ぶやかー

このページをシェア

PowerDNS Admin - ぶやかー 

sudo apt install nginx python3-dev python3-venv git libmysqlclient-dev libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https build-essential curl

nodejs

curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
sudo apt install -y nodejs
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install -y yarn

git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git powerdns-admin
cd powerdns-admin
python3 -m venv venv
source ./venv/bin/activate
python -m pip install -U pip wheel setuptools
python -m pip install -r requirements.txt
perl -pe "s/#import urllib.parse/import urllib.parse/;s/SQLA_DB_USER = 'pda'/SQLA_DB_USER = 'pdns'/;s/SQLA_DB_PASSWORD = 'changeme'/SQLA_DB_PASSWORD = 'pdns'/;s/SQLA_DB_NAME = 'pda'/SQLA_DB_NAME = 'pdns'/;" configs/development.py > configs/production.py
diff configs/development.py configs/production.py

SECRET_KEYをURLエンコードに変えないといけないらしい。エラーが出る。なぜ?

SECRET_KEY = '\x19\xc7\xd8\xa7$\xb6P*\xc6\xb8\xa1E\x90P\x12\x95'

export FLASK_CONF=../configs/production.py
export FLASK_APP=powerdnsadmin/__init__.py
flask db upgrade
yarn install --pure-lockfile
flask assets build
./run.py

createで最初に作成したアカウントが管理者アカウントになる

sudo mv powerdns-admin /opt/web/.

cat << 'EOF' | sudo tee /etc/systemd/system/powerdns-admin.service
[Unit]
Description=PowerDNS-Admin
Requires=powerdns-admin.socket
After=network.target

[Service]
User=root
Group=root
PIDFile=/run/powerdns-admin/pid
WorkingDirectory=/opt/web/powerdns-admin
ExecStartPre=/bin/bash -c '$$(mkdir -p /run/powerdns-admin/)'
ExecStart=/opt/web/powerdns-admin/venv/bin/gunicorn --pid /run/powerdns-admin/pid --bind unix:/run/powerdns-admin/socket 'powerdnsadmin:create_app()'
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF

sudo systemctl edit --force powerdns-admin.service

Edit画面で以下2行を追加

[Service]
Environment="FLASK_CONF=../configs/production.py"

こんな感じ

### Editing /etc/systemd/system/powerdns-admin.service.d/override.conf
### Anything between here and the comment below will become the new contents of the file
[Service]
Environment="FLASK_CONF=../configs/production.py"

socket

cat << EOF | sudo tee /etc/systemd/system/powerdns-admin.socket
[Unit]
Description=PowerDNS-Admin socket

[Socket]
ListenStream=/run/powerdns-admin/socket

[Install]
WantedBy=sockets.target

EOF

cat << EOF | sudo tee /etc/tmpfiles.d/powerdns-admin.conf
d /run/powerdns-admin 0755 pdns pdns -
EOF

sudo systemctl daemon-reload
sudo systemctl start powerdns-admin.service powerdns-admin.socket

cat << 'EOF' | sudo tee /etc/nginx/sites-available/powerdns
server {
  listen *:80;
  server_name               localhost;

  index                     index.html index.htm index.php;
  root                      /opt/web/powerdns-admin;
  access_log                /var/log/nginx/powerdns-admin.local.access.log combined;
  error_log                 /var/log/nginx/powerdns-admin.local.error.log;

  client_max_body_size              10m;
  client_body_buffer_size           128k;
  proxy_redirect                    off;
  proxy_connect_timeout             90;
  proxy_send_timeout                90;
  proxy_read_timeout                90;
  proxy_buffers                     32 4k;
  proxy_buffer_size                 8k;
  proxy_set_header                  Host $host;
  proxy_set_header                  X-Real-IP $remote_addr;
  proxy_set_header                  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_headers_hash_bucket_size    64;

  location ~ ^/static/  {
    include  /etc/nginx/mime.types;
    root /opt/web/powerdns-admin/powerdnsadmin;

    location ~*  \.(jpg|jpeg|png|gif)$ {
      expires 365d;
    }

    location ~* ^.+.(css|js)$ {
      expires 7d;
    }
  }

  location / {
    proxy_pass            http://unix:/run/powerdns-admin/socket;
    proxy_read_timeout    120;
    proxy_connect_timeout 120;
    proxy_redirect        off;
  }

}
EOF
sudo nginx -t

sudo rm /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/powerdns /etc/nginx/sites-enabled/.
sudo chown -R www-data. /opt/web/powerdns-admin
sudo systemctl restart powerdns-admin.service powerdns-admin.socket
sudo systemctl restart nginx
目次 Outline

API

login web
API Keys > Add Key+
– Role: Administrator > Crate Key
* Copy API Key from Pop up [Your API Key] and confirm
– bWFJZzl4TDgzd1NCMnhn

sudo vi /etc/powerdns/pdns.conf

api=yes
api-key=bWFJZzl4TDgzd1NCMnhn
webserver=yes

sudo systemctl restart pdns pdns-recursor

この記事を書いた人 Wrote this article

kmatsunuma

著者記事一覧

関連記事 Related articles

TOP