Péter Szládovics / smbind-ng · Files

INSTALL.md 2.42 KB

SMBind-ng Installation Guide

Requirements

  • Any kind of webserver with php usage abilities (tested on apache2, lighttpd, nginx)
  • php interpreter (5.3 or greater - tested on 5.3)
  • php modules
    • mdb2
    • mdb2 sql drivers (tested on mysql)
    • cgi
  • smarty (version 2 or newer - tested on v2 and v3)
  • bind (9.3 or newer for dnssec abilities)
  • dnssec-tools (optional for securing dns zones)
  • acl (optional for securing dns zones)
  • SQL server (tested on MySQL)

Installation

Bind

Set up your bind, and configure it to access other masters and enable zone transfer for its slaves.

SMBind-ng PHP code

Unpack contents to somewhere on your server (eg. /var/www/html/smbind-ng) and setup your virtual server to access by default the index.php.

Configuration directories and files

  1. Create a subdirectory with full permission to user of your webserver for keeping your zones. You need to make it readable for bind. Recommended solution: owner of dyrectory let the root user and bind group, webserver user let the member of the bind group, and the directory let writable by owned group.
  2. Create two file with same permissions in this directory for saving zone definitions; one for the masters, one for the slaves (eg. master.conf and slave.conf) - eg. touch master.conf.
  3. Create a subdirectory for keeping zone files (for both of masters and slaves) with same permissions at the step 1.

Modify bind configuration

On your bind options set this folder to use with 'directory' option and 'managed-keys' option (folder created at the step 3 above). Include the master and slave configuration files into your bind config - what created at the step 2.

Database

Create a database user with full permission to access a non existing database with any name. Log in your database server with that user, and create an empty database. Take the initial database dump, and load it to this schema with this newly created user.

Setup the PHP app

See configuration parameters below

DNSSEC related options

Bind options

Roller daemon

Create a directory for keeping file of roller daemon, and add write permissions for the webserver user group. eg. setfacl -b /etc/rollrecdir setfacl -m 'www-data:rwx' /etc/rollrecdir Set up this directory for roller daemon to use this directory for rolling zones eg. in this /etc/default/rollerd file use similar option: DAEMON_OPTS="-rrfile /etc/smbind/rollrec/zones.rollrec"