tutorial

loading

It’s fairly easy to setup and configure PowerDNS to get ready to use in your work environment. I’m gonna show step by step how to run it under PostgreSQL and MySQL. It’s gonna be a long post so i will divide post into two with different database apps i use.

Preparation

install mysql latest stable version, in this case i will using MySQL 5.7 because i heard pdns does not support version 8 ….. yet.

  • Enable mysql 5.7 respository with the following command
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
  • Now, install mysql as any other package using yum command
yum install mysql-community-server
  • Next step is installing powerdns recursor and authoritative using the following command
yum install epel-release yum-plugin-priorities &&
curl -o /etc/yum.repos.d/powerdns-rec-42.repo https://repo.powerdns.com/repo-files/centos-rec-42.repo &&
yum install pdns-recursor
yum install epel-release yum-plugin-priorities &&
curl -o /etc/yum.repos.d/powerdns-auth-42.repo https://repo.powerdns.com/repo-files/centos-auth-42.repo &&
yum install pdns

Setup

Now we must prepare mysql server to be ready to operate by secure install mysql server.

  • Start and enable automatically run on boot with the following command
systemctl enable mysqld
systemctl start mysqld
  • before we start secure install, grap the generated temporary password using this command;
grep 'temporary password' /var/log/mysqld.log

The output should look something like this

  • Now, run secure mysql installation with following command
mysql_secure_installation

Output should look something like this

  • Login to your database
mysql -u root -p
  • Create empty database and user called “pdns”on the MySQL server
CREATE DATABASE pdns;
CREATE USER 'pdns'@'localhost' IDENTIFIED BY '<your preferred password>';
  • grant the user all privileges to database pdns
GRANT ALL PRIVILEGES ON pdns.* TO 'pdns'@'localhost'
    IDENTIFIED BY '<your preferred password>';
FLUSH PRIVILEGES;
EXIT;
  • Now, copy paste database structure to your database server
CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT DEFAULT NULL,
  account               VARCHAR(40) DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE UNIQUE INDEX name_index ON domains(name);


CREATE TABLE records (
  id                    INT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  change_date           INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id),

) Engine=InnoDB;

CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX recordorder ON records (domain_id, ordername);


CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) NOT NULL,
  PRIMARY KEY (ip, nameserver)
) Engine=InnoDB;


CREATE TABLE comments (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  name                  VARCHAR(255) NOT NULL,
  type                  VARCHAR(10) NOT NULL,
  modified_at           INT NOT NULL,
  account               VARCHAR(40) NOT NULL,
  comment               VARCHAR(64000) NOT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE INDEX comments_domain_id_idx ON comments (domain_id);
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);


CREATE TABLE domainmetadata (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  kind                  VARCHAR(32),
  content               TEXT,
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);


CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  content               TEXT,
  PRIMARY KEY(id)
) Engine=InnoDB;

CREATE INDEX domainidindex ON cryptokeys(domain_id);


CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
) Engine=InnoDB;

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

ALTER TABLE `records` ADD CONSTRAINT `records_ibfk_1` FOREIGN KEY (`domain_id`)
REFERENCES `domains` (`id`) ON DELETE CASCADE;

Or you can simply import this structure database to your database server

mysql -u root -p pdns < powerdns.sql

Or you can import from pdns schema by download powerdns backend schema using yum command

  • you need to downloand backend for you database with following command
yum install pdns-backend-mysql
  • import the schema from pdns-backend folder to your database
mysql -uroot -p pdns < /usr/share/doc/pdns-backend-mysql-4.2.0/schema.mysql.sql

Configuration

  • Open powerdns configuration file using nano or text editor you like
nano /etc/pdns/pdns.conf
vim /etc/pdns/pdns.conf
  • By default powerdns using bind as their backend. In this case, you need to put a comment tag “#” in front of “launch=bind” and copy paste the following command
launch=gmysql
gmysql-host=localhost
gmysql-user=pdns
gmysql-password=<pdnspassword you set on before>
gmysql-dbname=pdns
  • And don’t forget to set the following command
api=yes
api-key=<your preferred api key>
daemon=yes
default-soa-name=ns1.yourdomain.com
disable-axfr=no
disable-syslog=no
local-address=127.0.0.1
log-dns-details=yes
logging-facility=0
local-port=5300
webserver=yes
guardian=yes
setgid=pdns
setuid=pdns
webserver-address=127.0.0.1
webserver-allow-from=0.0.0.0/0,::/0
webserver-port=8081
  • Start and Enable powerdns service on startup 
systemctl start pdns
systemctl enable pdns

Install PowerDNS Admin for GUI admin panel

This powerdns GUI will make your job easier as it help you to add new records in Graphical interface.

Prerequisite

  • Create database and user for powerdns-admin
CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci;
  • Grant all permission to it’s user
GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd';
  • Apply the configuration
FLUSH PRIVILEGES;

Installation

  • install epel and ius repositories
yum install epel-release
yum install https://centos7.iuscommunity.org/ius-release.rpm
  • Install Python 3.6 and tools 
yum install python36u python36u-devel python36u-pip
pip3.6 install -U pip
pip install -U virtualenv
rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
  • Install required packages for building python libraries from requirements.txt file 
yum install gcc mysql-community-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
  • Install yarn to build asset files + Nodejs 10 
curl -sL https://rpm.nodesource.com/setup_10.x | bash -
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
yum install yarn
  • Checkout source code and create virtualenv
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
virtualenv -p python3 flask
  • Activate your python3 environment and install libraries: 
$ . ./flask/bin/activate
(flask) [[email protected] powerdns-admin] pip install python-dotenv
(flask) [[email protected] powerdns-admin] pip install -r requirements.txt
Note : Before running PowerDNS-Admin, make sure you have config.py available.
You can clone it from config_template.py and adjust the database connection string.
  • Once your config.py is ready. Create the database schema by running the following command
(flask) [[email protected] powerdns-admin] export FLASK_APP=app/__init__.py
(flask) [[email protected] powerdns-admin] flask db upgrade
  • Generate asset file
(flask) [[email protected] powerdns-admin] yarn install --pure-lockfile
(flask) [[email protected] powerdns-admin] flask assets build
  • Now you can run PowerDNS-Admin by following command 
(flask) [[email protected] powerdns-admin] ./run.py

Open your web browser and access to  

http://localhost:9191

to visit PowerDNS-Admin web interface. Register an user. The first user will be in Administrator role.

At the first time you login into the PDA UI, you will be redirected to setting page to configure the PDNS API information.

Note: For production environment, i would recommend you to run PowerDNS-Admin with gunicorn or uwsgi instead of flask’s built-in web server, take a look at WIKI page to see how to configure them.

For more detail information how to properly install powerdns-admin , you can check from this link

loading

MySQL 5.7 : How to configure Replication (Master/Slave) Database on Centos 7
loading

MySQL 8: How to reset root password on Centos 7

Recent Post

  • openldap
    How to compile, install and configure openLDAP in Centos 8
    5 September 2020
  • zimbra desktop
    Zimbra Desktop : How to recover your local folder after crash (Win 10)
    2 September 2020
  • doh
    Mikrotik : How to use DoH with Cloudflare
    7 July 2020
  • loading
    How to install Openfire and configure server to server on Centos 7
    12 August 2019
  • loading
    MySQL 5.7 : How to configure Replication (Master/Slave) Database on Centos 7
    25 June 2019