Table of Contents
Installation
Install Bind, webserver with PHP and MySQL. For example on Debian:
lighttpd php5-cgi mysql-server php5-mysql bind9
DNS
Convince someone to forward a NS subdomain to you. For example:
dyn IN A your.ip.address d IN NS dyn
Configure Bind
You need to configure a zone. If you don't have any, you can use example config files
- named.conf.local - zone inclusion
- zones.foo.master - zone specification
- d.brmlab.cz - example zone (of course change it to your needs)
After configuration, your nameserver should be able to respond to “A ahoj.d.brmlab.cz.” query.
We need to generate a user key that we will sign the updates with (with this you can also securely update a remote DNS server).
dnssec-keygen -a HMAC-SHA1 -b 160 -n USER some.email.address.
Two files are generated, K*key and K*private. Take the key from the *key one and put it to zone declaration (zones.foo.master in our case)
Configure dynamic updater
Put scripts from the shell/ directory somewhere. Edit config.sh.
Try update with
echo test a 9.10.11.12 | bash -x bind_update.sh
. You should be then able to resolve “A test.your.domain.” to 9.10.11.12.
On Debian I had a problem that the /etc/bind directory was not owned by the user under which bind is running, so bind was unable to perform the update
Some security
The key should not be world-readable. You can create a separate user, chown & chmod 600 the key and all the scripts and then use the example sudoers file to run the update under that user.
Web frontend
Create a MySQL database. I use Adminer GUI, but if you want to go with the command line, it will be something like this
CREATE DATABASE `kiviak`; CREATE USER 'kiviak'@'localhost' IDENTIFIED BY PASSWORD 'XXXYYY'; GRANT ALL PRIVILEGES ON `kiviak`.* TO 'kiviak'@'localhost';
Then execute schema.sql to create the table.
Point your webserver to files in web/ folder. These files don't have to be writable by the webserver.
Edit config.php to reflect your environment.
Enjoy.
Misc.
The delete.php script deletes hostnames that have not been updated for more than a month. You can add it to your crontab.