defect.ch - Wiki

User Tools

Site Tools

You are here: defect.ch - Wiki » Operating Systems » Linux » PowerDNS via Apache2 with PostgreSQL on Debian and PowerDNS-Admin
os:linux:powerdns_apache_postgresql_debian

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
os:linux:powerdns_apache_postgresql_debian [2021-02-07 14:15] – [Setup PowerDNS-Admin from GitHub] correct salt generation, better secret key generation Manuel Freios:linux:powerdns_apache_postgresql_debian [2024-02-05 20:54] (current) – postgres is no longer a valid option, use postgresql instead Manuel Frei
Line 46: Line 46:
 </code> </code>
  
-Create the user u_powerdns and the database db_powerdns. Change the example password with your own generated one (eg. [[https://strongpasswordgenerator.com/]]).+Create the user u_powerdns and the database db_powerdns. Change the example password with your own generated one (eg. [[https://pwgen.ch/]]).
 <code sql> <code sql>
 CREATE USER u_powerdns WITH PASSWORD 'iC0iB9kQ5hR4oG5uW2nD2nV0gK6vN2eSoM2eI8kT0gA9rF2pS3wW7mO4sJ4aT5tN'; CREATE USER u_powerdns WITH PASSWORD 'iC0iB9kQ5hR4oG5uW2nD2nV0gK6vN2eSoM2eI8kT0gA9rF2pS3wW7mO4sJ4aT5tN';
Line 84: Line 84:
 </code> </code>
  
-Replace the database password with the one you generated before. [[https://strongpasswordgenerator.com/|Generate]] your own API key (used for PowerDNS-Admin). Change the other settings according to your needs.+Replace the database password with the one you generated before. [[https://pwgen.ch/|Generate]] your own API key (used for PowerDNS-Admin). Change the other settings according to your needs.
 <code ini pdns.conf> <code ini pdns.conf>
 # https://doc.powerdns.com/authoritative/settings.html # https://doc.powerdns.com/authoritative/settings.html
Line 157: Line 157:
  
 <code> <code>
-curl -sL https://deb.nodesource.com/setup_14.x | bash -+curl -fsSL https://deb.nodesource.com/setup_20.x | bash - &&\
 apt install -y nodejs apt install -y nodejs
 </code> </code>
Line 187: Line 187:
 This requirements are expected by this python libraries: This requirements are expected by this python libraries:
   * python-ldap: build-essential python3-dev libldap2-dev libsasl2-dev slapd ldap-utils tox lcov valgrind   * python-ldap: build-essential python3-dev libldap2-dev libsasl2-dev slapd ldap-utils tox lcov valgrind
-  * mysqlclientlibmariadbclient-dev:+  * SQLAlchemy: mysqlclientlibmariadbclient-dev 
  
 Create the config file  /opt/python/powerdns-admin/app/configs/config.py. Create the config file  /opt/python/powerdns-admin/app/configs/config.py.
Line 196: Line 197:
 Generate new values for the variables SALT and SECRET_KEY (32 chars). Generate new values for the variables SALT and SECRET_KEY (32 chars).
  
-Generate a new salt:+Generate a new salt
 +<code bash> 
 +/opt/python/powerdns-admin/venv/bin/python3 -c 'import bcrypt; print(bcrypt.gensalt().decode("utf-8"))' 
 +</code> 
 +Example.
 <code bash> <code bash>
 # /opt/python/powerdns-admin/venv/bin/python3 -c 'import bcrypt; print(bcrypt.gensalt().decode("utf-8"))' # /opt/python/powerdns-admin/venv/bin/python3 -c 'import bcrypt; print(bcrypt.gensalt().decode("utf-8"))'
Line 204: Line 209:
 Generate a new secret key: Generate a new secret key:
 <code bash> <code bash>
-tr -dc _A-Z-a-z-0-9 </dev/urandom| head -c${1:-32}; echo;+tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32; echo; 
 +</code> 
 +<code bash> 
 +# tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32; echo;
 iz7g4zpfvbnK_eb0lWZeFEuXn5UV93Yz iz7g4zpfvbnK_eb0lWZeFEuXn5UV93Yz
 </code> </code>
Line 224: Line 232:
  
 ### DATABASE CONFIG ### DATABASE CONFIG
-SQLA_DB_DRIVER = "postgres" # mysql, postgres+SQLA_DB_DRIVER = "postgresql" # mysql, postgresql
 SQLA_DB_USER = "u_powerdnsadmin" SQLA_DB_USER = "u_powerdnsadmin"
 SQLA_DB_PASSWORD = '' SQLA_DB_PASSWORD = ''
Line 325: Line 333:
 procname-prefix-spaced = %n procname-prefix-spaced = %n
 venv = /opt/python/%n/venv/ venv = /opt/python/%n/venv/
-buffer-size = 65535+buffer-size = 8192
 ;disable-logging = true ;disable-logging = true
 ;log-4xx = true ;log-4xx = true
Line 434: Line 442:
     ProxyPass "/favicon.ico" "!"     ProxyPass "/favicon.ico" "!"
     ProxyPass "/.well-known/" "!"     ProxyPass "/.well-known/" "!"
-    ProxyPass "/" "unix:/run/uwsgi_powerdns-admin/service.sock|uwsgi://localhost/powerdns-admin/"+    ProxyPass "/" "unix:/run/uwsgi_powerdns-admin/service.sock|uwsgi://powerdns-admin/"
  
     ErrorLog ${APACHE_LOG_DIR}/pdnsadmin.example.com-error.log     ErrorLog ${APACHE_LOG_DIR}/pdnsadmin.example.com-error.log
Line 470: Line 478:
     * PDNS API KEY: aF3kD4eJ0hB1uI1jV8vR2yC0eK8lP9mO     * PDNS API KEY: aF3kD4eJ0hB1uI1jV8vR2yC0eK8lP9mO
     * PDNS VERSION: 4.3.1     * PDNS VERSION: 4.3.1
 +
 +==== Python Upgrade Notes  ====
 +
 +If you upgrade Python, for example while you upgrade Debian 10 to Debian 11, you have to update the virtual environment.
 +
 +If you forget this, you can't start the systemd unit an may see an error like this:
 +<code>
 +Oct 18 18:49:14 ns1.example.com uwsgi[731953]: /usr/local/bin/uwsgi: error while loading shared libraries: libpython3.7m.so.1.0: cannot open shared object file: No such file or directory
 +</code>
 +
 +Upgrade your venv.
 +<code>
 +python3 -m venv --upgrade --upgrade-deps /opt/python/powerdns-admin/venv/
 +</code>
 +
 +And start the Systemd unit again.
 +<code>
 +systemctl start uwsgi@powerdns-admin.service
 +</code>
 +
  
 ===== Appendix ===== ===== Appendix =====
  
-If you want to migrate from Bind to PowerDNS, you can find some notes here: [[os:linux:bind_to_powerdns|Bind to PowerDNS]]+  * If you want to migrate from Bind to PowerDNS, you can find some notes here: [[os:linux:bind_to_powerdns|Bind to PowerDNS]] 
 +  * [[os:linux:powerdns-admin_update|How to Update PowerDNS-Admin]]
os/linux/powerdns_apache_postgresql_debian.1612703735.txt.gz · Last modified: 2021-02-07 14:15 by Manuel Frei