Commit 166f75a807bd5e3346771ab22cceba5d7ae2db76
1 parent
0404c6af
Update INSTALL.md
Showing
1 changed file
with
65 additions
and
12 deletions
INSTALL.md
| ... | ... | @@ -25,9 +25,9 @@ Unpack contents to somewhere on your server (eg. /var/www/html/smbind-ng) and |
| 25 | 25 | setup your virtual server to access by default the index.php. |
| 26 | 26 | |
| 27 | 27 | ### Configuration directories and files |
| 28 | -1. Create a subdirectory with full permission to user of your webserver for keeping | |
| 29 | -your zones. You need to make it readable for bind. | |
| 30 | -Recommended solution: owner of dyrectory let the root user and bind group, | |
| 28 | +1. Create a subdirectory with full permission to user of your webserver for | |
| 29 | +keeping your zones. You need to make it readable for bind. | |
| 30 | + Recommended solution: owner of directory let the root user and bind group, | |
| 31 | 31 | webserver user let the member of the bind group, and the directory let writable |
| 32 | 32 | by owned group. |
| 33 | 33 | 2. Create two file with same permissions in this directory for saving zone |
| ... | ... | @@ -37,14 +37,14 @@ slave.conf) - eg. touch master.conf. |
| 37 | 37 | slaves) with same permissions at the step 1. |
| 38 | 38 | |
| 39 | 39 | ### Modify bind configuration |
| 40 | -On your bind options set this folder to use with 'directory' option and | |
| 41 | -'managed-keys' option (folder created at the step 3 above). | |
| 40 | +On your bind options set this folder to use with *directory* option and | |
| 41 | +*managed-keys* option (folder created at the step 3 above). | |
| 42 | 42 | Include the master and slave configuration files into your bind config - what |
| 43 | 43 | created at the step 2. |
| 44 | 44 | |
| 45 | 45 | ### Database |
| 46 | 46 | Create a database user with full permission to access a non existing database |
| 47 | -with any name. | |
| 47 | +with any name. | |
| 48 | 48 | Log in your database server with that user, and create an empty database. |
| 49 | 49 | Take the initial database dump, and load it to this schema with this newly |
| 50 | 50 | created user. |
| ... | ... | @@ -55,12 +55,65 @@ See configuration parameters below |
| 55 | 55 | ### DNSSEC related options |
| 56 | 56 | |
| 57 | 57 | #### Bind options |
| 58 | +In your bind configuration set the following options: | |
| 59 | + | |
| 60 | +*dnssec-enable yes;* | |
| 61 | +*dnssec-validation auto;* | |
| 62 | +*dnssec-lookaside auto;* | |
| 63 | + | |
| 64 | +And then restart your bind daemon. | |
| 58 | 65 | |
| 59 | 66 | #### Roller daemon |
| 60 | 67 | Create a directory for keeping file of roller daemon, and add write permissions |
| 61 | -for the webserver user group. eg. | |
| 62 | - setfacl -b /etc/rollrecdir | |
| 63 | - setfacl -m 'www-data:rwx' /etc/rollrecdir | |
| 64 | -Set up this directory for roller daemon to use this directory for rolling zones | |
| 65 | - eg. in this /etc/default/rollerd file use similar option: | |
| 66 | - DAEMON_OPTS="-rrfile /etc/smbind/rollrec/zones.rollrec" | |
| 67 | 68 | \ No newline at end of file |
| 69 | +for the webserver user group. eg. | |
| 70 | + | |
| 71 | +*setfacl -b /etc/rollrecdir* | |
| 72 | +*setfacl -m 'www-data:rwx' /etc/rollrecdir* | |
| 73 | + | |
| 74 | +Set up this directory for roller daemon to use this directory for rolling zones. | |
| 75 | +eg. in your /etc/default/rollerd file use similar option with this: | |
| 76 | + | |
| 77 | +*DAEMON_OPTS="-rrfile /etc/smbind/rollrec/zones.rollrec"* | |
| 78 | + | |
| 79 | +And then reload your roller daemon. | |
| 80 | + | |
| 81 | +## Configuration parameters | |
| 82 | +The application has a *config.php* file in the *config* directory of the root | |
| 83 | +of your SMBind-ng webapp directory. | |
| 84 | + | |
| 85 | +Format: $_CONF['variablename'] = value; | |
| 86 | + | |
| 87 | +Variables (mark **bold** for the required parameters): | |
| 88 | + | |
| 89 | +**db_type** - Type of the database (eg. 'mysql') | |
| 90 | +**db_user** - Name of the owner of database schema (eg. 'smbind') | |
| 91 | +**db_pass** - Password of the user above | |
| 92 | +db_host - Resolvable name or IP address of the database host (default: | |
| 93 | +'localhost') | |
| 94 | +db_port - Port number of the database server (default: 3306 or 5432 depends on | |
| 95 | +db_type) | |
| 96 | +**db_db** - Name of the database schema | |
| 97 | +**smarty_path** - Place of the smarty installation | |
| 98 | +**peardb_path** - place of your PEAR db | |
| 99 | +tmp_path - Path of your tmp directory (default: install path/tmp) | |
| 100 | +roller_conf - Path of your roller daemon config (configured in DAEMON_OPTS). | |
| 101 | +Required for DNSSEC abilities. | |
| 102 | +isdnssec - enable or disable DNSSEC abilities (true/false) | |
| 103 | +recaptcha - enable or disable recaptcha at login screen (true/false) | |
| 104 | +rc_pubkey - Your public recaptha key (required for recaptcha) | |
| 105 | +rc_privkey - Your private recaptcha key (required for recaptcha) | |
| 106 | +nocaptcha - Array of your recaptcha whitelist. If you do not want to recaptcha | |
| 107 | +when you access the webapp from specified hosts, you need to set up their IP | |
| 108 | +addresses as followings: | |
| 109 | +*array( | |
| 110 | +'1.2.3.4', | |
| 111 | +'2.3.4.5', | |
| 112 | +);* | |
| 113 | +title - Title string at the top of your SMBind-ng screen (eg. 'My DNS zones') | |
| 114 | +footer - Footer string at the bottom of your SMBind-ng screen (eg. 'Company | |
| 115 | +Name') | |
| 116 | +staticdomain - If you want to access your static files (.css and .js) through | |
| 117 | +other virtual host, then you need to configure it in your webserver, and just | |
| 118 | +set it (eg. 'static.mydnsservice.local'). There are only two static files in | |
| 119 | +your SMBind-ng installation, so I think you don't really need this - but who | |
| 120 | +knows? | ... | ... |