Full DNS software, even via docker

i was able to edit using sudo chmod -R 755 /var/www/html/facileManager/

am now getting requirement error on the system it requires
PHP >= 5.5.0

how can i enable it to use a specific php version

edit: i was able to solve it by specifying <FilesMatch .php$>
SetHandler “proxy:unix:/var/run/rh-php73-php-fpm/nethserver-glpi-php73.sock|fcgi://localhost”

which i copied from glpi settings

not sure what i should have defined that specifc to this case, maybe you cn help me change

This is what i have:

if i am to enable ssl, which path should be chosen?

I found a docker image that provides Bind DNS and Webmin UI. It’s just for testing, don’t use in production.

Install Neth Docker:

yum -y install nethserver-docker

Get Bind container with Webmin and start it using local ports 153 (instead of 53 that’s used by dnsmasq) and 10000. The config/data files are stored in /srv/docker/bind

docker run --name bind -d --restart=always --publish 153:53/tcp --publish 153:53/udp --publish 10000:10000/tcp --volume /srv/docker/bind:/data sameersbn/bind:9.16.1-20200524

Browse to https://<Nethserver>:10000 and login with user root, the password is password.

To allow all queries, even as public DNS (insecure, just for testing) edit /srv/docker/bind/bind/etc/named.conf.options and add the “allow-query” option. This can be done in Webmin “Servers/Bind DNS Server/Edit config files” too.

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        // };

        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        dnssec-validation auto;

        listen-on-v6 { any; };
        allow-query { any; };

Restart the service with Webmin or on CLI:

docker exec bind /usr/sbin/service named restart

I forwarded port 53 from the router to the Nethserver VM port 153 and was able to resolve a DNS name from an external server using the public IP of my router as DNS server.


why is it marked non prodcution?

The one above works(facsimile), i was able to login to the software, add zones etc and other things, but gets abit confusing.
Having actually gotten to create a working zone file, or an NS record sever, hopefully i can get to see that.

@mrmarkuz have you tried that one the facsimile version i mean

The last commit is one year ago and I configured it for public DNS without securing it properly.

No, I just found the image and thought it’s easy to use because it already adds Webmin as web UI for Bind.

you should try it, install is straightforward, see if you can setup a new nameserver and configure some dns

The problem is that dnsmasq runs on same port (53) as named so you need to stop dnsmasq and start named.

I needed to install the client so my local dns server was available in facileManager but after client configuration build the named server goes down after a few minutes. But it worked basically.

Install the client with php73:

scl enable rh-php73 "php /usr/local/facileManager/fmDNS/client.php install"

We could use FacileManager with a dockered Bind DNS server to avoid the port 53 issues and still have a running dnsmasq on Nethserver…

i think this should be the best option to do in this case.
SInce am not good in docker stuff, maybe you can lead the way we test and see

1 Like

am on standby just holla… :wink:

1 Like

Hello Did you manage to get this isntalaltion done?

Can this architecture (Nethserver plus dockerized DNS-server) also work in a virtualized environment?
I run my Nethsever in a KVM as root server at my service provider.

If you already have KVM maybe you can also enable docker on host.
This is what I do. So Technitium is just a container on the same host as NS is a VM in.
The only “problem” is that NS team should look for an EMBEDDED DNS solution to REPLACE the one they use. Reason being “unified environment and configuration” (populating the DNS automatically when AD emulation is enabled etc.).
Adding DNS as a container is not an NS “feature” any more. Just some system running in parallel.

If I start using more and more systems that should be in the core of a “small business server replacement”, in parallel VMs or containers, then the benefit of NS is what?

1 Like

@NLS do you have the instructions for installing Technitium in Nethserver as a Docker container, maybe post it here, it would help.

I only use a provided KVM host as a root server from my provider. I cannot administrate them.
So the question remains: can I install/use docker on such a KVM based root server under nethserver?

You can!

1 Like

Of course you can, you can also do nested virtualization (virtualize a proxmox cluster inside a proxmox…use esxi to virtualize gns3…etc…)

1 Like

Rebellions are based on hope however the battle is already lost, the dev team is looking forward to ns8, I bet that ns7 won’t see that kind of big changes

Next week I will know better on ns8 :wink:

VMWare ESXi running inside Proxmox…

Needed for historical / archiving. Novell Netware does not run in Proxmox, but does run in VMWare. (It died before drivers were made…). Like this, I don’t need additional hardware just to run a rarely used VMWare…

Very stable - and I can backup the whole VMWare ESXi using Proxmox!

My 2 cents

1 Like

I use my module Pi-Hole which is container based inside a proxmox VM, just use the dhcp of your nethserver to set the dns server IP of your client to the pihole container

1 Like

It is in NS8.

Really, even aside from the fact that they’re already working hard on NS8, I wouldn’t think it at all appropriate to make such major architectural changes within the lifespan of a major release. NS7 should look and operate like NS7, and other modules should be able to expect things to operate like NS7 operates. Switching to something like this just doesn’t fit.

But in the next major release, they’ve already announced that pretty much everything’s going to be a container. The e-smith config system is gone, and configuration’s going to be handled quite differently. This seems like a prime opportunity to upgrade to a full-fledged DNS system, whichever one it might be.

It seems there are a number of threads here requesting pretty much the same, or at least overlapping, things. Here are a few (OK, several) others:

@dev_team, it really seems like there’s a lot of demand for this, and a time like this when you’re changing the entire architecture of the system anyway seems like a good time to implement it.


Yes, there’s room for a DNS module in NS8. Apart from the Samba DC which is an authoritative DNS, there could be an alternative authoritative DNS server implementation that could be paired with the OpenLDAP account provider.

By now I’m still pretty sure a DNS service is not (and will not be) provided by the NS8 core system. I think it is a consequence of dropping the firewall/gateway features from the NS8 core set.