PDNS Manager on Debian 9

16 Feb

Start with basic install of Debian (I used 9.9.X) – no packages and simply replace “password” with your mysql password, and nsX.domain.tld with your actual domain name (name server).

Install OpenSSH Server:

apt-get install openssh-server

Allow root to SSH into machine:

nano /etc/ssh/sshd_config
allow root logins = yes

If using Proxmox let’s install QEMU:

apt-get install qemu-guest-agent

If using ESXi:

apt-get install open-vm-tools

I like to install a few other tools:

apt-get install htop vnstat net-tools ntp locate apt-transport-https

If using ESXi:

echo blacklist i2c_piix4 >> /etc/modprobe.d/blacklist.conf
update-initramfs -u -k all

If using Proxmox we need another package:

apt-get install lsb-release
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php7.3.list

Let’s update our sources:

apt-get update

Now to install some web requirements:

apt-get install apache2 mariadb-server php7.3 php7.3-mysql php7.3 php7.3-json php-apcu

Configure the database:

mysql_secure_installation

Create the directory web access files will reside:

mkdir -p /var/vhosts/nsX.domain.tld/

Let’s download the latest release:

cd /tmp
wget https://dl.pdnsmanager.org/pdnsmanager-2.0.1.tar.gz
tar xzf pdnsmanager-2.0.1.tar.gz
cd pdnsmanager-2.0.1
cp -R * /var/vhosts/nsX.domain.tld/

Create an Apache configuration file:

nano /etc/apache2/sites-available/nsX.domain.tld.conf
<VirtualHost 0.0.0.0:80>
ServerAdmin email@emailaddress.com
ServerName nsX.domain.tld
DocumentRoot "/var/vhosts/nsX.domain.tld/frontend"
Require all granted
RewriteEngine On
RewriteRule ^index.html$ - [L]
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-d
RewriteRule !^/api/.* /index.html [L]
Alias /api /var/vhosts/nsX.domain.tld/backend/public
<Directory /var/vhosts/nsX.domain.tld/backend/public>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]

Assign ownership:

chown -R www-data:www-data /var/vhosts

Enable the required Apache modules:

a2enmod rewrite

Enable the configuration and start restart Apache:

a2ensite nxX.domain.tld
service apache2 restart

Now we need to create a database:

mysql -u root -p
CREATE DATABASE pdns;
GRANT ALL PRIVILEGES ON pdns.* To 'pdns'@'%' IDENTIFIED BY 'password';
quit;

Complete the setup via a browser:

http://ip-address/setup

Install the DNS server:

apt-get install pdns-server pdns-backend-mysql
select >>> NO

Copy the configuration file:

cp /etc/powerdns/pdns.conf /etc/powerdns/pdns.conf.original

Remove the configuration file:

rm /etc/powerdns/pdns.conf

Create a new configuration file:

nano /etc/powerdns/pdns.conf
allow-axfr-ips=
allow-recursion=127.0.0.1
config-dir=/etc/powerdns
daemon=yes
disable-axfr=no
guardian=yes
local-address=0.0.0.0
local-port=53
master=yes
slave=yes
module-dir=/usr/lib/x86_64-linux-gnu/pdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
include-dir=/etc/powerdns/pdns.d

Make a copy of the configuration file:

cp /etc/powerdns/pdns.d/bind.conf /etc/powerdns/pdns.d/bind.conf.original
rm /etc/powerdns/pdns.d/bind.conf

Make a copy of the configuration file:

cp /etc/powerdns/pdns.d/pdns.local.gmysql.conf /etc/powerdns/pdns.d/pdns.local.gmysql.original
rm /etc/powerdns/pdns.d/pdns.local.gmysql.conf
nano /etc/powerdns/pdns.d/pdns.local.gmysql.conf
launch=gmysql
gmysql-host=localhost
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=pdns
gmysql-password=password
gmysql-dnssec=no

Let’s restart the service:

service pdns restart

Finally, doublecheck the hostname is correct:

hostnamectl set-hostname nsX.domain.tld

PDNS Manager has very poor error parsing / checking. It will allow you to create records with spaces and other non-standard characters. It’s always best to run pdnsutil to check all zones via the console:

pdnsutil check-all-zones -v

Leave a Reply

Your email address will not be published. Required fields are marked *