User Tools

Site Tools


kiviak-install
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


kiviak-install [2015-02-07 20:55:28] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Installation ======
 +
 +Install Bind, webserver with PHP and MySQL. For example on Debian:
 +
 +<code>lighttpd php5-cgi mysql-server php5-mysql bind9</code>
 +
 +===== DNS =====
 +
 +Convince someone to forward a NS subdomain to you. For example:
 +<code>
 +dyn     IN       your.ip.address
 +d       IN   NS    dyn
 +</code>
 +
 +===== Configure Bind =====
 +
 +You need to configure a zone. If you don't have any, you can use example config files
 +
 +  * named.conf.local - zone inclusion
 +  * zones.foo.master - zone specification
 +  * d.brmlab.cz - example zone (of course change it to your needs)
 +
 +After configuration, your nameserver should be able to respond to "A ahoj.d.brmlab.cz." query.
 +
 +We need to generate a user key that we will sign the updates with (with this you can also securely update a remote DNS server).
 +
 +<code>dnssec-keygen -a HMAC-SHA1 -b 160 -n USER some.email.address.</code>
 +
 +Two files are generated, K*key and K*private. Take the key from the *key one and put it to zone declaration (zones.foo.master in our case)
 +
 +===== Configure dynamic updater =====
 +
 +Put scripts from the shell/ directory somewhere. Edit config.sh.
 +
 +Try update with <code>echo test a 9.10.11.12 | bash -x bind_update.sh</code>. You should be then able to resolve "A test.your.domain." to 9.10.11.12.
 +
 +On Debian I had a problem that the /etc/bind directory was not owned by the user under which bind is running, so bind was unable to perform the update
 +
 +===== Some security =====
 +
 +The key should not be world-readable. You can create a separate user, chown & chmod 600 the key and all the scripts and then use the example sudoers file to run the update under that user.
 +
 +===== Web frontend =====
 +
 +Create a MySQL database. I use [[http://www.adminer.org/|Adminer]] GUI, but if you want to go with the command line, it will be something like this
 +<code>
 +CREATE DATABASE `kiviak`;
 +
 +CREATE USER 'kiviak'@'localhost' IDENTIFIED BY PASSWORD 'XXXYYY';
 +GRANT ALL PRIVILEGES ON `kiviak`.* TO 'kiviak'@'localhost';
 +</code>
 +Then execute schema.sql to create the table.
 +
 +Point your webserver to files in web/ folder. These files don't have to be writable by the webserver.
 +
 +Edit config.php to reflect your environment.
 +
 +Enjoy.
 +
 +===== Misc. =====
 +
 +The delete.php script deletes hostnames that have not been updated for more than a month. You can add it to your crontab.
  
kiviak-install.txt · Last modified: by 127.0.0.1

Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki