MENU

自建 DNS 解析利器:PowerDNS+PowerDNS-Admin

April 7, 2020 • Read: 434 • Linux阅读设置

1.1 系统环境

Centos7.7.1908
PowerDNS 4.4.0
MariaDB 10.4

PowerDNS官方源 https://repo.powerdns.com/
PowerDNS文档 https://doc.powerdns.com/authoritative/

2.1 安装PowerDNS

#添加PowerDNS官方源
yum install -y epel-release yum-plugin-priorities
curl -o /etc/yum.repos.d/powerdns-auth-master.repo https://repo.powerdns.com/repo-files/centos-auth-master.repo

yum install -y pdns pdns-backend-mysql.x86_64

#修改前备份配置文件
cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak

#赋予权限,否则PowerDNS无法启动
chown pdns. /etc/pdns/pdns.conf

2.2 修改配置文件,添加以下内容

vim /etc/pdns/pdns.conf

launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=root
gmysql-dbname=pdns
gmysql-password=123456
api=yes
api-key=123456
webserver=yes

# ttl
default-ttl=300

2.3 启动PowerDNS(日志在message中)

systemctl start pdns
systemctl enable pdns
systemctl status pdns.service

2.4 开放DNS服务端口

firewall-cmd --zone=public --add-port=53/tcp --permanent
firewall-cmd --zone=public --add-port=53/udp --permanent
firewall-cmd --reload

3.1 安装MariaDB10.4

Centos7仓库最新版5.5,需要手动添加新版10.4到仓库。
vim /etc/yum.repos.d/Mariadb.repo

# MariaDB 10.4 CentOS repository list - created 2020-04-06 18:11 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.4/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
yum clean all
yum makecache all
yum install -y mariadb-server mariadb

3.2 添加以下内容,配置MariaDB的字符集为UTF-8

vim /etc/my.cnf
[mysqld]
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
vim /etc/my.cnf.d/client.cnf
[client]
default-character-set=utf8
vim /etc/my.cnf.d/mysql-clients.cnf
[mysql]
default-character-set=utf8

3.3 启动MariaDB

systemctl start mariadb 
systemctl enable mariadb
systemctl status mariadb

3.4 初始化MariaDB

mysql_secure_installation
回车,
N,
Y,          #设置root密码
root密码,
重复root密码,
Y,          #删除匿名登入
Y,          #禁用root远程登入
Y,          #删除test库
Y,          #刷新权限

3.5 初始化PowerDNS数据库

mysql -u root -p
#先确认已设置UTF-8编码
mysql >  show variables like "%character%";
mysql >  create database pdns;
mysql >  use pdns;

CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT UNSIGNED DEFAULT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE UNIQUE INDEX name_index ON domains(name);

CREATE TABLE records (
  id                    BIGINT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);

CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (ip, nameserver)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE TABLE comments (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  name                  VARCHAR(255) NOT NULL,
  type                  VARCHAR(10) NOT NULL,
  modified_at           INT NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  comment               TEXT CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);

CREATE TABLE domainmetadata (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  kind                  VARCHAR(32),
  content               TEXT,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);

CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  published             BOOL DEFAULT 1,
  content               TEXT,
  PRIMARY KEY(id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX domainidindex ON cryptokeys(domain_id);

CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

建议您还添加以下MySQL语句。这些将在表中添加外键约束,以便在从域表中删除域时自动删除记录,密钥材料和其他信息。
这些仅适用于InnoDB存储引擎,但是,如果您到目前为止已遵循我们的指南,则正是我们正在使用的引擎。
以下SQL可以完成这项工作:

mysql> use pdns;

ALTER TABLE records ADD CONSTRAINT `records_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE comments ADD CONSTRAINT `comments_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE domainmetadata ADD CONSTRAINT `domainmetadata_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE cryptokeys ADD CONSTRAINT `cryptokeys_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;

4.1 安装PowerDNS-Admin
官方教程:https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7

#安装Python3.6 + pip
yum install -y https://centos7.iuscommunity.org/ius-release.rpm
yum install -y python36u python36u-devel python36u-pip
pip3.6 install -U pip
pip install -U virtualenv
rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3

# 安装构建Python库所需包
1)如果使用 Centos 默认的 mariadb 5.5 版本,安装如下:
yum install -y gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel

2)如果使用mariadb 10.x 版本,安装如下:
yum install -y gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel

# 安装 Nodejs 10
curl -sL https://rpm.nodesource.com/setup_10.x | bash -
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
yum install -y yarn
yum install -y python-virtualenv
yum install -y gcc-c++ make

#创建Python3 virtualenv环境
yum install -y git
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
virtualenv -p python3 flask

#激活Python3环境并安装Python库(后续操作都是基于Python3 环境下操作)
source ./flask/bin/activate
pip install python-dotenv
pip install -r requirements.txt

4.2 修改关于数据库的连接信息
vim /opt/web/powerdns-admin/powerdnsadmin/default_config.py


### DATABASE CONFIG
SQLA_DB_USER = 'root'
SQLA_DB_PASSWORD = '123456'
SQLA_DB_HOST = '127.0.0.1'
SQLA_DB_NAME = 'pdns'
#导出
export FLASK_CONF=../configs/development.py
#然后运行以下命令创建数据库模式:
export FLASK_APP=powerdnsadmin/__init__.py
flask db upgrade
yarn install --pure-lockfile
flask assets build

删掉关于debug字段
vim run.py

#!/usr/bin/env python3
from powerdnsadmin import create_app

if __name__ == '__main__':
    app = create_app()
    app.run(host=app.config.get('BIND_ADDRESS', '127.0.0.1'), port=app.config.get('PORT', '9191'))

4.3 开放WEB端口

firewall-cmd --zone=public --add-port=9191/tcp --permanent
firewall-cmd --reload
#查看是否生效
yum install -y net-tools
netstat -lnpt

4.4 启动PowerDNS-Admin

#测试运行 查看输出是否正常
cd /opt/web/powerdns-admin/
./run.py
#开机自启
chmod +x /etc/rc.d/rc.local
vim /etc/rc.local
source /opt/web/powerdns-admin/flask/bin/activate
export FLASK_CONF=/opt/web/powerdns-admin/configs/development.py
export FLASK_APP=/opt/web/powerdns-admin/powerdnsadmin/__init__.py
/opt/web/powerdns-admin/run.py /opt/web/powerdns-admin/powerdns-admin-log 2>&1 &

4.5 设置PowerDNS-Admin

访问http://IP:9191 注册新用户
20200407030833.jpg

  • 首个注册用户会默认加权为管理员

填入2.2步骤中设置的API KEY等信息
20200407033054.jpg

当与后端PowerDNS通讯正常时,可以在控制面板中看到PowerDNS Uptime
20200407034459.jpg

参考
https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
https://www.cnblogs.com/weavepub/p/11152919.html
https://boke.wsfnk.com/archives/787.html

Archives QR Code
QR Code for this page
Tipping QR Code