Difference between revisions of "Powerdns Install"
Jump to navigation
Jump to search
| (8 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
https://doc.powerdns.com/authoritative/guides/basic-database.html | https://doc.powerdns.com/authoritative/guides/basic-database.html | ||
| + | ``` | ||
sudo -i -u postgres psql -c "CREATE ROLE pdns WITH SUPERUSER CREATEDB CREATEROLE LOGIN ENCRYPTED PASSWORD 'pdns'" | sudo -i -u postgres psql -c "CREATE ROLE pdns WITH SUPERUSER CREATEDB CREATEROLE LOGIN ENCRYPTED PASSWORD 'pdns'" | ||
sudo -i -u postgres createdb -O pdns pdns | sudo -i -u postgres createdb -O pdns pdns | ||
| Line 8: | Line 9: | ||
sudo psql -U pdns -W -h 127.0.0.1 pdns < /root/luadns.sql | sudo psql -U pdns -W -h 127.0.0.1 pdns < /root/luadns.sql | ||
cp -p /usr/share/doc/pdns-backend-pgsql/examples/pdns.local.gpgsql.conf /etc/powerdns/pdns.d/ | cp -p /usr/share/doc/pdns-backend-pgsql/examples/pdns.local.gpgsql.conf /etc/powerdns/pdns.d/ | ||
| − | + | ``` | |
/etc/powerdns/pdns.d/pdns.local.gpgsql.conf | /etc/powerdns/pdns.d/pdns.local.gpgsql.conf | ||
``` | ``` | ||
| + | # PostgreSQL Configuration | ||
| + | # | ||
| + | # Launch gpgsql backend | ||
| + | launch+=gpgsql | ||
| + | |||
| + | # gpgsql parameters | ||
| + | gpgsql-host=127.0.0.1 | ||
| + | gpgsql-port=5432 | ||
| + | gpgsql-dbname=pdns | ||
| + | gpgsql-user=pdns | ||
| + | gpgsql-password=pdns | ||
| + | gpgsql-dnssec=yes | ||
``` | ``` | ||
/etc/powerdns/pdns.conf | /etc/powerdns/pdns.conf | ||
``` | ``` | ||
| + | enable-lua-records=yes | ||
| + | ``` | ||
| + | |||
| + | sql | ||
| + | ``` | ||
| + | mysql> INSERT INTO domains (name, type) values ('example.com', 'NATIVE'); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'example.com','localhost admin.example.com 1 10380 3600 604800 3600','SOA',86400,NULL); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'example.com','dns-us1.powerdns.net','NS',86400,NULL); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'example.com','dns-eu1.powerdns.net','NS',86400,NULL); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'www.example.com','192.0.2.10','A',120,NULL); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'mail.example.com','192.0.2.12','A',120,NULL); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'localhost.example.com','127.0.0.1','A',120,NULL); | ||
| + | INSERT INTO records (domain_id, name, content, type,ttl,prio) | ||
| + | VALUES (1,'example.com','mail.example.com','MX',120,25); | ||
| + | ``` | ||
| + | |||
| + | lua sql https://doc.powerdns.com/authoritative/lua-records/index.html | ||
| + | ``` | ||
| + | INSERT INTO domains (id, name, type) VALUES (1, 'example.com', 'NATIVE'); | ||
| + | |||
| + | -- Enable Lua records for the zone (if not enabled globally) | ||
| + | INSERT INTO domainmetadata (domain_id, kind, content) | ||
| + | VALUES (1, 'ENABLE-LUA-RECORDS', 1); | ||
| + | |||
| + | -- Create a pickClosest() Lua A record. | ||
| + | -- Double single quotes are used to escape single quotes in both MySQL and PostgreSQL | ||
| + | INSERT INTO records (domain_id, name, type, content, ttl) | ||
| + | VALUES ( | ||
| + | 1, | ||
| + | 'pickclosest.example.com', | ||
| + | 'LUA', | ||
| + | 'A "pickclosest({''192.0.2.1'',''192.0.2.2'',''198.51.100.1''})"', | ||
| + | 600 | ||
| + | ); | ||
| + | |||
| + | |||
| + | INSERT INTO records (domain_id, name, type, content, ttl) | ||
| + | VALUES ( | ||
| + | 1, | ||
| + | 'ifurlup.example.com', | ||
| + | 'LUA', | ||
| + | 'A "ifurlup(''https://www.uvoo.io/'', {''x.x.x.z'', ''x.x.x.y''})"', | ||
| + | 600 | ||
| + | ); | ||
| + | |||
| + | ``` | ||
| + | |||
| + | Fail site in bash | ||
| + | ``` | ||
| + | ipaddr=x.x.x.y | ||
| + | iptables -I OUTPUT -o eth0 -p tcp --destination-port 443 -d $ipaddr -j DROP | ||
| + | curl -k --header "Host: www.uvoo.io" https://$ipaddr/ | ||
| + | ``` | ||
| + | |||
| + | test | ||
| + | ``` | ||
| + | $ dig +short www.example.com @127.0.0.1 | ||
| + | 192.0.2.10 | ||
| + | |||
| + | $ dig +short example.com MX @127.0.0.1 | ||
| + | 25 mail.example.com | ||
| + | ``` | ||
| + | |||
| + | db test | ||
| + | ``` | ||
| + | psql -U pdns -h 127.0.0.1 -W pdns | ||
| + | ``` | ||
| + | |||
| + | - https://www.scaleway.com/en/docs/installing-powerdns-server-on-ubuntu-bionic/ | ||
| + | |||
| + | Powerdns install on lxd | ||
| + | ``` | ||
| + | #!/usr/bin/env bash | ||
| + | set -e | ||
| + | # lxc rm -f pdns1 && lxc launch ubuntu:focal pdns1 && sleep 10 && lxc file push install-pdns pdns1//root/install-pdns && lxc exec pdns1 -- /root/install-pdns | ||
| + | |||
| + | |||
| + | function disable_resolved(){ | ||
| + | systemctl stop systemd-resolved | ||
| + | touch /etc/dnsmasq.hosts | ||
| + | systemctl disable systemd-resolved | ||
| + | systemctl mask systemd-resolved | ||
| + | # rm /etc/resolv.conf | true | ||
| + | # sed -i 's/nameserver.*/nameserver 8.8.8.8/' /etc/resolv.conf | ||
| + | echo nameserver 8.8.8.8 > /etc/resolv.conf | ||
| + | } | ||
| + | |||
| + | |||
| + | install_pdns(){ | ||
| + | demo_domain=example.com | ||
| + | listen_port=11053 | ||
| + | echo "deb [arch=amd64] http://repo.powerdns.com/ubuntu focal-auth-master main" > /etc/apt/sources.list.d/pdns.list | ||
| + | |||
| + | echo "Package: pdns-* | ||
| + | Pin: origin repo.powerdns.com | ||
| + | Pin-Priority: 600" > /etc/apt/preferences.d/pdns | ||
| + | |||
| + | curl https://repo.powerdns.com/CBC8B383-pub.asc | sudo apt-key add - && | ||
| + | sudo apt-get update && | ||
| + | sudo apt-get install -y pdns-server pdns-backend-sqlite3 sqlite3 | ||
| + | sudo sqlite3 /var/lib/powerdns/pdns.sqlite3 < /usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql | ||
| + | sudo cp /usr/share/pdns-backend-sqlite3/pdns.local.gsqlite3.conf /etc/powerdns/pdns.d/ | ||
| + | echo "local-port=$listen_port" > /etc/powerdns/pdns.d/custom.conf | ||
| + | sudo systemctl restart pdns | ||
| + | pdnsutil create-zone $demo_domain ns1.$demo_domain | ||
| + | pdnsutil add-record $demo_domain ns1 A 192.168.1.2 | ||
| + | pdnsutil add-record $demo_domain jtest CNAME uvoo.io | ||
| + | pdnsutil list-zone $demo_domain | ||
| + | pdnsutil show-zone $demo_domain | ||
| + | dig DS $demo_domain +short @127.0.0.1 -p $listen_port | ||
| + | dig -p $listen_port @127.0.0.1 jtest.$demo_domain +short | ||
| + | } | ||
| + | |||
| + | |||
| + | install_pdns | ||
``` | ``` | ||
Latest revision as of 20:18, 3 February 2021
https://www.howtoforge.com/how-to-install-powerdns-admin-on-ubuntu-20-04/
https://doc.powerdns.com/authoritative/guides/basic-database.html
sudo -i -u postgres psql -c "CREATE ROLE pdns WITH SUPERUSER CREATEDB CREATEROLE LOGIN ENCRYPTED PASSWORD 'pdns'" sudo -i -u postgres createdb -O pdns pdns sudo psql -U pdns -W -h 127.0.0.1 pdns < /usr/share/pdns-backend-pgsql/schema/schema.pgsql.sql sudo psql -U pdns -W -h 127.0.0.1 pdns < /root/luadns.sql cp -p /usr/share/doc/pdns-backend-pgsql/examples/pdns.local.gpgsql.conf /etc/powerdns/pdns.d/
/etc/powerdns/pdns.d/pdns.local.gpgsql.conf
# PostgreSQL Configuration # # Launch gpgsql backend launch+=gpgsql # gpgsql parameters gpgsql-host=127.0.0.1 gpgsql-port=5432 gpgsql-dbname=pdns gpgsql-user=pdns gpgsql-password=pdns gpgsql-dnssec=yes
/etc/powerdns/pdns.conf
enable-lua-records=yes
sql
mysql> INSERT INTO domains (name, type) values ('example.com', 'NATIVE');
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'example.com','localhost admin.example.com 1 10380 3600 604800 3600','SOA',86400,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'example.com','dns-us1.powerdns.net','NS',86400,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'example.com','dns-eu1.powerdns.net','NS',86400,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'www.example.com','192.0.2.10','A',120,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'mail.example.com','192.0.2.12','A',120,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'localhost.example.com','127.0.0.1','A',120,NULL);
INSERT INTO records (domain_id, name, content, type,ttl,prio)
VALUES (1,'example.com','mail.example.com','MX',120,25);
lua sql https://doc.powerdns.com/authoritative/lua-records/index.html
INSERT INTO domains (id, name, type) VALUES (1, 'example.com', 'NATIVE');
-- Enable Lua records for the zone (if not enabled globally)
INSERT INTO domainmetadata (domain_id, kind, content)
VALUES (1, 'ENABLE-LUA-RECORDS', 1);
-- Create a pickClosest() Lua A record.
-- Double single quotes are used to escape single quotes in both MySQL and PostgreSQL
INSERT INTO records (domain_id, name, type, content, ttl)
VALUES (
1,
'pickclosest.example.com',
'LUA',
'A "pickclosest({''192.0.2.1'',''192.0.2.2'',''198.51.100.1''})"',
600
);
INSERT INTO records (domain_id, name, type, content, ttl)
VALUES (
1,
'ifurlup.example.com',
'LUA',
'A "ifurlup(''https://www.uvoo.io/'', {''x.x.x.z'', ''x.x.x.y''})"',
600
);
Fail site in bash
ipaddr=x.x.x.y iptables -I OUTPUT -o eth0 -p tcp --destination-port 443 -d $ipaddr -j DROP curl -k --header "Host: www.uvoo.io" https://$ipaddr/
test
$ dig +short www.example.com @127.0.0.1 192.0.2.10 $ dig +short example.com MX @127.0.0.1 25 mail.example.com
db test
psql -U pdns -h 127.0.0.1 -W pdns
Powerdns install on lxd
#!/usr/bin/env bash
set -e
# lxc rm -f pdns1 && lxc launch ubuntu:focal pdns1 && sleep 10 && lxc file push install-pdns pdns1//root/install-pdns && lxc exec pdns1 -- /root/install-pdns
function disable_resolved(){
systemctl stop systemd-resolved
touch /etc/dnsmasq.hosts
systemctl disable systemd-resolved
systemctl mask systemd-resolved
# rm /etc/resolv.conf | true
# sed -i 's/nameserver.*/nameserver 8.8.8.8/' /etc/resolv.conf
echo nameserver 8.8.8.8 > /etc/resolv.conf
}
install_pdns(){
demo_domain=example.com
listen_port=11053
echo "deb [arch=amd64] http://repo.powerdns.com/ubuntu focal-auth-master main" > /etc/apt/sources.list.d/pdns.list
echo "Package: pdns-*
Pin: origin repo.powerdns.com
Pin-Priority: 600" > /etc/apt/preferences.d/pdns
curl https://repo.powerdns.com/CBC8B383-pub.asc | sudo apt-key add - &&
sudo apt-get update &&
sudo apt-get install -y pdns-server pdns-backend-sqlite3 sqlite3
sudo sqlite3 /var/lib/powerdns/pdns.sqlite3 < /usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql
sudo cp /usr/share/pdns-backend-sqlite3/pdns.local.gsqlite3.conf /etc/powerdns/pdns.d/
echo "local-port=$listen_port" > /etc/powerdns/pdns.d/custom.conf
sudo systemctl restart pdns
pdnsutil create-zone $demo_domain ns1.$demo_domain
pdnsutil add-record $demo_domain ns1 A 192.168.1.2
pdnsutil add-record $demo_domain jtest CNAME uvoo.io
pdnsutil list-zone $demo_domain
pdnsutil show-zone $demo_domain
dig DS $demo_domain +short @127.0.0.1 -p $listen_port
dig -p $listen_port @127.0.0.1 jtest.$demo_domain +short
}
install_pdns