Has anyone managed to deploy a full DNS software on nethserver.
One that can enable the creation of A, AAA,MX,TXT and other DNS records?
Is this something that we could or can see in Nethserver builtin in future?
Something like BIND (or PoweDNS, TechnitumDNSâŠ)?
There were similar requests:
- Replace dnsmasq with BIND9
- How about PowerDNS?
- Technitium DNS (and DHCP)
- Complete DNS server
- DNS Replication or Zone Transfers
And an old howto (bind9+facileManager webui), but unsure how many people use it within NethServer.
1 Like
Ill try this.
This is what i was talking about. ill check it out, see if it works etc.
1 Like
please let us know (I donât get why this doesnât happen officially or at least as a âappâ package)
hello, I installed the Bind DNS server, using the instructions provided on the link, but modified the file to the latest version of Facilemanager.
yum install bind bind-utils php-mysql wget vim php-posix
wget http://www.facilemanager.com/download/facilemanager-complete-4.0.3.tar.gz
tar zxvf facilemanager-complete-4.0.3.tar.gz
cd facileManager
mv server/ /var/www/html/facileManager
chmod -R 750 /var/www/html/facileManager/
nano /etc/httpd/conf.d/facilemanager.conf
Alias /facileManager /var/www/html/facileManager
<Directory â/var/www/html/facileManagerâ>
AllowOverride All
mysql -e "create database facileManager;"
mysql -e "grant all on facileManager.* to admin identified by 'pwd';"
service httpd restart
After running the ip address, i am getting error 403,
what could be the problem?
Httpd log error or access could explain better
i see this as being related
Logs
Search
[Mon Sep 13 21:44:42.067243 2021] [core:crit] [pid 14278] (13)Permission denied: [client 154.159.252.236:31447] AH00529: /var/www/html/facileManager/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that â/var/www/html/facileManager/â is executable
i was able to edit using sudo chmod -R 755 /var/www/html/facileManager/
am now getting requirement error on the system it requires
PHP >= 5.5.0
how can i enable it to use a specific php version
edit: i was able to solve it by specifying <FilesMatch .php$>
SetHandler âproxy:unix:/var/run/rh-php73-php-fpm/nethserver-glpi-php73.sock|fcgi://localhostâ
which i copied from glpi settings
not sure what i should have defined that specifc to this case, maybe you cn help me change
This is what i have:
if i am to enable ssl, which path should be chosen?
I found a docker image that provides Bind DNS and Webmin UI. Itâs just for testing, donât use in production.
Install Neth Docker:
yum -y install nethserver-docker
Get Bind container with Webmin and start it using local ports 153 (instead of 53 thatâs used by dnsmasq) and 10000. The config/data files are stored in /srv/docker/bind
docker run --name bind -d --restart=always --publish 153:53/tcp --publish 153:53/udp --publish 10000:10000/tcp --volume /srv/docker/bind:/data sameersbn/bind:9.16.1-20200524
Browse to https://<Nethserver>:10000 and login with user root, the password is password.
To allow all queries, even as public DNS (insecure, just for testing) edit /srv/docker/bind/bind/etc/named.conf.options and add the âallow-queryâ option. This can be done in Webmin âServers/Bind DNS Server/Edit config filesâ too.
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
listen-on-v6 { any; };
allow-query { any; };
};
Restart the service with Webmin or on CLI:
docker exec bind /usr/sbin/service named restart
I forwarded port 53 from the router to the Nethserver VM port 153 and was able to resolve a DNS name from an external server using the public IP of my router as DNS server.
2 Likes
why is it marked non prodcution?
The one above works(facsimile), i was able to login to the software, add zones etc and other things, but gets abit confusing.
Having actually gotten to create a working zone file, or an NS record sever, hopefully i can get to see that.
@mrmarkuz have you tried that one the facsimile version i mean
The last commit is one year ago and I configured it for public DNS without securing it properly.
No, I just found the image and thought itâs easy to use because it already adds Webmin as web UI for Bind.
you should try it, install is straightforward, see if you can setup a new nameserver and configure some dns
The problem is that dnsmasq runs on same port (53) as named so you need to stop dnsmasq and start named.
I needed to install the client so my local dns server was available in facileManager but after client configuration build the named server goes down after a few minutes. But it worked basically.
Install the client with php73:
scl enable rh-php73 "php /usr/local/facileManager/fmDNS/client.php install"
We could use FacileManager with a dockered Bind DNS server to avoid the port 53 issues and still have a running dnsmasq on NethserverâŠ
i think this should be the best option to do in this case.
SInce am not good in docker stuff, maybe you can lead the way we test and see
1 Like
am on standby just holla⊠
1 Like
Hello Did you manage to get this isntalaltion done?
Can this architecture (Nethserver plus dockerized DNS-server) also work in a virtualized environment?
I run my Nethsever in a KVM as root server at my service provider.
If you already have KVM maybe you can also enable docker on host.
This is what I do. So Technitium is just a container on the same host as NS is a VM in.
The only âproblemâ is that NS team should look for an EMBEDDED DNS solution to REPLACE the one they use. Reason being âunified environment and configurationâ (populating the DNS automatically when AD emulation is enabled etc.).
Adding DNS as a container is not an NS âfeatureâ any more. Just some system running in parallel.
If I start using more and more systems that should be in the core of a âsmall business server replacementâ, in parallel VMs or containers, then the benefit of NS is what?
1 Like
@NLS do you have the instructions for installing Technitium in Nethserver as a Docker container, maybe post it here, it would help.
I only use a provided KVM host as a root server from my provider. I cannot administrate them.
So the question remains: can I install/use docker on such a KVM based root server under nethserver?