Commit 166f75a807bd5e3346771ab22cceba5d7ae2db76
1 parent
0404c6af
Update INSTALL.md
Showing
1 changed file
with
65 additions
and
12 deletions
INSTALL.md
| @@ -25,9 +25,9 @@ Unpack contents to somewhere on your server (eg. /var/www/html/smbind-ng) and | @@ -25,9 +25,9 @@ Unpack contents to somewhere on your server (eg. /var/www/html/smbind-ng) and | ||
| 25 | setup your virtual server to access by default the index.php. | 25 | setup your virtual server to access by default the index.php. |
| 26 | 26 | ||
| 27 | ### Configuration directories and files | 27 | ### Configuration directories and files |
| 28 | -1. Create a subdirectory with full permission to user of your webserver for keeping | ||
| 29 | -your zones. You need to make it readable for bind. | ||
| 30 | -Recommended solution: owner of dyrectory let the root user and bind group, | 28 | +1. Create a subdirectory with full permission to user of your webserver for |
| 29 | +keeping your zones. You need to make it readable for bind. | ||
| 30 | + Recommended solution: owner of directory let the root user and bind group, | ||
| 31 | webserver user let the member of the bind group, and the directory let writable | 31 | webserver user let the member of the bind group, and the directory let writable |
| 32 | by owned group. | 32 | by owned group. |
| 33 | 2. Create two file with same permissions in this directory for saving zone | 33 | 2. Create two file with same permissions in this directory for saving zone |
| @@ -37,14 +37,14 @@ slave.conf) - eg. touch master.conf. | @@ -37,14 +37,14 @@ slave.conf) - eg. touch master.conf. | ||
| 37 | slaves) with same permissions at the step 1. | 37 | slaves) with same permissions at the step 1. |
| 38 | 38 | ||
| 39 | ### Modify bind configuration | 39 | ### Modify bind configuration |
| 40 | -On your bind options set this folder to use with 'directory' option and | ||
| 41 | -'managed-keys' option (folder created at the step 3 above). | 40 | +On your bind options set this folder to use with *directory* option and |
| 41 | +*managed-keys* option (folder created at the step 3 above). | ||
| 42 | Include the master and slave configuration files into your bind config - what | 42 | Include the master and slave configuration files into your bind config - what |
| 43 | created at the step 2. | 43 | created at the step 2. |
| 44 | 44 | ||
| 45 | ### Database | 45 | ### Database |
| 46 | Create a database user with full permission to access a non existing database | 46 | Create a database user with full permission to access a non existing database |
| 47 | -with any name. | 47 | +with any name. |
| 48 | Log in your database server with that user, and create an empty database. | 48 | Log in your database server with that user, and create an empty database. |
| 49 | Take the initial database dump, and load it to this schema with this newly | 49 | Take the initial database dump, and load it to this schema with this newly |
| 50 | created user. | 50 | created user. |
| @@ -55,12 +55,65 @@ See configuration parameters below | @@ -55,12 +55,65 @@ See configuration parameters below | ||
| 55 | ### DNSSEC related options | 55 | ### DNSSEC related options |
| 56 | 56 | ||
| 57 | #### Bind options | 57 | #### Bind options |
| 58 | +In your bind configuration set the following options: | ||
| 59 | + | ||
| 60 | +*dnssec-enable yes;* | ||
| 61 | +*dnssec-validation auto;* | ||
| 62 | +*dnssec-lookaside auto;* | ||
| 63 | + | ||
| 64 | +And then restart your bind daemon. | ||
| 58 | 65 | ||
| 59 | #### Roller daemon | 66 | #### Roller daemon |
| 60 | Create a directory for keeping file of roller daemon, and add write permissions | 67 | Create a directory for keeping file of roller daemon, and add write permissions |
| 61 | -for the webserver user group. eg. | ||
| 62 | - setfacl -b /etc/rollrecdir | ||
| 63 | - setfacl -m 'www-data:rwx' /etc/rollrecdir | ||
| 64 | -Set up this directory for roller daemon to use this directory for rolling zones | ||
| 65 | - eg. in this /etc/default/rollerd file use similar option: | ||
| 66 | - DAEMON_OPTS="-rrfile /etc/smbind/rollrec/zones.rollrec" | ||
| 67 | \ No newline at end of file | 68 | \ No newline at end of file |
| 69 | +for the webserver user group. eg. | ||
| 70 | + | ||
| 71 | +*setfacl -b /etc/rollrecdir* | ||
| 72 | +*setfacl -m 'www-data:rwx' /etc/rollrecdir* | ||
| 73 | + | ||
| 74 | +Set up this directory for roller daemon to use this directory for rolling zones. | ||
| 75 | +eg. in your /etc/default/rollerd file use similar option with this: | ||
| 76 | + | ||
| 77 | +*DAEMON_OPTS="-rrfile /etc/smbind/rollrec/zones.rollrec"* | ||
| 78 | + | ||
| 79 | +And then reload your roller daemon. | ||
| 80 | + | ||
| 81 | +## Configuration parameters | ||
| 82 | +The application has a *config.php* file in the *config* directory of the root | ||
| 83 | +of your SMBind-ng webapp directory. | ||
| 84 | + | ||
| 85 | +Format: $_CONF['variablename'] = value; | ||
| 86 | + | ||
| 87 | +Variables (mark **bold** for the required parameters): | ||
| 88 | + | ||
| 89 | +**db_type** - Type of the database (eg. 'mysql') | ||
| 90 | +**db_user** - Name of the owner of database schema (eg. 'smbind') | ||
| 91 | +**db_pass** - Password of the user above | ||
| 92 | +db_host - Resolvable name or IP address of the database host (default: | ||
| 93 | +'localhost') | ||
| 94 | +db_port - Port number of the database server (default: 3306 or 5432 depends on | ||
| 95 | +db_type) | ||
| 96 | +**db_db** - Name of the database schema | ||
| 97 | +**smarty_path** - Place of the smarty installation | ||
| 98 | +**peardb_path** - place of your PEAR db | ||
| 99 | +tmp_path - Path of your tmp directory (default: install path/tmp) | ||
| 100 | +roller_conf - Path of your roller daemon config (configured in DAEMON_OPTS). | ||
| 101 | +Required for DNSSEC abilities. | ||
| 102 | +isdnssec - enable or disable DNSSEC abilities (true/false) | ||
| 103 | +recaptcha - enable or disable recaptcha at login screen (true/false) | ||
| 104 | +rc_pubkey - Your public recaptha key (required for recaptcha) | ||
| 105 | +rc_privkey - Your private recaptcha key (required for recaptcha) | ||
| 106 | +nocaptcha - Array of your recaptcha whitelist. If you do not want to recaptcha | ||
| 107 | +when you access the webapp from specified hosts, you need to set up their IP | ||
| 108 | +addresses as followings: | ||
| 109 | +*array( | ||
| 110 | +'1.2.3.4', | ||
| 111 | +'2.3.4.5', | ||
| 112 | +);* | ||
| 113 | +title - Title string at the top of your SMBind-ng screen (eg. 'My DNS zones') | ||
| 114 | +footer - Footer string at the bottom of your SMBind-ng screen (eg. 'Company | ||
| 115 | +Name') | ||
| 116 | +staticdomain - If you want to access your static files (.css and .js) through | ||
| 117 | +other virtual host, then you need to configure it in your webserver, and just | ||
| 118 | +set it (eg. 'static.mydnsservice.local'). There are only two static files in | ||
| 119 | +your SMBind-ng installation, so I think you don't really need this - but who | ||
| 120 | +knows? |