- 创建者: 虚拟的现实,上次更新时间:10月 13, 2023 需要 4 分钟阅读时间
一、基础配置
1.1 环境说明
Centos 7.5.1804 PDNS 4.1.1 MariaDB 5.5.6
1.2 关闭防火墙和 selinux
setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config systemctl stop firewalld.service && systemctl disable firewalld.service firewall-cmd --state
二、 安装 MariaDB
2.1 安装 MariaDB
1)更改存储目录
mkdir -p /opt/data/mysql/{data,log}
vim /etc/my.cnf
[mysqld]
datadir=/opt/data/mysql/data
socket=/opt/data/mysql/mysql.sock
[mysqld_safe]
log-error=/opt/data/mysql/log/mariadb.log
pid-file=/opt/data/mysql/mariadb.pid
2)默认安装的版本为5.5
#安装 yum install -y epel-release yum-plugin-priorities yum install -y mariadb-server mariadb #设置目录权限 cd /opt/data/ chown -R mysql.mysql mysql/ #启动 systemctl enable mariadb.service systemctl start mariadb.service
2.2 初始化
1)设置软连接
ln -s /opt/data/mysql/mysql.sock /var/lib/mysql/mysql.sock
因为改动了mysqld的sock的默认目录,但mysql_client、mysql_secure_installation这些都没改,所以做一个软连接。
2)设置root密码
mysql_secure_installation 回车, y, #设置root密码 root密码, 重复root密码, y, #删除匿名登入 y, #禁用root远程登入 y, #删除test库 y #刷新权限
2.3 设置字符集
vim /etc/my.cnf [mysqld] init_connect='SET collation_connection = utf8_unicode_ci' init_connect='SET NAMES utf8' character-set-server=utf8 collation-server=utf8_unicode_ci skip-character-set-client-handshake vim /etc/my.cnf.d/client.cnf [client] default-character-set=utf8 vim /etc/my.cnf.d/mysql-clients.cnf [mysql] default-character-set=utf8
2.4 重启 MariaDB
systemctl restart mariadb
再次登录 MariaDB,查看字符集,发现已是 utf8 了。
mysql -uroot -p show variables like "%character%";show variables like "%collation%"; exit
三、安装 PowerDNS
3.1 安装 PowerDNS
yum install -y pdns pdns-backend-mysql
PowerDNS 的配置文件位于 /etc/pdns/pdns.conf
3.2 新建数据库
mysql -uroot -p CREATE DATABASE powerdns; GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY 'powerdns'; FLUSH PRIVILEGES;
3.3 创建数据库表
use powerdns; CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT DEFAULT NULL, account VARCHAR(40) DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX recordorder ON records (domain_id, ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB; CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) NOT NULL, comment VARCHAR(64000) NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX comments_domain_id_idx ON comments (domain_id); CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB; CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); flush privileges; show databases; show tables; exit
3.4 配置PowerDNS
cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak vim /etc/pdns/pdns.conf #ttl default-ttl=300 # backend launch=gmysql gmysql-host=localhost gmysql-port=3306 gmysql-dbname=powerdns gmysql-user=powerdns gmysql-password=powerdns # pdns API webserver=yes webserver-address=0.0.0.0 webserver-allow-from=0.0.0.0/0 webserver-port=8081 api=yes api-key=wmqpdns api-logfile=/var/log/pdns-api.log # id setgid=pdns setuid=pdns
3.5 开机启动
systemctl enable pdns.service systemctl start pdns.service systemctl status pdns.service
查看8081、53两个端口
netstat -tulnp|grep pdns_server
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 18847/pdns_server tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 18847/pdns_server tcp6 0 0 :::53 :::* LISTEN 18847/pdns_server udp 0 0 0.0.0.0:53 0.0.0.0:* 18847/pdns_server udp6 0 0 :::53 :::* 18847/pdns_server
四、安装PowerDNS-Admin
4.1 安装python3.6 + pip
yum install -y epel-release yum install -y https://centos7.iuscommunity.org/ius-release.rpm yum install -y python36u python36u-devel python36u-pip pip3.6 install -U pip pip install -U virtualenv rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
4.2 安装构建python库所需包
1)如果使用 Centos 默认的 mariadb 5.5 版本,安装如下:
yum install -y gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
2)如果使用mariadb 10.x 版本,安装如下:
yum install gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
4.3 安装 Nodejs 10
curl -sL https://rpm.nodesource.com/setup_10.x | bash - curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo yum install -y yarn
4.4 创建python3 virtualenv环境
yum install -y git git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin cd /opt/web/powerdns-admin virtualenv -p python3 flask
source ./flask/bin/activate pip install python-dotenv pip install -r requirements.txt
下载的包临时存放在 /root/.cache/pip/wheels 目录下。
4.5 创建数据库
mysql -u root -p CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci; GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd'; FLUSH PRIVILEGES; exit
4.6 配置 config.py
cp config_template.py config.py vim config.py #地址改成0.0.0.0 BIND_ADDRESS = '0.0.0.0' # 配置数据库连接信息,库/用户/密码是之前手动创建的,不是pdns数据库 SQLA_DB_USER = 'pdnsadminuser' SQLA_DB_PASSWORD = 'p4ssw0rd' SQLA_DB_HOST = 'localhost' SQLA_DB_NAME = 'powerdnsadmin' # 开启MySQL # DATABASE - MySQL SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+':'+str(SQLA_DB_PORT)+'/'+SQLA_DB_NAME # 注释sqlite # DATABASE - SQLite # SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
4.7 创建表并创建资产文件
1、创建表
export FLASK_APP=app/__init__.py flask db upgrade
报如下错:
Traceback (most recent call last): File "/opt/web/powerdns-admin/flask/bin/flask", line 10, in <module> sys.exit(main()) File "/opt/web/powerdns-admin/flask/lib/python3.6/site-packages/flask/cli.py", line 894, in main cli.main(args=args, prog_name=name) File "/opt/web/powerdns-admin/flask/lib/python3.6/site-packages/flask/cli.py", line 557, in main return super(FlaskGroup, self).main(*args, **kwargs) File "/opt/web/powerdns-admin/flask/lib/python3.6/site-packages/click/core.py", line 696, in main _verify_python3_env() File "/opt/web/powerdns-admin/flask/lib/python3.6/site-packages/click/_unicodefun.py", line 124, in _verify_python3_env ' mitigation steps.' + extra RuntimeError: Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment. Consult https://click.palletsprojects.com/en/7.x/python3/ for mitigation steps. This system lists a couple of UTF-8 supporting locales that you can pick from. The following suitable locales were discovered: en_US.utf8
解决:
export LC_ALL=en_US.utf8
2、创建资产文件
yarn install --pure-lockfile flask assets build
4.8 启动
./run.py
访问PowerDNS-Admin Web界面:http://192.168.159.128:9191
1、先注册用户,第一个用户将处于管理员角色。
2、第一次登录时,将被重定向到设置页面以配置PDNS API信息。
#填入在/etc/pdns/pdns.cof配置的API信息:
PDNS API URL:http://127.0.0.1:8081 PDNS API KEY:wmqpdns
4.9 配置systemd服务
使用systemd管理PowerDNS-Admin
vim /usr/lib/systemd/system/powerdns-admin.service [Unit] Description=PowerDNS-Admin After=network.target [Service] User=root Group=root WorkingDirectory=/opt/web/powerdns-admin ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app [Install] WantedBy=multi-user.target
启动Powerdns-Admin服务并将其设置为在启动时启动:
systemctl daemon-reload systemctl start powerdns-admin systemctl enable powerdns-admin
可以运行systemctl status powerdns-admin命令确认状态是否正在运行,没问题的话会返回相关的成功信息。
systemctl status powerdns-admin
4.10 安装nginx
yum install -y nginx
配置nginx
vim /etc/nginx/conf.d/powerdns-admin.conf
server {
listen *:80;
server_name 192.168.159.128;
index index.html index.htm index.php;
root /opt/web/powerdns-admin;
access_log /var/log/nginx/powerdns-admin.local.access.log combined;
error_log /var/log/nginx/powerdns-admin.local.error.log;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_redirect off;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
proxy_buffer_size 8k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_headers_hash_bucket_size 64;
location ~ ^/static/ {
include /etc/nginx/mime.types;
root /opt/web/powerdns-admin/app;
location ~* \.(jpg|jpeg|png|gif)$ {
expires 365d;
}
location ~* ^.+.(css|js)$ {
expires 7d;
}
}
location / {
proxy_pass http://unix:/opt/web/powerdns-admin/powerdns-admin.sock;
proxy_read_timeout 120;
proxy_connect_timeout 120;
proxy_redirect off;
}
}
启动nginx
nginx -t systemctl restart nginx systemctl enable nginx
浏览器访问 192.168.159.128 即可打开powerdns-admin登入页
导入windows的dns
C:\Windows\System32\dns,把后缀名为.dns的文件拷贝到服务器上
创建脚本vim importdns.sh
#!/bin/bash DOMAINARRAY=`cat /root/meiyijia.com.cn` for domainname in $DOMAINARRAY do echo " " echo "$domainname being imported" zone2sql --zone=$domainname --gmysql --zone-name=$domainname | mysql -D powerdns -upowerdns -pwww.myj123.com echo "$domainname done!" echo " " done exit 0
在服务器把.dns的文件后缀名删除,编辑内容第二行.dns的文字删除后保存文件
执行后即可导入dns
- 无标签
添加评论