added mos tof the configuration stuff
Signed-off-by: tracer <tracer@24unix.net>
This commit is contained in:
parent
3bcfc8de46
commit
c4fca8bf60
199
README.md
199
README.md
@ -279,13 +279,208 @@ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, INDEX, DROP, ALTER, CREATE TEMPORA
|
||||
There is no need to run FLUSH PRIVILEGES when using GRANT!
|
||||
```
|
||||
|
||||
So, now it offers us the create statements for the needed database.
|
||||
So, now it offers us the SQL statements to create a new user and database and set permissions.
|
||||
If were on plain debian, we just can copy and paste (the password is random) this as root into mysql.
|
||||
|
||||
If we're using hte panel, lets create a database and write down the credentials and update config.json.
|
||||
|
||||
And another call to the console:
|
||||
|
||||
Now we can finally begin to populate our configuration:
|
||||
```
|
||||
$ ./bin/console
|
||||
Error: Cannot find tables.
|
||||
Should I try to create them? (y/N): y
|
||||
Tables have been created.
|
||||
```
|
||||
|
||||
When we now call the console it displays it's options:
|
||||
|
||||
![CLI Interface](https://bindapi.24unix.net/assets/bindAPI_cli.png)
|
||||
|
||||
|
||||
Now we can finally begin to populate our configuration.
|
||||
|
||||
We assume ns1 and ns2 are already configured, so we add them to the local config:
|
||||
|
||||
```
|
||||
$ ./bin/console nameservers:create ns1.24unix.net a=176.9.165.128 aaaa=2a01:4f8:161:12cd::128 apikey=61f27a57c9d1f.[truncated]
|
||||
Nameserver ns1.24unix.net has been created with id 1
|
||||
|
||||
```
|
||||
|
||||
And the same procedure for ns2, and now we have:
|
||||
|
||||
```
|
||||
$ ./bin/console nameservers:list
|
||||
All available nameservers:
|
||||
+------+------------------+------------------+---------------------------------------+-----------------+
|
||||
| ID | Name | A | AAAA | API Key |
|
||||
+------+------------------+------------------+---------------------------------------+-----------------+
|
||||
| 1 | ns1.24unix.net | 176.9.165.128 | 2a01:4f8:161:12cd::128 | 61f27a57c9d1f |
|
||||
| 2 | ns2.24unix.net | 37.120.185.117 | 2a03:4000:f:5e2:a80c:2dff:fed1:e109 | 61eef211dea9a |
|
||||
+------+------------------+------------------+---------------------------------------+-----------------+
|
||||
```
|
||||
Now we can ping the API to check if our servers are alive.
|
||||
We have to add --verbose to the command, because it can also be used to monitor the server in cron jobs where no output is desired, only the result code.
|
||||
|
||||
```
|
||||
$ ./bin/console --verbose nameservers:apiping
|
||||
ns1.24unix.net 176.9.165.128 pong 2a01:4f8:161:12cd::128 pong
|
||||
ns2.24unix.net 37.120.185.117 pong 2a03:4000:f:5e2:a80c:2dff:fed1:e109 pong
|
||||
```
|
||||
|
||||
Now we can add all out panels:
|
||||
|
||||
```
|
||||
$ ./bin/console panels:create executor.24unix.net a=176.9.165.128 aaaa=2a01:4f8:161:12cd::128 apikey=Lo7jsXYQ.[truncated]
|
||||
Panel executor.24unix.net has been created with id 28
|
||||
```
|
||||
|
||||
Oups. The autoincrement ID should be 1, I'll fix that.
|
||||
|
||||
OK, now we've got all our panels:
|
||||
|
||||
```
|
||||
$ ./bin/console panels:list
|
||||
All available panels:
|
||||
+------+--------------------------+------------------+---------------------------------------+------------+
|
||||
| ID | Name | A | AAAA | API Key |
|
||||
+------+--------------------------+------------------+---------------------------------------+------------+
|
||||
| 28 | executor.24unix.net | 176.9.165.128 | 2a01:4f8:161:12cd::128 | Lo7jsXYQ |
|
||||
| 33 | imperial.24unix.net | 176.9.165.130 | 2a01:4f8:161:12cd::130 | AFB0Gm7C |
|
||||
| 32 | interdictor.24unix.net | 176.9.165.131 | 2a01:4f8:161:12cd::131 | qsrlTNIu |
|
||||
| 31 | paz.24unix.net | 176.9.165.134 | 2a01:4f8:161:12cd::134 | DquWO8vf |
|
||||
| 29 | shadow.24unix.net | 37.120.185.117 | 2a03:4000:f:5e2:a80c:2dff:fed1:e109 | o2CtvTQh |
|
||||
| 30 | tector.24unix.net | 176.9.165.137 | 2a01:4f8:161:12cd::137 | HJwrfMd7 |
|
||||
+------+--------------------------+------------------+---------------------------------------+------------+
|
||||
```
|
||||
|
||||
Look if they're alive:
|
||||
|
||||
```
|
||||
$ ./bin/console --verbose panels:apiping
|
||||
executor.24unix.net 176.9.165.128 pong 2a01:4f8:161:12cd::128 pong
|
||||
imperial.24unix.net 176.9.165.130 pong 2a01:4f8:161:12cd::130 pong
|
||||
interdictor.24unix.net 176.9.165.131 pong 2a01:4f8:161:12cd::131 pong
|
||||
paz.24unix.net 176.9.165.134 pong 2a01:4f8:161:12cd::134 pong
|
||||
shadow.24unix.net 37.120.185.117 pong 2a03:4000:f:5e2:a80c:2dff:fed1:e109 pong
|
||||
tector.24unix.net 176.9.165.137 pong 2a01:4f8:161:12cd::137 pong
|
||||
```
|
||||
|
||||
OK, Nameservers ✅
|
||||
Panels ✅
|
||||
|
||||
What's next? Check the domains on each panel:
|
||||
|
||||
```
|
||||
$ ./bin/console --verbose check:panels fix=yes
|
||||
check all …
|
||||
Keyhelp-Panel: executor.24unix.net
|
||||
Domain: 24unix.net ns1.24unix.net OK ns2.24unix.net OK
|
||||
Keyhelp-Panel: imperial.24unix.net
|
||||
Domain: rchelifan.org ns1.24unix.net OK ns2.24unix.net OK
|
||||
Keyhelp-Panel: interdictor.24unix.net
|
||||
No second level domains found.
|
||||
Keyhelp-Panel: paz.24unix.net
|
||||
Domain: crowddataworker.de ns1.24unix.net OK ns2.24unix.net OK
|
||||
Domain: cdw.one ns1.24unix.net OK ns2.24unix.net OK
|
||||
Domain: aussempott.de ns1.24unix.net OK ns2.24unix.net OK
|
||||
Domain: fairdns.de ns1.24unix.net OK ns2.24unix.net OK
|
||||
Domain: tzazicke.de ns1.24unix.net OK ns2.24unix.net OK
|
||||
Domain: casabuitoni.de ns1.24unix.net OK ns2.24unix.net OK
|
||||
Keyhelp-Panel: shadow.24unix.net
|
||||
No second level domains found.
|
||||
Keyhelp-Panel: tector.24unix.net
|
||||
No second level domains found.
|
||||
```
|
||||
The output is a little bit ugly, maybe I'll come up with something nicer.
|
||||
|
||||
So, now we have our nameservers, our panels.
|
||||
|
||||
But only two of them, ns3 is missing, so we're going to add it.
|
||||
|
||||
We create a new key:
|
||||
|
||||
```
|
||||
$ ./bin/console apikeys:create
|
||||
API key 1 has been generated. Store it in a save place, it cannot be recovered.
|
||||
6213acb116613.[truncated]]
|
||||
```
|
||||
|
||||
And add it to our list of nameservers:
|
||||
|
||||
```
|
||||
$ ./bin/console nameservers:create ns3.24unix.net a=212.227.160.159 aaaa=2001:8d8:1801:701::1 apikey=6213acb116613.[truncated]
|
||||
Nameserver ns3.24unix.net has been created with id 3
|
||||
```
|
||||
|
||||
We can soon start filling our own list of slaves domains.
|
||||
|
||||
But before, we need to check some prerequisites:
|
||||
|
||||
```
|
||||
$ ./bin/console check:permissions
|
||||
Checking permission:
|
||||
|
||||
UID: 5001
|
||||
Name: tfunix
|
||||
Checking file: /etc/bind/local.zones
|
||||
PHP Warning: fileperms(): stat failed for /etc/bind/local.zones in /home/users/tfunix/www/ns3.24unix.net/bindAPI/src/Controller/DomainController.php on line 121
|
||||
❌Group needs write permission!
|
||||
Checking /etc/bind/named.conf.local
|
||||
❌ /etc/bind/local.zones needs to be included in /etc/bind/named.conf.local .
|
||||
Checking directory: /etc/bind/zones/
|
||||
PHP Warning: fileperms(): stat failed for /etc/bind/zones/ in /home/users/tfunix/www/ns3.24unix.net/bindAPI/src/Controller/DomainController.php on line 140
|
||||
❌Group needs write permission!
|
||||
```
|
||||
|
||||
So, there are a few manual steps needed.
|
||||
|
||||
tfunix has to be a group member of the „bind“ group.
|
||||
As root perform:
|
||||
|
||||
`usermod -G bind tfunix`
|
||||
(Mind that it is a capital G, else you'll change the primary group and the checks will fail.
|
||||
Don't ask how I noticed …)
|
||||
|
||||
We now have to logout and login with tfunix for the changes to apply.
|
||||
|
||||
After new login it should look like this:
|
||||
|
||||
```
|
||||
$ id
|
||||
uid=5001(tfunix) gid=113(bind) groups=113(bind),1001(keyhelp_file_manager)
|
||||
```
|
||||
|
||||
We again need root:
|
||||
|
||||
```
|
||||
touch /etc/bind/local.zones
|
||||
chown bind:bind /etc/bind/local.zones
|
||||
echo 'include "/etc/bind/local.zones";' >> /etc/bind/named.conf.local
|
||||
|
||||
mkdir /etc/bind/zones
|
||||
chown bind:bind /etc/bind/zones
|
||||
chmod g+w /etc/bind/zones
|
||||
```
|
||||
|
||||
Now it looks better:
|
||||
|
||||
```
|
||||
$ ./bin/console check:permissions
|
||||
Checking permission:
|
||||
|
||||
UID: 5001
|
||||
Name: tfunix
|
||||
Checking file: /etc/bind/local.zones
|
||||
✅ Group has write access .
|
||||
Checking /etc/bind/named.conf.local
|
||||
✅ /etc/bind/local.zones is included in /etc/bind/named.conf.local
|
||||
Checking directory: /etc/bind/zones/
|
||||
✅ Group has write access .
|
||||
|
||||
|
||||
```
|
||||
|
||||
TODO
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user