1.1 系统环境
- Centos7.7.1908
- PowerDNS 4.4.0
- MariaDB 10.4
PowerDNS 官方源 https://repo.powerdns.com/
PowerDNS 文档 https://doc.powerdns.com/authoritative/
2.1 安装 PowerDNS
- #添加PowerDNS官方源
- yum install -y epel-release yum-plugin-priorities
- curl -o /etc/yum.repos.d/powerdns-auth-master.repo https://repo.powerdns.com/repo-files/centos-auth-master.repo
-
- yum install -y pdns pdns-backend-mysql.x86_64
-
- #修改前备份配置文件
- cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak
-
- #赋予权限,否则PowerDNS无法启动
- chown pdns. /etc/pdns/pdns.conf
2.2 修改配置文件,添加以下内容
- vim /etc/pdns/pdns.conf
-
- launch=gmysql
- gmysql-host=127.0.0.1
- gmysql-user=root
- gmysql-dbname=pdns
- gmysql-password=123456
- api=yes
- api-key=123456
- webserver=yes
-
- # ttl
- default-ttl=300
2.3 启动 PowerDNS(日志在 message 中)
- systemctl start pdns
- systemctl enable pdns
- systemctl status pdns.service
2.4 开放 DNS 服务端口
- firewall-cmd --zone=public --add-port=53/tcp --permanent
- firewall-cmd --zone=public --add-port=53/udp --permanent
- firewall-cmd --reload
3.1 安装 MariaDB10.4
Centos7 仓库最新版 5.5,需要手动添加新版 10.4 到仓库。
vim /etc/yum.repos.d/Mariadb.repo
- # MariaDB 10.4 CentOS repository list - created 2020-04-06 18:11 UTC
- # http://downloads.mariadb.org/mariadb/repositories/
- [mariadb]
- name = MariaDB
- baseurl = http://yum.mariadb.org/10.4/centos7-amd64
- gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
- gpgcheck=1
-
-
- yum clean all
- yum makecache all
- yum install -y mariadb-server mariadb
3.2 添加以下内容,配置 MariaDB 的字符集为 UTF-8
- vim /etc/my.cnf
- [mysqld]
- init_connect='SET collation_connection = utf8_unicode_ci'
- init_connect='SET NAMES utf8'
- character-set-server=utf8
- collation-server=utf8_unicode_ci
- skip-character-set-client-handshake
-
-
- vim /etc/my.cnf.d/client.cnf
- [client]
- default-character-set=utf8
-
-
- vim /etc/my.cnf.d/mysql-clients.cnf
- [mysql]
- default-character-set=utf8
3.3 启动 MariaDB
- systemctl start mariadb
- systemctl enable mariadb
- systemctl status mariadb
3.4 初始化 MariaDB
- mysql_secure_installation
- 回车,
- N,
- Y, #设置root密码
- root密码,
- 重复root密码,
- Y, #删除匿名登入
- Y, #禁用root远程登入
- Y, #删除test库
- Y, #刷新权限
3.5 初始化 PowerDNS 数据库
- mysql -u root -p
- #先确认已设置UTF-8编码
- mysql > show variables like "%character%";
- mysql > create database pdns;
- mysql > use pdns;
-
- CREATE TABLE domains (
- id INT AUTO_INCREMENT,
- name VARCHAR(255) NOT NULL,
- master VARCHAR(128) DEFAULT NULL,
- last_check INT DEFAULT NULL,
- type VARCHAR(6) NOT NULL,
- notified_serial INT UNSIGNED DEFAULT NULL,
- account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
- PRIMARY KEY (id)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE UNIQUE INDEX name_index ON domains(name);
-
- CREATE TABLE records (
- id BIGINT AUTO_INCREMENT,
- domain_id INT DEFAULT NULL,
- name VARCHAR(255) DEFAULT NULL,
- type VARCHAR(10) DEFAULT NULL,
- content VARCHAR(64000) DEFAULT NULL,
- ttl INT DEFAULT NULL,
- prio INT DEFAULT NULL,
- disabled TINYINT(1) DEFAULT 0,
- ordername VARCHAR(255) BINARY DEFAULT NULL,
- auth TINYINT(1) DEFAULT 1,
- PRIMARY KEY (id)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE INDEX nametype_index ON records(name,type);
- CREATE INDEX domain_id ON records(domain_id);
- CREATE INDEX ordername ON records (ordername);
-
- CREATE TABLE supermasters (
- ip VARCHAR(64) NOT NULL,
- nameserver VARCHAR(255) NOT NULL,
- account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
- PRIMARY KEY (ip, nameserver)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE TABLE comments (
- id INT AUTO_INCREMENT,
- domain_id INT NOT NULL,
- name VARCHAR(255) NOT NULL,
- type VARCHAR(10) NOT NULL,
- modified_at INT NOT NULL,
- account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
- comment TEXT CHARACTER SET 'utf8' NOT NULL,
- PRIMARY KEY (id)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE INDEX comments_name_type_idx ON comments (name, type);
- CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
-
- CREATE TABLE domainmetadata (
- id INT AUTO_INCREMENT,
- domain_id INT NOT NULL,
- kind VARCHAR(32),
- content TEXT,
- PRIMARY KEY (id)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
-
- CREATE TABLE cryptokeys (
- id INT AUTO_INCREMENT,
- domain_id INT NOT NULL,
- flags INT NOT NULL,
- active BOOL,
- published BOOL DEFAULT 1,
- content TEXT,
- PRIMARY KEY(id)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE INDEX domainidindex ON cryptokeys(domain_id);
-
- CREATE TABLE tsigkeys (
- id INT AUTO_INCREMENT,
- name VARCHAR(255),
- algorithm VARCHAR(50),
- secret VARCHAR(255),
- PRIMARY KEY (id)
- ) Engine=InnoDB CHARACTER SET 'latin1';
-
- CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
建议您还添加以下 MySQL 语句。这些将在表中添加外键约束,以便在从域表中删除域时自动删除记录,密钥材料和其他信息。
这些仅适用于 InnoDB 存储引擎,但是,如果您到目前为止已遵循我们的指南,则正是我们正在使用的引擎。
以下 SQL 可以完成这项工作:
- mysql> use pdns;
-
- ALTER TABLE records ADD CONSTRAINT `records_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
- ALTER TABLE comments ADD CONSTRAINT `comments_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
- ALTER TABLE domainmetadata ADD CONSTRAINT `domainmetadata_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
- ALTER TABLE cryptokeys ADD CONSTRAINT `cryptokeys_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
4.1 安装 PowerDNS-Admin
官方教程:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
- #安装Python3.6 + pip
- yum install -y https://centos7.iuscommunity.org/ius-release.rpm
- yum install -y python36u python36u-devel python36u-pip
- pip3.6 install -U pip
- pip install -U virtualenv
- rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
-
- # 安装构建Python库所需包
- 1)如果使用 Centos 默认的 mariadb 5.5 版本,安装如下:
- yum install -y gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
-
- 2)如果使用mariadb 10.x 版本,安装如下:
- yum install -y gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
-
- # 安装 Nodejs 10
- curl -sL https://rpm.nodesource.com/setup_10.x | bash -
- curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
- yum install -y yarn
- yum install -y python-virtualenv
- yum install -y gcc-c++ make
-
- #创建Python3 virtualenv环境
- yum install -y git
- git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
- cd /opt/web/powerdns-admin
- virtualenv -p python3 flask
-
- #激活Python3环境并安装Python库(后续操作都是基于Python3 环境下操作)
- source ./flask/bin/activate
- pip install python-dotenv
- pip install -r requirements.txt
4.2 修改关于数据库的连接信息
vim /opt/web/powerdns-admin/powerdnsadmin/default_config.py
-
- ### DATABASE CONFIG
- SQLA_DB_USER = 'root'
- SQLA_DB_PASSWORD = '123456'
- SQLA_DB_HOST = '127.0.0.1'
- SQLA_DB_NAME = 'pdns'
-
-
- #导出
- export FLASK_CONF=../configs/development.py
- #然后运行以下命令创建数据库模式:
- export FLASK_APP=powerdnsadmin/__init__.py
- flask db upgrade
- yarn install --pure-lockfile
- flask assets build
删掉关于 debug 字段
vim run.py
- #!/usr/bin/env python3
- from powerdnsadmin import create_app
-
- if __name__ == '__main__':
- app = create_app()
- app.run(host=app.config.get('BIND_ADDRESS', '127.0.0.1'), port=app.config.get('PORT', '9191'))
4.3 开放 WEB 端口
- firewall-cmd --zone=public --add-port=9191/tcp --permanent
- firewall-cmd --reload
- #查看是否生效
- yum install -y net-tools
- netstat -lnpt
4.4 启动 PowerDNS-Admin
- #测试运行 查看输出是否正常
- cd /opt/web/powerdns-admin/
- ./run.py
- #开机自启
- chmod +x /etc/rc.d/rc.local
- vim /etc/rc.local
- source /opt/web/powerdns-admin/flask/bin/activate
- export FLASK_CONF=/opt/web/powerdns-admin/configs/development.py
- export FLASK_APP=/opt/web/powerdns-admin/powerdnsadmin/__init__.py
- /opt/web/powerdns-admin/run.py /opt/web/powerdns-admin/powerdns-admin-log 2>&1 &
4.5 设置 PowerDNS-Admin
访问 http://IP:9191 注册新用户
- 首个注册用户会默认加权为管理员
填入 2.2 步骤中设置的 API KEY 等信息
当与后端 PowerDNS 通讯正常时,可以在控制面板中看到 PowerDNS Uptime
参考
https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
https://www.cnblogs.com/weavepub/p/11152919.html
https://boke.wsfnk.com/archives/787.html