文章目录
资源准备:
一个在万网注册的域名:fnkdns.com(作为权威DNS为其他域名提供解析服务)
一个公网服务器:centos系统,要求有公网IP(注意请提前解决无障碍海外访问问题)
一个客户域名:ltcdn.net
DNS服务器软件:powerdns
一套web管理powerdns的程序:powerdns-admin
需求:将ltcdn.net交给ns1.fnkdns.com解析
第一步:在centos7上安装pdns权威服务器软件
#这是各个系统的官方源
https://repo.powerdns.com/
#这是powerdns的官方手册
https://doc.powerdns.com/authoritative/
#centos7安装powerdns官方源
yum install epel-release yum-plugin-priorities
curl -o /etc/yum.repos.d/powerdns-auth-master.repo https://repo.powerdns.com/repo-files/centos-auth-master.repo
yum install pdns -y
yum install pdns-backend-mysql.x86_64 -y
#修改powerdns配置文件,备份原生配置文件
cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak
#修改权限,不然后面pdns无法启动
chown pdns. /etc/pdns/pdns.conf
#将下面的内容写到 配置文件中(注意要开启api,并设置api-key后面需要用到,api的地址就是 http://ip:8081)
cat /etc/pdns/pdns.conf
launch=gmysql
gmysql-host=127.0.0.1
gmysql-user=root
gmysql-dbname=pdns
gmysql-password=123456
api=yes
api-key=changeme
webserver=yes
#启动pdns(他的日志在message中)
systemctl start pdns
systemctl enable pdns
第二:创建powerdns的数据库pdns,并进行初始化
(这里直接用的mysql的root,没有新给数据库创建用户,请担待)
yum install mariadb-server mariadb -y
#配置mariadb的字符集为utf-8(将这一行加入到my.cnf的mysqld中)
character-set-server=utf8
#启动数据库
systemctl start mariadb
systemctl enable mariadb
#初始化数据库
mysql_secure_installation
#创建数据库pdns
mysql -u root -p
mysql > create database pdns;
#初始化pdns数据库(使用足够的数据库权限,将如下的语句写入pdns数据库种,当你的mariadb是5.5版本,请键入如下内容)
mysql > use pdns;
CREATE TABLE domains (
id INT AUTO_INCREMENT,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT UNSIGNED DEFAULT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id BIGINT AUTO_INCREMENT,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(10) DEFAULT NULL,
content VARCHAR(64000) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
disabled TINYINT(1) DEFAULT 0,
ordername VARCHAR(255) BINARY DEFAULT NULL,
auth TINYINT(1) DEFAULT 1,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);
CREATE TABLE supermasters (
ip VARCHAR(64) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
PRIMARY KEY (ip, nameserver)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE TABLE comments (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
name VARCHAR(255) NOT NULL,
type VARCHAR(10) NOT NULL,
modified_at INT NOT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
comment TEXT CHARACTER SET 'utf8' NOT NULL,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
CREATE TABLE domainmetadata (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
kind VARCHAR(32),
content TEXT,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
CREATE TABLE cryptokeys (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
flags INT NOT NULL,
active BOOL,
published BOOL DEFAULT 1,
content TEXT,
PRIMARY KEY(id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX domainidindex ON cryptokeys(domain_id);
CREATE TABLE tsigkeys (
id INT AUTO_INCREMENT,
name VARCHAR(255),
algorithm VARCHAR(50),
secret VARCHAR(255),
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
#我们建议您还添加以下MySQL语句。这些将在表中添加外键约束,以便在从域表中删除域时自动删除记录,密钥材料和其他信息。
#这些仅适用于InnoDB存储引擎,但是,如果您到目前为止已遵循我们的指南,则正是我们正在使用的引擎。
#以下SQL可以完成这项工作:
mysql> use pdns;
ALTER TABLE records ADD CONSTRAINT `records_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE comments ADD CONSTRAINT `comments_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE domainmetadata ADD CONSTRAINT `domainmetadata_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE cryptokeys ADD CONSTRAINT `cryptokeys_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
第三:安装powerdns-admin
(注意哦,大陆网络可能有问题的,基本是不能正常安装,请解决访问国外网站后进行安装)
#官方教程:
https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7
#安装python3.6 + pip
yum install -y https://centos7.iuscommunity.org/ius-release.rpm
yum install -y python36u python36u-devel python36u-pip
pip3.6 install -U pip
pip install -U virtualenv
rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6 /usr/bin/python3
# 安装构建python库所需包
1)如果使用 Centos 默认的 mariadb 5.5 版本,安装如下:
yum install gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
2)如果使用mariadb 10.x 版本,安装如下:
yum install gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel
# 安装 Nodejs 10
curl -sL https://rpm.nodesource.com/setup_10.x | bash -
curl -sL https://dl.yarnpkg.com/rpm/yarn.repo -o /etc/yum.repos.d/yarn.repo
yum install -y yarn
yum install -y python-virtualenv
yum install gcc-c++ make
#创建python3 virtualenv环境
yum install -y git
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
virtualenv -p python3 flask
#激活 python3 环境并安装python库(后续操作都是基于python3 环境下操作)
source ./flask/bin/activate
pip install python-dotenv
pip install -r requirements.txt #(注意这里面安装mysqlclient会失败) 解决办法:https://blog.csdn.net/u012751272/article/details/88338122
#修改里面关于mysql的连接信息(数据库名,用户,密码等)
#注意:默认配置文件位于./powerdnsadmin/default_config.py。如果要加载另一个,请设置FLASK_CONF环境变量。例如
cd /opt/web/powerdns-admin
vi ./powerdnsadmin/default_config.py
import os
basedir = os.path.abspath(os.path.abspath(os.path.dirname(__file__)))
### BASIC APP CONFIG
SALT = '$2b$12$yLUMTIfl21FKJQpTkRQXCu'
SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
BIND_ADDRESS = '0.0.0.0'
PORT = 9191
HSTS_ENABLED = False
### DATABASE CONFIG
SQLA_DB_USER = 'root'
SQLA_DB_PASSWORD = '123456'
SQLA_DB_HOST = '127.0.0.1'
SQLA_DB_NAME = 'pdns'
SQLALCHEMY_TRACK_MODIFICATIONS = True
### DATBASE - MySQL
SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+'/'+SQLA_DB_NAME
### DATABSE - SQLite
# SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
# SAML Authnetication
SAML_ENABLED = False
#导出
export FLASK_CONF=../configs/development.py
#然后运行以下命令创建数据库模式:
export FLASK_APP=powerdnsadmin/__init__.py
flask db upgrade
yarn install --pure-lockfile
flask assets build #要是这一步失败,有可能是没有修改这个文件./powerdnsadmin/default_config.py
#修改run.py,去掉关于debug字段,就是把内容换成下面的,运行即可启动powerdns-admin,访问地址http://ip:9191
cat ./run.py
#!/usr/bin/env python3
from powerdnsadmin import create_app
if __name__ == '__main__':
app = create_app()
app.run(host=app.config.get('BIND_ADDRESS', '127.0.0.1'), port=app.config.get('PORT', '9191'))
第四:修改配置文件,实现开机启动
#运行启动powerdns-admin
./run.py
#完善开机脚本
cat /etc/rc.local
source ./opt/web/powerdns-admin/flask/bin/activate
export FLASK_CONF=/opt/web/powerdns-admin/configs/development.py
export FLASK_APP=/opt/web/powerdns-admin/powerdnsadmin/__init__.py
/opt/web/powerdns-admin/run.py /opt/web/powerdns-admin/powerdns-admin-log 2>&1 &
第五:在powerdns-admin 配置解析
A:为fnkdns.com设置自定义dns host ,并为fnkdns.com设置 授权解析
B:为ltcdn.net设置授权解析(这个没有截图,因为很简单,只需要在域名服务商那里把dns修改为ns1.fnkdns.com,ns2.fnkdns.com)
C:注册 powerdns-admin ,并登录,并设置与pdns的通信问题,api ,key,version
D:为fnkdns.com在powerdns上配置自解析,需要对ns记录指定A记录
E:为ltcdn.net设置www解析
F:多点解析验证
如果文章对你有帮助,欢迎点击上方按钮打赏作者
暂无评论