MENU

自建 DNS 解析利器:PowerDNS+PowerDNS-Admin

April 7, 2020 • Read: 6551 • Linux阅读设置

1.1 系统环境

  • Centos7.7.1908
  • PowerDNS 4.4.0
  • MariaDB 10.4

PowerDNS 官方源 https://repo.powerdns.com/
PowerDNS 文档 https://doc.powerdns.com/authoritative/

2.1 安装 PowerDNS

  • #添加PowerDNS官方源
  • yum install -y epel-release yum-plugin-priorities
  • curl -o /etc/yum.repos.d/powerdns-auth-master.repo https://repo.powerdns.com/repo-files/centos-auth-master.repo
  • yum install -y pdns pdns-backend-mysql.x86_64
  • #修改前备份配置文件
  • cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak
  • #赋予权限,否则PowerDNS无法启动
  • chown pdns. /etc/pdns/pdns.conf

2.2 修改配置文件,添加以下内容

  • vim /etc/pdns/pdns.conf
  • launch=gmysql
  • gmysql-host=127.0.0.1
  • gmysql-user=root
  • gmysql-dbname=pdns
  • gmysql-password=123456
  • api=yes
  • api-key=123456
  • webserver=yes
  • # ttl
  • default-ttl=300

2.3 启动 PowerDNS(日志在 message 中)

  • systemctl start pdns
  • systemctl enable pdns
  • systemctl status pdns.service

2.4 开放 DNS 服务端口

  • firewall-cmd --zone=public --add-port=53/tcp --permanent
  • firewall-cmd --zone=public --add-port=53/udp --permanent
  • firewall-cmd --reload

3.1 安装 MariaDB10.4

Centos7 仓库最新版 5.5,需要手动添加新版 10.4 到仓库。
vim /etc/yum.repos.d/Mariadb.repo

  • # MariaDB 10.4 CentOS repository list - created 2020-04-06 18:11 UTC
  • # http://downloads.mariadb.org/mariadb/repositories/
  • [mariadb]
  • name = MariaDB
  • baseurl = http://yum.mariadb.org/10.4/centos7-amd64
  • gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
  • gpgcheck=1
  • yum clean all
  • yum makecache all
  • yum install -y mariadb-server mariadb

3.2 添加以下内容,配置 MariaDB 的字符集为 UTF-8

  • vim /etc/my.cnf
  • [mysqld]
  • init_connect='SET collation_connection = utf8_unicode_ci'
  • init_connect='SET NAMES utf8'
  • character-set-server=utf8
  • collation-server=utf8_unicode_ci
  • skip-character-set-client-handshake
  • vim /etc/my.cnf.d/client.cnf
  • [client]
  • default-character-set=utf8
  • vim /etc/my.cnf.d/mysql-clients.cnf
  • [mysql]
  • default-character-set=utf8

3.3 启动 MariaDB

  • systemctl start mariadb
  • systemctl enable mariadb
  • systemctl status mariadb

3.4 初始化 MariaDB

  • mysql_secure_installation
  • 回车,
  • N,
  • Y, #设置root密码
  • root密码,
  • 重复root密码,
  • Y, #删除匿名登入
  • Y, #禁用root远程登入
  • Y, #删除test库
  • Y, #刷新权限

3.5 初始化 PowerDNS 数据库

  • mysql -u root -p
  • #先确认已设置UTF-8编码
  • mysql > show variables like "%character%";
  • mysql > create database pdns;
  • mysql > use pdns;
  • CREATE TABLE domains (
  • id INT AUTO_INCREMENT,
  • name VARCHAR(255) NOT NULL,
  • master VARCHAR(128) DEFAULT NULL,
  • last_check INT DEFAULT NULL,
  • type VARCHAR(6) NOT NULL,
  • notified_serial INT UNSIGNED DEFAULT NULL,
  • account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  • PRIMARY KEY (id)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE UNIQUE INDEX name_index ON domains(name);
  • CREATE TABLE records (
  • id BIGINT AUTO_INCREMENT,
  • domain_id INT DEFAULT NULL,
  • name VARCHAR(255) DEFAULT NULL,
  • type VARCHAR(10) DEFAULT NULL,
  • content VARCHAR(64000) DEFAULT NULL,
  • ttl INT DEFAULT NULL,
  • prio INT DEFAULT NULL,
  • disabled TINYINT(1) DEFAULT 0,
  • ordername VARCHAR(255) BINARY DEFAULT NULL,
  • auth TINYINT(1) DEFAULT 1,
  • PRIMARY KEY (id)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE INDEX nametype_index ON records(name,type);
  • CREATE INDEX domain_id ON records(domain_id);
  • CREATE INDEX ordername ON records (ordername);
  • CREATE TABLE supermasters (
  • ip VARCHAR(64) NOT NULL,
  • nameserver VARCHAR(255) NOT NULL,
  • account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
  • PRIMARY KEY (ip, nameserver)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE TABLE comments (
  • id INT AUTO_INCREMENT,
  • domain_id INT NOT NULL,
  • name VARCHAR(255) NOT NULL,
  • type VARCHAR(10) NOT NULL,
  • modified_at INT NOT NULL,
  • account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  • comment TEXT CHARACTER SET 'utf8' NOT NULL,
  • PRIMARY KEY (id)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE INDEX comments_name_type_idx ON comments (name, type);
  • CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
  • CREATE TABLE domainmetadata (
  • id INT AUTO_INCREMENT,
  • domain_id INT NOT NULL,
  • kind VARCHAR(32),
  • content TEXT,
  • PRIMARY KEY (id)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
  • CREATE TABLE cryptokeys (
  • id INT AUTO_INCREMENT,
  • domain_id INT NOT NULL,
  • flags INT NOT NULL,
  • active BOOL,
  • published BOOL DEFAULT 1,
  • content TEXT,
  • PRIMARY KEY(id)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE INDEX domainidindex ON cryptokeys(domain_id);
  • CREATE TABLE tsigkeys (
  • id INT AUTO_INCREMENT,
  • name VARCHAR(255),
  • algorithm VARCHAR(50),
  • secret VARCHAR(255),
  • PRIMARY KEY (id)
  • ) Engine=InnoDB CHARACTER SET 'latin1';
  • CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

建议您还添加以下 MySQL 语句。这些将在表中添加外键约束,以便在从域表中删除域时自动删除记录,密钥材料和其他信息。
这些仅适用于 InnoDB 存储引擎,但是,如果您到目前为止已遵循我们的指南,则正是我们正在使用的引擎。
以下 SQL 可以完成这项工作:

  • mysql> use pdns;
  • ALTER TABLE records ADD CONSTRAINT `records_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
  • ALTER TABLE comments ADD CONSTRAINT `comments_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
  • ALTER TABLE domainmetadata ADD CONSTRAINT `domainmetadata_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
  • ALTER TABLE cryptokeys ADD CONSTRAINT `cryptokeys_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;

4.1 安装 PowerDNS-Admin
官方教程:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7

  • #安装Python3.6 + pip
  • yum install -y https://centos7.iuscommunity.org/ius-release.rpm
  • yum install -y python36u python36u-devel python36u-pip
  • pip3.6 install -U pip
  • pip install -U virtualenv
  • rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
  • # 安装构建Python库所需包
  • 1)如果使用 Centos 默认的 mariadb 5.5 版本,安装如下:
  • yum install -y gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
  • 2)如果使用mariadb 10.x 版本,安装如下:
  • yum install -y gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
  • # 安装 Nodejs 10
  • curl -sL https://rpm.nodesource.com/setup_10.x | bash -
  • curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
  • yum install -y yarn
  • yum install -y python-virtualenv
  • yum install -y gcc-c++ make
  • #创建Python3 virtualenv环境
  • yum install -y git
  • git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
  • cd /opt/web/powerdns-admin
  • virtualenv -p python3 flask
  • #激活Python3环境并安装Python库(后续操作都是基于Python3 环境下操作)
  • source ./flask/bin/activate
  • pip install python-dotenv
  • pip install -r requirements.txt

4.2 修改关于数据库的连接信息
vim /opt/web/powerdns-admin/powerdnsadmin/default_config.py

  • ### DATABASE CONFIG
  • SQLA_DB_USER = 'root'
  • SQLA_DB_PASSWORD = '123456'
  • SQLA_DB_HOST = '127.0.0.1'
  • SQLA_DB_NAME = 'pdns'
  • #导出
  • export FLASK_CONF=../configs/development.py
  • #然后运行以下命令创建数据库模式:
  • export FLASK_APP=powerdnsadmin/__init__.py
  • flask db upgrade
  • yarn install --pure-lockfile
  • flask assets build

删掉关于 debug 字段
vim run.py

  • #!/usr/bin/env python3
  • from powerdnsadmin import create_app
  • if __name__ == '__main__':
  • app = create_app()
  • app.run(host=app.config.get('BIND_ADDRESS', '127.0.0.1'), port=app.config.get('PORT', '9191'))

4.3 开放 WEB 端口

  • firewall-cmd --zone=public --add-port=9191/tcp --permanent
  • firewall-cmd --reload
  • #查看是否生效
  • yum install -y net-tools
  • netstat -lnpt

4.4 启动 PowerDNS-Admin

  • #测试运行 查看输出是否正常
  • cd /opt/web/powerdns-admin/
  • ./run.py
  • #开机自启
  • chmod +x /etc/rc.d/rc.local
  • vim /etc/rc.local
  • source /opt/web/powerdns-admin/flask/bin/activate
  • export FLASK_CONF=/opt/web/powerdns-admin/configs/development.py
  • export FLASK_APP=/opt/web/powerdns-admin/powerdnsadmin/__init__.py
  • /opt/web/powerdns-admin/run.py /opt/web/powerdns-admin/powerdns-admin-log 2>&1 &

4.5 设置 PowerDNS-Admin

访问 http://IP:9191 注册新用户
20200407030833.jpg

  • 首个注册用户会默认加权为管理员

填入 2.2 步骤中设置的 API KEY 等信息
20200407033054.jpg

当与后端 PowerDNS 通讯正常时,可以在控制面板中看到 PowerDNS Uptime
20200407034459.jpg

参考
https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
https://www.cnblogs.com/weavepub/p/11152919.html
https://boke.wsfnk.com/archives/787.html

Archives QR Code
QR Code for this page
Tipping QR Code