Press "Enter" to skip to content

How to Install PowerDNS and PowerDNS-Admin on Debian Buster (updated)

Hi! This is a script-guide to install Powerdns (authoritative) and Powerdns-Admin on Debian 10 (buster), this post substitutes both the old ones for Debian 9 and Debian 10 because of updates in Powerdns-Admin repository, those posts are online for archive purposes only, use this one instead. This is a quick way, see instructions below, here is the commented code for the impatient.

#!/bin/bash

# get script absolute path
MY_PATH="`dirname \"$0\"`"
MY_PATH="`( cd \"$MY_PATH\" && pwd )`"
if [ -z "$MY_PATH" ] ; then
	  exit 1
fi

# upgrade system and install dependencies
apt-get update && apt-get -y upgrade
apt-get -y install software-properties-common dirmngr
apt-get -y install git python-pip

# install and prepare last stable mariadb version
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
add-apt-repository 'deb [arch=amd64] http://mariadb.mirror.liquidtelecom.com/repo/10.4/debian buster main'
apt-get update && apt-get -y install mariadb-server 

# run the secure script to set root password, remove test database and disable remote root user login, you can safely accept the defaults and provide an strong root password when prompted
mysql_secure_installation
mysql -u root -p < ${MY_PATH}/sql01.sql # provide previously set password

# install powerdns and configure db parameters
apt-get -y install pdns-server pdns-backend-mysql
cp ${MY_PATH}/pdns.local.gmysql.conf /etc/powerdns/pdns.d/
vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf # db configuration

# install dnsutils for testing, curl and finally PowerDNS-Admin
apt-get -y install python3-dev dnsutils curl
apt-get -y install -y default-libmysqlclient-dev python-mysqldb libsasl2-dev libffi-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev pkg-config
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list
apt-get -y install apt-transport-https # needed for https repo
apt-get update 
apt-get -y install yarn
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
pip install virtualenv
virtualenv -p python3 flask
. ./flask/bin/activate
pip install -r requirements.txt
mysql -u root -p < ${MY_PATH}/sql02.sql
vi powerdnsadmin/default_config.py
export FLASK_APP=powerdnsadmin/__init__.py
flask db upgrade
flask db migrate -m "Init DB"

# install/update nodejs, needed to use yarn
curl -sL https://deb.nodesource.com/setup_12.x | bash -
apt-get install -y nodejs
yarn install --pure-lockfile
flask assets build

# create systemd service file and activate it
mkdir /run/powerdns-admin
chown pdns:pdns /run/powerdns-admin
cp ${MY_PATH}/powerdns-admin.service /etc/systemd/system/
systemctl daemon-reload
systemctl start powerdns-admin
systemctl enable powerdns-admin

# install nginx and configure site
apt-get -y install nginx
cp ${MY_PATH}/powerdns-admin.conf /etc/nginx/sites-enabled/
chown -R pdns:pdns /opt/web/powerdns-admin/powerdnsadmin/static/
nginx -t && service nginx restart

# activate powerdns api, change api-key if needed
echo 'api=yes' >> /etc/powerdns/pdns.conf
echo 'api-key=789456123741852963' >> /etc/powerdns/pdns.conf
echo 'webserver=yes' >> /etc/powerdns/pdns.conf
echo 'webserver-address=0.0.0.0' >> /etc/powerdns/pdns.conf
echo 'webserver-allow-from=0.0.0.0/0,::/0' >> /etc/powerdns/pdns.conf
echo 'webserver-port=8081' >> /etc/powerdns/pdns.conf
service pdns restart

# now go to server_name url and create a firt user account that will be admin
# log in
# configure api access on powerdns-admin
# enjoy

Installation notes

You can execute the executable file install.sh inside the zip file as root, or execute lines one by one from code above. Whatever method you use you should read this notes carefully in order to fully understand what is going on, also read comments in script, there could be useful tips there. I assume that yo have a minimum linux knowledge and that you are comfortable with the shell and command line utilities.

  1. Download and uncompress pdns-buster-updated.zip anywhere in the server, then cd into pdns folder.
  2. Edit sql01.sql and modify the second line to set a secure password instead of the default one ‘mypassword’.
  3. Edit sql02.sql and modify the second line to set a secure password instead of the default one ‘mypassword’.
  4. Edit powerdns-admin.conf and modify the value of server_name to match the fqdn we want our pdnsadmin be served from.
  5. Execute install.sh script:
    • Set mariadb root password when prompted.
    • Provide mariadb root password to execute sql01.sql when prompted.
    • Edit /etc/powerdns/pdns.d/pdns.local.gmysql.conf db settings to match this ones:
      • user: pdnsuser
      • password: <the one provided in step 2>
      • host: localhost
      • db name: pdns
    • Provide mariadb root password to execute sql02.sql when prompted.
    • Edit /opt/web/powerdns-admin/powerdnsadmin/default_config.py db settings to match this ones:
      • user: pdnsuser
      • password: <the one provided in step 2>
      • host: localhost
      • db name: pdns
  6. Enter web interface (domain provided in step 4) and click on create account to create the first account, thal will be an admin account.
  7. Log in into pdnsAdmin with the newly created account.
  8. Configure pdns api and pdns key, http://127.0.0.1:8081/ and the one provided at the end of the script.
  9. Enjoy!

11 Comments

  1. Abraham
    Abraham January 7, 2020

    Buen trabajo, faltaría solucionar el problema del directorio en /run/powerdns-admin. Al reiniciar el servidor, no existe el directorio y no se arranca el servicio. (al menos en VPS)

    Por todo lo demás, funciona de lujo.

    Gracias!

    • tat0
      tat0 January 8, 2020

      Tienes razón, olvide ese detalle, puedes añadir esta línea ‘RuntimeDirectory=powerdns-admin’ en la sección Service del fichero de la unidad, también lo he cambiado en el zip, si prefieres descargarlo de nuevo, el fichero quedaría así:


      [Unit]
      Description=PowerDNS-Admin
      After=network.target
      [Service]
      PIDFile=/run/powerdns-admin/pid
      User=pdns
      Group=pdns
      WorkingDirectory=/opt/web/powerdns-admin
      ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --pid /run/powerdns-admin/pid --bind unix:/run/powerdns-admin/socket 'powerdnsadmin:create_app()'
      PrivateTmp=true
      RuntimeDirectory=powerdns-admin
      [Install]
      WantedBy=multi-user.target

      Gracias por el aviso, salu2.

  2. Hamid
    Hamid January 19, 2020

    Hi.
    Great tutorial i installed power-dns and Power admin and im using replication with mariadb. every thing works perfect. but when i logged in to add new domain on a new account i created to test if it creates the records on the backend it just returns this error :
    * i just simply login then go to dashboard > new domain > writing new domain name (something just for test) > then select an account > select the type (native,master or slave) > then select a Template > and SOA-EDIT-API is on the defualt.
    when i click on submit it just redirects to an error page with this message:
    Oops! Bad request
    400
    Cannot add this domain.
    You may return to the dashboard.
    ———
    so my question is
    1- what is wrong?
    2- should i always use a FQDN? or it is because in power-admin Database which we create in sql02 file, there is no tables and all of the tables are in pdns database?
    3- what do i need to fix?
    ———
    also another question i have is how could we disable creating account on on the default page of power admin page when it comes up? i want to be able to create accounts only using admin.
    ——–
    Ty man for this awesome work.
    cheers

    • tat0
      tat0 January 23, 2020

      Hi, sorry to hear that, I answer to your points:
      1. I do several new installations per week and I have never experienced such issue. You would need to review the install process, the powerdns-admin part searching for any installation error or if you want you can pass me the full output of the install.sh script and I can do it for you. It seems a ddbb or assets related issue althoug I can not think any evident sign, there have not been many changes in powerdns-admin repo since mi post was writen.
      2. No, you don’t need to use a FQDN, you can put here almost every thing. About the databases, you are right, database created in sql02 is not used at all, I use to have all tables in pdns database, you can change this behaviour when editing /opt/web/powerdns-admin/powerdnsadmin/default_config.py in order to have separate databases, if you need more info about this let me know.
      3. Not really sure about what is the error, I would need the output of the install script to chek if everything is fine, also check web server and database logs, or any other relevant. I am out and can not try a test instal righ now.
      ———————–
      Head to the Settings section, then Authentication and uncheck option ‘Allow users to sign up’ I thin this is what you are looking for.

      Thanks for your comments, let me know about any finding you do.

  3. Hamid
    Hamid January 21, 2020

    Hey,

    i see you have not find the time to read my comment 🙂
    something new came up too, it was working fine but i just couldn’t create new domains in power admin, but now when i try to login, it wont login i get ” bad gate way error” also in syslog there is this :
    [decorators.py:224] ERROR – Invalid base64-encoded of credential. Error Incorrect padding

    Please lemmi know what you think.
    cheers

    • tat0
      tat0 January 23, 2020

      Again I have not seen this error before, I have checked and the base64 library is properly imported in source code. It seems related to a web server or browser issue but I can not tell you. Try to find any relevant log and see if there is something that can point to the cause of this. Sorry about not be able to help more, let me know about your findings and/or send me the relevant logs/output in case I could give you more information.
      BR

  4. Ludwig
    Ludwig January 28, 2020

    Hello ! First of all I wanted to thank you for your script !
    I’m trying this on ubuntu, I just had to change the repo. However the service pdns failed to start during the script and also at the end :

    Job for pdns.service failed because the control process exited with error code.
    See “systemctl status pdns.service” and “journalctl -xe” for details.

    I have nothing in status :

    Process: 13863 ExecStart=/usr/sbin/pdns_server –guardian=no –daemon=no –disable-syslog –log-timestamp=no –write-pid=no (code=exited, status=1/FAILURE)
    Main PID: 13863 (code=exited, status=1/FAILURE)

    The pdns.local.gmysql.conf file looks good so I don’t know where I should look at.

    Let me know if you have any idea, thank you,
    Ludwig

    • Ludwig
      Ludwig January 28, 2020

      ok so I found this one quickly ( I thought I already did this but I restored a previous snapshot)
      ubuntu 18.04 uses port 53 for systemd-resolved which of course does not work with pdns, so I just disabled the service

      • tat0
        tat0 February 3, 2020

        Hi, glad to hear that you solved the issue. As you say ubuntu uses port 53 as a local dns cache while debian does not. Disabling it did the trick 🙂

  5. Nicolai
    Nicolai February 12, 2020

    Hi there,

    After installation, I just get a “502 Bad Gateway” when I go to the domain and a “welcome to nginx” when I use the IP.
    —————————————————————————–

    I got this error during the installation:
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
    File “”, line 1, in
    ImportError: No module named setuptools

    —————————————-
    Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-install-szwYVA/filelock/
    ./install.sh: line 34: virtualenv: command not found
    ./install.sh: line 35: ./flask/bin/activate: No such file or directory
    Collecting Flask==1.1.1 (from -r requirements.txt (line 1))
    Downloading https://files.pythonhosted.org/packages/9b/93/628509b8d5dc749656a9641f4caf13540e2cdec85276964ff8f43bbb1d3b/Flask-1.1.1-py2.py3-none-any.whl (94kB)
    100% |████████████████████████████████| 102kB 1.1MB/s
    Collecting Flask-Assets==0.12 (from -r requirements.txt (line 2))
    Downloading https://files.pythonhosted.org/packages/86/ff/6000451570745d7a90847f6528d96d6b24c800eaaf9f26cf398accd8cee5/Flask-Assets-0.12.tar.gz
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
    File “”, line 1, in
    ImportError: No module named setuptools

    —————————————-
    Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-install-NtiqW3/Flask-Assets/

    ———————————————————-

    I can go to http://domain:8081/ which shows me some stats. So that works.

    • tat0
      tat0 February 13, 2020

      Hi, as you can access powerdns stats on port 8081, It seems a powerdns-Admin build issue in some step. I am not sure about what can be but seems a python or pip dependencies problem.
      did the ‘pip install virtualenv’ command success? In this install, setuptools module is provided by the package python-setuptools (do you have this package installed?) and the virtualenv command in this case is provided by the ‘pip install virtualenv’ command. Have you got mixed (custom and distribution packages) pip installations? What Linux distribution, python version and pip version are you using? I would need the full output of the installation script to look for any clue about the issue. Hope this helps. Regards.

Leave a Reply

Your email address will not be published. Required fields are marked *