namedmanager 一个用户管理 bind 的 web gui

namedmanager 作用

使用新的 Amberphplib 框架，兼容 MySQL 5.6 STRICT SQL模式
是一个基于 Web 的 DNS 管理系统，可用来添加、调整和删除 DNS 的 zones/records 数据，支持 Bind 作为后端的 DNS 服务，支持 IPv4 和 IPv6.

namedmanager 软件安装方法

下载仓库地址

wget -O /etc/yum.repos.d/amberdms-c6-public.repo  http://repos.jethrocarr.com/config/centos/6/amberdms-c6-public.repo

安装 namedmanager 软件包

[root@station140 rpm]# yum -y install namedmanager* 

留意安装信息

BIND/NAMED CONFIGURATION

NamedManager BIND components have been installed, you will need to install
and configure bind/named to use the configuration file by adding the
following to /etc/named.conf:

#
# Include NamedManager Configuration
#

include "/etc/named.namedmanager.conf";

NAMEDMANAGER BIND CONFIGURATION

You need to set the application configuration in /etc/namedmanager/config-bind.php

提示: 当前需要修改 named.conf , 添加 include "/etc/named.namedmanager.conf"; 语法, 另外 php 管理页面需要配置  /etc/namedmanager/config-bind.php 文件

参考主要配置文件与作用

crond.d 下计划任务说明
/etc/cron.d/namedmanager-bind

# check for new configuration every minute
*/1 * * * * root php -q /usr/share/namedmanager/bind/namedmanager_bind_configwriter.php >> /var/log/namedmanager_bind_configwriter
# PHP slowly leaks memory, restart the process weekly to prevent it getting too large over months
01 01 * * 0 root /etc/init.d/namedmanager_logpush restart >> /dev/null 2>&1

每分钟把 mysql 中的 DNS 数据数据刷新并记录到日志中

修改文件属性

[root@station149 etc]# chkconfig  --level 35 namedmanager_logpush on
[root@station149 etc]# chown named.root /etc/named.namedmanager.conf

检测 namedmanager 配置文件是否正确方法

php -q /usr/share/namedmanager/bind/namedmanager_bind_configwriter.php

数据库配置

启动数据库
[root@station149 rpm]# service  mysqld start

初始化 MySQL 数据库： Installing MySQL system tables...
OK
Filling help tables...
OK
Please report any problems with the /usr/bin/mysqlbug script!

                                                           [确定]
正在启动 mysqld：                                          [确定]

更新 MySQL 管理员密码

[root@station149 resources]# mysql

mysql> update mysql.user set password=password('mypasswd') where user='root';
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3  Changed: 3  Warnings: 0

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

载入 namedmanager 表到数据库

[root@station149 rpm]# cd /usr/share/namedmanager/resources/; ./autoinstall.pl
autoinstall.pl

This script setups the NamedManager database components:
 * NamedManager MySQL user
 * NamedManager database
 * NamedManager configuration files

THIS SCRIPT ONLY NEEDS TO BE RUN FOR THE VERY FIRST INSTALL OF NAMEDMANAGER.
DO NOT RUN FOR ANY OTHER REASON

Please enter MySQL root password (if any): mypasswd
Searching ../sql/ for latest install schema...
../sql//version_20131222_install.sql is the latest file and will be used for the install.
Importing file ../sql//version_20131222_install.sql
Creating user...
Updating configuration file...
DB installation complete!

You can now login with the default username/password of setup/setup123 at http://localhost/namedmanager

BIND 服务器配置

安装 bind 服务

[root@terry resources]# yum install -y bind-*

配置 bind

[root@terry resources]# cp -p /etc/named.namedmanager.conf /var/named/chroot/etc/
[root@terry resources]# vi /var/named/chroot/etc/named.conf

named.conf 文件内容

options {
        listen-on port 53 { 0.0.0.0; };
//      listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 0.0.0.0; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/named.namedmanager.conf";

启动 bind 服务

[root@terry resources]# service named start

http + php 启动

[root@terry resources]# vi /etc/namedmanager/config-bind.php

<?php
/*
        Sample Configuration File
        Copy this file to config-settings.php
        This file should be read-only to the user whom the bind configuration scripts are running as.
*/
/*
        API Configuration
*/
$config["api_url"]              = "http://192.168.48.141/namedmanager";   // Application Install Location
$config["api_server_name"]      = "station141.vtest.com";        // [必须写主机名]
$config["api_auth_key"]         = "mykey";    // [该密钥随意定义]

/*
  Log file to find messages from Named. Note that:
  * File should be in syslog format
  * Named Manager uses tail -f to read it, this can break with logrotate - make sure that either "copytruncate" mode is used, or tail processes are killed
*/

$config["log_file"]             = "/var/log/messages";

/*
        Lock File
        Used to prevent clashes when multiple instances are accidently run.
*/

$config["lock_file"]            = "/var/lock/namedmanager_lock";

$config["bind"]["version"]              = "9";                                  // version of bind (currently only 9 is supported, although others may work)
$config["bind"]["reload"]               = "/usr/sbin/rndc reload";              // command to reload bind config & zonefiles
$config["bind"]["config"]               = "/var/named/chroot/etc/named.namedmanager.conf";      // configuration file to write bind config too
$config["bind"]["zonefiledir"]          = "/var/named/chroot/var/named/";                       // directory to write zonefiles too
                                                                                // note: if using chroot bind, will often be /var/named/chroot/var/named/
$config["bind"]["verify_zone"]          = "/usr/sbin/named-checkzone";          // Used to verify each generated zonefile as OK
$config["bind"]["verify_config"]        = "/usr/sbin/named-checkconf";          // Used to verify generated NamedManager configuration

/*
        Unusual Compatibility Options
*/

// Include a full path to the zonefiles in Bind - useful if Bind lacks a
// directory configuration or you really, really to store you zonefiles
// in a different location
//
// $config["bind"]["zonefullpath"]              = "on";
// force debugging on for all users + scripts
// (note: debugging can be enabled on a per-user basis by an admin via the web interface)
//$_SESSION["user"]["debug"] = "on";

?>

创建 named.namedmanager.conf 文件, 文件

[root@terry resources]# cp /etc/named.namedmanager.conf /var/named/chroot/etc/
[root@terry resources]# chown named:named /var/named/chroot/etc/named.namedmanager.conf

启动 apache 服务器
[root@terry resources]# service  httpd restart
停止 httpd：                                               [确定]
正在启动 httpd：[Thu Jan 16 15:12:12 2014] [warn] Useless use of AllowOverride in line 11 of /etc/httpd/conf.d/namedmanager.conf.
                                                           [确定]
启动网页服务器  http://192.168.48.141/namedmanager 进行登录测试 (默认 setup/setup123)

参考图形配置方法

选择 configuration ,
填写 管理员 email (terry@station141.vtest.com)
填写 ADMIN_API_KEY (之前 /var/named/chroot/etc/named.namedmanager.conf 中定义的密钥)

 

选择 Domains/zones -> View Domains  通过 Add New Domain 添加一个新的域

添加域过程中

配置 DNS FQDN 为当前域中的 DNS 服务器主机名

选择服务器类型, [API]

再次填写 ADMIN_API_KEY 密钥

定义当期主机为 DNS 主服务器

确保最后绿色部分为配置文件同步中, 假设非绿色显示, 则需要进一步排错

参见下图, 域被增加

添加主机 A 记录方法

再次添加反向解析域

添加反向解析 PTR 记录方法