Press "Enter" to skip to content

How to Install PowerDNS and PowerDNS-Admin on Debian 9

Hi! This is a script-guide to install Powerdns (authoritative) and Powerdns-Admin in Debian 9. This is a quick way, see instructions below, here is the commented code for the impatient.

#!/bin/bash

# get script absolute path
MY_PATH="`dirname \"$0\"`"
MY_PATH="`( cd \"$MY_PATH\" && pwd )`"
if [ -z "$MY_PATH" ] ; then
  exit 1
fi

# upgrade system and install dependencies
apt-get update && apt-get -y upgrade
apt-get -y install software-properties-common dirmngr
apt-get -y install git python-pip

# install and prepare last stable mariadb version
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://mirror.zol.co.zw/mariadb/repo/10.3/debian stretch main'
apt-get update && apt-get -y install mariadb-server # provide an strong password when prompted
mysql -u root -p < ${MY_PATH}/sql01.sql # provide previously set password

# install powerdns and configure db parameters
apt-get -y install pdns-server pdns-backend-mysql # answer dbconfig-common No when prompted
vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf # db configuration

# install dnsutils for testing and finally PowerDNS-Admin
apt-get -y install python3-dev dnsutils
apt-get -y install -y default-libmysqlclient-dev python-mysqldb libsasl2-dev libffi-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev pkg-config
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list
apt-get -y install apt-transport-https # needed for https repo
apt-get update 
apt-get -y install yarn
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
pip install virtualenv
virtualenv -p python3 flask
. ./flask/bin/activate
apt-get -y install libmysqlclient-dev
pip install -r requirements.txt
mysql -u root -p < ${MY_PATH}/sql02.sql
cp config_template.py config.py
vi config.py # db configuration
export FLASK_APP=app/__init__.py
flask db upgrade
flask db migrate -m "Init DB"

# install/update nodejs, needed to use yarn
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
apt-get install -y nodejs
yarn install --pure-lockfile
flask assets build

# create systemd service file and activate it
cp ${MY_PATH}/powerdns-admin.service /etc/systemd/system/
systemctl daemon-reload
systemctl start powerdns-admin
systemctl enable powerdns-admin

# install nginx and configure site
apt-get -y install nginx
cp ${MY_PATH}/powerdns-admin.conf /etc/nginx/sites-enabled/
nginx -t && service nginx restart

# activate powerdns api, change api-key if needed
echo 'api=yes' >> /etc/powerdns/pdns.conf
echo 'api-key=789456123741852963' >> /etc/powerdns/pdns.conf
echo 'webserver=yes' >> /etc/powerdns/pdns.conf
echo 'webserver-address=0.0.0.0' >> /etc/powerdns/pdns.conf
echo 'webserver-allow-from=0.0.0.0/0,::/0' >> /etc/powerdns/pdns.conf
echo 'webserver-port=8081' >> /etc/powerdns/pdns.conf
service pdns restart

# now go to server_name url and create a firt user account that will be admin
# log in
# configure api access on powerdns-admin
# enjoy

Installation notes

You can execute the executable file install.sh inside the zip file, or execute lines one by one from code above. Whatever method you use you should read this notes carefully in order to fully understand what is going on. I assume that yo have a minimum linux knowledge and that you are comfortable with the shell and command line utilities.

  1. Download and uncompress pdns.zip anywhere in the server, then cd into pdns folder.
  2. Edit sql01.sql and modify the second line to set a secure password instead of the default one ‘mypassword’.
  3. Edit sql02.sql and modify the second line to set a secure password instead of the default one ‘mypassword’.
  4. Edit powerdns-admin.conf and modify the value of server_name to match the fqdn we want our pdnsadmin be served from.
  5. Execute install.sh script:
    • Provide mariadb root password to execute sql01.sql when prompted.
    • Edit /etc/powerdns/pdns.d/pdns.local.gmysql.conf db settings to match this ones:
      • user: pdnsuser
      • password: <the one provided in step 2>
      • host: localhost
      • db name: pdns
    • Provide mariadb root password to execute sql02.sql when prompted.
    • Edit /opt/web/powerdns-admin/config.py db settings to match this ones:
      • user: pdnsuser
      • password: <the one provided in step 2>
      • host: localhost
      • db name: pdns
  6. Enter web interface (domain provided in step 4) and click on create account to create the first account, thal will be an admin account.
  7. Log in into pdnsAdmin with the newly created account.
  8. Configure pdns api and pdns key, http://127.0.0.1:8081/ and the one provided at the end of the script.
  9. Enjoy!

11 Comments

  1. Tom
    Tom February 20, 2019

    nice post, tkanks!

  2. Jason
    Jason February 20, 2019

    Thank you!

  3. Johnny H
    Johnny H April 22, 2019

    Trying the script, it seems to fail. Are there prerequisites necessary before starting this install (outside of what’s already written above)? I’m getting:

    install.sh: 32: install.sh: git: not found
    install.sh: 33: cd: can’t cd to /opt/web/powerdns-admin
    install.sh: 34: install.sh: pip: not found
    install.sh: 35: install.sh: virtualenv: not found
    install.sh: 36: .: Can’t open ./flask/bin/activate

    • admin
      admin April 25, 2019

      hi, according to the errors you mention, it seems that you do not have git nor pip installed in your system. Assuming you are using debian 9 (stretch) you can install them with ‘apt-get -y install git python-pip’. I have already added this as part of the script. Please let me know if you find any other issue, thanks.

  4. akira
    akira April 26, 2019

    Hi, i installed using your script, everything worked well but when i open the web interface, i get ERR_TOO_MANY_REDIRECTS and auto redirect to http:///error/500
    Can you please help me to fix it?
    Tks

    • admin
      admin April 28, 2019

      Hi. According to what you say it seems more a problem of nginx, or dns resolution than the pdns server itself.
      Here are several things to check, just in case:
      – Check if pdns is running properly, ‘service pdns status’, if there is a pdns process, ‘ps auxwww | grep pdns’, and if the process is listening at least on ports 53 and 8081, ‘netstat -puntl | grep pdns’ , you should also be able to see the statistics of powerdns through its web interface at http://:8081
      – Check if powerdns-admin is running properly, ‘service powerdns-admin status’, if there are one or more powerdns-admin worker processes, ‘ps auxwww | grep powerdns-admin’ and if the corresponding unix sockets exist, ‘lsof | grep powerdns-admin.sock’
      If above checks are correct, then it is a nginx configuration problem, or a name server resolution problem. Please re-check the configuration again for errors and/or paste the contents of the file ‘/etc/nginx/sites-enabled/powerdns-admin.conf’ as well as the nginx logs of that virtual host to see if there is any obvious error. Hope this helps.

      • akira
        akira May 5, 2019

        Hi,
        Thank for your reply, after checked powerdns status , i got udp port 53 error. so that i run systemctl stop systemd-resolved.service and everything ok now.
        But can i ask another question? How can i point the nameserver from namesilo to my own powerdns, so that i can config new record on my server.
        Thanks

  5. akira
    akira May 5, 2019

    Hi,
    Thank for your reply, after checked powerdns status , i got udp port 53 error. so that i run systemctl stop systemd-resolved.service and everything ok now.
    But can i ask another question? How can i point the nameserver from namesilo to my own powerdns, so that i can config new record on my server.
    Thanks

    • admin
      admin May 8, 2019

      Hi. I’m glad you have everything ready and working. The configuration of the nameservers for a domain depends on where it is registered. In its most basic form, it involves changing the name servers for the domain in question in the control panel of its registrant. Whether or not you need to create A records for those name servers will depend on the registrant. Once you have verified that powerdns work and can be accessed from the outside, consult your registrant’s documentation or contact them to assist in the process of changing the primary nameservers for your domain.

  6. bernie
    bernie May 12, 2019

    That’s all great but how do we maintain it all to up-to-date?
    I mean mainly PowerDNS Admin itself. As time will go there’ll be updates (new features, security fixes).
    I suspect ‘apt-get update && apt-get upgrade’ won’t be enough.

    • admin
      admin May 25, 2019

      hello, as you say, to update powerdns-admin, a simple apt-get upgrade is not enough. the only way I can think to update would be to update the repository in /opt/web/powerdns-admin, reinstall the requirements and regenerate the assets, something like this, although I have not tried it myself:
      – service powerdns-admin stop
      – cd /opt/web/powerdns-admin/
      – git pull
      – . ./flask/bin/activate
      – pip install -r requirements.txt
      – export FLASK_APP = app/__init__.py
      – flask db upgrade
      – yarn install –pure-lockfile
      – flask assets build
      – service powerdns-admin start
      To update I use an automated process that performs a fresh installation of powerdns-admin and synchronizes the information in the database. The method of updating the repository should also work, I hope I have helped you. If you try, let me know the results. Thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *