Press "Enter" to skip to content

How to Install PowerDNS and PowerDNS-Admin on Debian Buster (updated)

Hi! This is a script-guide to install Powerdns (authoritative) and Powerdns-Admin on Debian 10 (buster), this post substitutes both the old ones for Debian 9 and Debian 10 because of updates in Powerdns-Admin repository, those posts are online for archive purposes only, use this one instead. This is a quick way, see instructions below, here is the commented code for the impatient.

#!/bin/bash

# get script absolute path
MY_PATH="`dirname \"$0\"`"
MY_PATH="`( cd \"$MY_PATH\" && pwd )`"
if [ -z "$MY_PATH" ] ; then
	  exit 1
fi

# upgrade system and install dependencies
apt-get update && apt-get -y upgrade
apt-get -y install software-properties-common dirmngr
apt-get -y install git python-pip

# install and prepare last stable mariadb version
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8
add-apt-repository 'deb [arch=amd64] http://mariadb.mirror.liquidtelecom.com/repo/10.4/debian buster main'
apt-get update && apt-get -y install mariadb-server 

# run the secure script to set root password, remove test database and disable remote root user login, you can safely accept the defaults and provide an strong root password when prompted
mysql_secure_installation
mysql -u root -p < ${MY_PATH}/sql01.sql # provide previously set password

# install powerdns and configure db parameters
apt-get -y install pdns-server pdns-backend-mysql
cp ${MY_PATH}/pdns.local.gmysql.conf /etc/powerdns/pdns.d/
vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf # db configuration

# install dnsutils for testing, curl and finally PowerDNS-Admin
apt-get -y install python3-dev dnsutils curl
apt-get -y install -y default-libmysqlclient-dev python-mysqldb libsasl2-dev libffi-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev pkg-config
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list
apt-get -y install apt-transport-https # needed for https repo
apt-get update 
apt-get -y install yarn
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
pip install virtualenv
virtualenv -p python3 flask
. ./flask/bin/activate
pip install -r requirements.txt
mysql -u root -p < ${MY_PATH}/sql02.sql
vi powerdnsadmin/default_config.py
export FLASK_APP=powerdnsadmin/__init__.py
flask db upgrade
flask db migrate -m "Init DB"

# install/update nodejs, needed to use yarn
curl -sL https://deb.nodesource.com/setup_12.x | bash -
apt-get install -y nodejs
yarn install --pure-lockfile
flask assets build

# create systemd service file and activate it
mkdir /run/powerdns-admin
chown pdns:pdns /run/powerdns-admin
cp ${MY_PATH}/powerdns-admin.service /etc/systemd/system/
systemctl daemon-reload
systemctl start powerdns-admin
systemctl enable powerdns-admin

# install nginx and configure site
apt-get -y install nginx
cp ${MY_PATH}/powerdns-admin.conf /etc/nginx/sites-enabled/
chown -R pdns:pdns /opt/web/powerdns-admin/powerdnsadmin/static/
nginx -t && service nginx restart

# activate powerdns api, change api-key if needed
echo 'api=yes' >> /etc/powerdns/pdns.conf
echo 'api-key=789456123741852963' >> /etc/powerdns/pdns.conf
echo 'webserver=yes' >> /etc/powerdns/pdns.conf
echo 'webserver-address=0.0.0.0' >> /etc/powerdns/pdns.conf
echo 'webserver-allow-from=0.0.0.0/0,::/0' >> /etc/powerdns/pdns.conf
echo 'webserver-port=8081' >> /etc/powerdns/pdns.conf
service pdns restart

# now go to server_name url and create a firt user account that will be admin
# log in
# configure api access on powerdns-admin
# enjoy

Installation notes

You can execute the executable file install.sh inside the zip file as root, or execute lines one by one from code above. Whatever method you use you should read this notes carefully in order to fully understand what is going on, also read comments in script, there could be useful tips there. I assume that yo have a minimum linux knowledge and that you are comfortable with the shell and command line utilities.

  1. Download and uncompress pdns-buster-updated.zip anywhere in the server, then cd into pdns folder.
  2. Edit sql01.sql and modify the second line to set a secure password instead of the default one ‘mypassword’.
  3. Edit sql02.sql and modify the second line to set a secure password instead of the default one ‘mypassword’.
  4. Edit powerdns-admin.conf and modify the value of server_name to match the fqdn we want our pdnsadmin be served from.
  5. Execute install.sh script:
    • Set mariadb root password when prompted.
    • Provide mariadb root password to execute sql01.sql when prompted.
    • Edit /etc/powerdns/pdns.d/pdns.local.gmysql.conf db settings to match this ones:
      • user: pdnsuser
      • password: <the one provided in step 2>
      • host: localhost
      • db name: pdns
    • Provide mariadb root password to execute sql02.sql when prompted.
    • Edit /opt/web/powerdns-admin/powerdnsadmin/default_config.py db settings to match this ones:
      • user: pdnsuser
      • password: <the one provided in step 2>
      • host: localhost
      • db name: pdns
  6. Enter web interface (domain provided in step 4) and click on create account to create the first account, thal will be an admin account.
  7. Log in into pdnsAdmin with the newly created account.
  8. Configure pdns api and pdns key, http://127.0.0.1:8081/ and the one provided at the end of the script.
  9. Enjoy!

47 Comments

  1. Abraham
    Abraham January 7, 2020

    Buen trabajo, faltaría solucionar el problema del directorio en /run/powerdns-admin. Al reiniciar el servidor, no existe el directorio y no se arranca el servicio. (al menos en VPS)

    Por todo lo demás, funciona de lujo.

    Gracias!

    • tat0
      tat0 January 8, 2020

      Tienes razón, olvide ese detalle, puedes añadir esta línea ‘RuntimeDirectory=powerdns-admin’ en la sección Service del fichero de la unidad, también lo he cambiado en el zip, si prefieres descargarlo de nuevo, el fichero quedaría así:


      [Unit]
      Description=PowerDNS-Admin
      After=network.target
      [Service]
      PIDFile=/run/powerdns-admin/pid
      User=pdns
      Group=pdns
      WorkingDirectory=/opt/web/powerdns-admin
      ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --pid /run/powerdns-admin/pid --bind unix:/run/powerdns-admin/socket 'powerdnsadmin:create_app()'
      PrivateTmp=true
      RuntimeDirectory=powerdns-admin
      [Install]
      WantedBy=multi-user.target

      Gracias por el aviso, salu2.

  2. Hamid
    Hamid January 19, 2020

    Hi.
    Great tutorial i installed power-dns and Power admin and im using replication with mariadb. every thing works perfect. but when i logged in to add new domain on a new account i created to test if it creates the records on the backend it just returns this error :
    * i just simply login then go to dashboard > new domain > writing new domain name (something just for test) > then select an account > select the type (native,master or slave) > then select a Template > and SOA-EDIT-API is on the defualt.
    when i click on submit it just redirects to an error page with this message:
    Oops! Bad request
    400
    Cannot add this domain.
    You may return to the dashboard.
    ———
    so my question is
    1- what is wrong?
    2- should i always use a FQDN? or it is because in power-admin Database which we create in sql02 file, there is no tables and all of the tables are in pdns database?
    3- what do i need to fix?
    ———
    also another question i have is how could we disable creating account on on the default page of power admin page when it comes up? i want to be able to create accounts only using admin.
    ——–
    Ty man for this awesome work.
    cheers

    • tat0
      tat0 January 23, 2020

      Hi, sorry to hear that, I answer to your points:
      1. I do several new installations per week and I have never experienced such issue. You would need to review the install process, the powerdns-admin part searching for any installation error or if you want you can pass me the full output of the install.sh script and I can do it for you. It seems a ddbb or assets related issue althoug I can not think any evident sign, there have not been many changes in powerdns-admin repo since mi post was writen.
      2. No, you don’t need to use a FQDN, you can put here almost every thing. About the databases, you are right, database created in sql02 is not used at all, I use to have all tables in pdns database, you can change this behaviour when editing /opt/web/powerdns-admin/powerdnsadmin/default_config.py in order to have separate databases, if you need more info about this let me know.
      3. Not really sure about what is the error, I would need the output of the install script to chek if everything is fine, also check web server and database logs, or any other relevant. I am out and can not try a test instal righ now.
      ———————–
      Head to the Settings section, then Authentication and uncheck option ‘Allow users to sign up’ I thin this is what you are looking for.

      Thanks for your comments, let me know about any finding you do.

  3. Hamid
    Hamid January 21, 2020

    Hey,

    i see you have not find the time to read my comment 🙂
    something new came up too, it was working fine but i just couldn’t create new domains in power admin, but now when i try to login, it wont login i get ” bad gate way error” also in syslog there is this :
    [decorators.py:224] ERROR – Invalid base64-encoded of credential. Error Incorrect padding

    Please lemmi know what you think.
    cheers

    • tat0
      tat0 January 23, 2020

      Again I have not seen this error before, I have checked and the base64 library is properly imported in source code. It seems related to a web server or browser issue but I can not tell you. Try to find any relevant log and see if there is something that can point to the cause of this. Sorry about not be able to help more, let me know about your findings and/or send me the relevant logs/output in case I could give you more information.
      BR

  4. Ludwig
    Ludwig January 28, 2020

    Hello ! First of all I wanted to thank you for your script !
    I’m trying this on ubuntu, I just had to change the repo. However the service pdns failed to start during the script and also at the end :

    Job for pdns.service failed because the control process exited with error code.
    See “systemctl status pdns.service” and “journalctl -xe” for details.

    I have nothing in status :

    Process: 13863 ExecStart=/usr/sbin/pdns_server –guardian=no –daemon=no –disable-syslog –log-timestamp=no –write-pid=no (code=exited, status=1/FAILURE)
    Main PID: 13863 (code=exited, status=1/FAILURE)

    The pdns.local.gmysql.conf file looks good so I don’t know where I should look at.

    Let me know if you have any idea, thank you,
    Ludwig

    • Ludwig
      Ludwig January 28, 2020

      ok so I found this one quickly ( I thought I already did this but I restored a previous snapshot)
      ubuntu 18.04 uses port 53 for systemd-resolved which of course does not work with pdns, so I just disabled the service

      • tat0
        tat0 February 3, 2020

        Hi, glad to hear that you solved the issue. As you say ubuntu uses port 53 as a local dns cache while debian does not. Disabling it did the trick 🙂

  5. Nicolai
    Nicolai February 12, 2020

    Hi there,

    After installation, I just get a “502 Bad Gateway” when I go to the domain and a “welcome to nginx” when I use the IP.
    —————————————————————————–

    I got this error during the installation:
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
    File “”, line 1, in
    ImportError: No module named setuptools

    —————————————-
    Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-install-szwYVA/filelock/
    ./install.sh: line 34: virtualenv: command not found
    ./install.sh: line 35: ./flask/bin/activate: No such file or directory
    Collecting Flask==1.1.1 (from -r requirements.txt (line 1))
    Downloading https://files.pythonhosted.org/packages/9b/93/628509b8d5dc749656a9641f4caf13540e2cdec85276964ff8f43bbb1d3b/Flask-1.1.1-py2.py3-none-any.whl (94kB)
    100% |████████████████████████████████| 102kB 1.1MB/s
    Collecting Flask-Assets==0.12 (from -r requirements.txt (line 2))
    Downloading https://files.pythonhosted.org/packages/86/ff/6000451570745d7a90847f6528d96d6b24c800eaaf9f26cf398accd8cee5/Flask-Assets-0.12.tar.gz
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
    File “”, line 1, in
    ImportError: No module named setuptools

    —————————————-
    Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-install-NtiqW3/Flask-Assets/

    ———————————————————-

    I can go to http://domain:8081/ which shows me some stats. So that works.

    • tat0
      tat0 February 13, 2020

      Hi, as you can access powerdns stats on port 8081, It seems a powerdns-Admin build issue in some step. I am not sure about what can be but seems a python or pip dependencies problem.
      did the ‘pip install virtualenv’ command success? In this install, setuptools module is provided by the package python-setuptools (do you have this package installed?) and the virtualenv command in this case is provided by the ‘pip install virtualenv’ command. Have you got mixed (custom and distribution packages) pip installations? What Linux distribution, python version and pip version are you using? I would need the full output of the installation script to look for any clue about the issue. Hope this helps. Regards.

  6. AS
    AS February 28, 2020

    I had to run
    systemctl stop systemd-resolved.service

    $ systemctl disable systemd-resolved.service

    $ systemctl enable pdns
    and

    same for the apach2 service

    • tat0
      tat0 March 1, 2020

      Hi, you are right, as systemd-resolved uses port 53 to work, It needs to be stopped for powerdns works normally. In my Debian Buster install, installing pdns-server package automatically enables and activate the service. apache2 is not needed for this install. Regards.

  7. Alexandre
    Alexandre March 5, 2020

    Thanks for the tutorial,
    It seems the documentation of powerDNS add some foreign keys after creating the tables, but it is not in your sql01.sql script. Have you tried them ? Does it make a big difference ? (Sorry, i’m a newbie in PowerDNS)

    Here is the link to their doc : https://docs.powerdns.com/authoritative/guides/basic-database.html

    I’m referring to his part :
    /*
    Using this SQL causes Mysql to create foreign keys on your database. This will
    make sure that no records, comments or keys exists for domains that you already
    removed. This is not enabled by default, because we’re not sure what the
    consequences are from a performance point of view. If you do have feedback,
    please let us know how this affects your setup.

    Please note that it’s not possible to apply this, before you cleaned up your
    database, as the foreign keys do not exist.
    */
    ALTER TABLE records ADD CONSTRAINT `records_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
    ALTER TABLE comments ADD CONSTRAINT `comments_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
    ALTER TABLE domainmetadata ADD CONSTRAINT `domainmetadata_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
    ALTER TABLE cryptokeys ADD CONSTRAINT `cryptokeys_domain_id_ibfk` FOREIGN KEY (`domain_id`) REFERENCES `domains` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;

    • tat0
      tat0 March 26, 2020

      Hi there, sorry for the delay, I have been out for a while. Honestly I have never used those foreign keys in my installs and never had any problem. If I do some test with them in the future, I will post about it and I will let you know but I do not know if I will be able. I do not know if there could be any potential performance issue when using thousands of domains. Sorry about not able to clarify much more. If you do any test in this respect, please let me know. Regards.

  8. Alexandre Roy
    Alexandre Roy March 6, 2020

    I stend 2 days trying to understand why it is not working. I found it and fixed your instructions, please update them :

    Download and uncompress pdns-buster-updated.zip anywhere in the server, then cd into pdns folder.
    Edit sql01.sql and modify the second line to set a secure password instead of the default one ‘mypassword1’.
    Edit sql02.sql and modify the second line to set a secure password instead of the default one ‘mypassword2’.
    Edit powerdns-admin.conf and modify the value of server_name to match the fqdn we want our pdnsadmin be served from.
    Execute install.sh script:
    Set mariadb root password when prompted.
    Provide mariadb root password to execute sql01.sql when prompted.
    Edit /etc/powerdns/pdns.d/pdns.local.gmysql.conf db settings to match this ones:
    user: pdnsuser
    password: (mypassword1)
    host: localhost
    db name: pdns
    Provide mariadb root password to execute sql02.sql when prompted.
    Edit /opt/web/powerdns-admin/powerdnsadmin/default_config.py db settings to match this ones:
    user: pdnsadminuser
    password: (mypassword2)
    host: localhost
    db name: pdnsadmin
    Enter web interface (domain provided in step 4) and click on create account to create the first account, that will be an admin account.
    Log in into pdnsAdmin with the newly created account.
    Configure pdns api and pdns key, http://127.0.0.1:8081/ and the one provided at the end of the script.
    Enjoy!

    • tat0
      tat0 March 26, 2020

      Hi, instructions are OK, in this install, database created with sql02.sql (pdnsadmin) is not used at all, instead pdns database is used for both powerdns and powerdns-Admin tables. I do this to easy me to do some data analisys over the same database. To clarify, It can be done in both ways, using one database for all tables as in the post or as you stated using separate databases for powerdns and powerdns-Admin. Hope this makes sense. BR.

  9. Low
    Low March 25, 2020

    Hi, I have a little problem, when I install on my virtual machine, everything works perfectly but when I install on my vps (OVH), I get errors like that of Nicolai. I use debian 9 (9.12, kernel 4.9.189)

    • tat0
      tat0 March 26, 2020

      Hi, those errors points to not create and activate the python virtual environment during install. This can be caused because of any sw or version (python, os, pip, …) installed in your system. I would need the output of the installation script to look for any clue about the issue. Hope this helps. Regards.

  10. low
    low March 26, 2020

    Hi, I had obtained errors during the installation on debian 9, so I decided to install on debian 10, everything very well worked, no error during the installation.
    However when I wanted to authenticate on the web page I got a 403 error. I checked the status of powerdns, powerdns-admin and mariadb, I get:

    powerdns:
    mars 26 02:29:16 vps777955 pdns_server[9572]: Using 64-bits mode. Built using gcc 8.3.0.
    mars 26 02:29:16 vps777955 pdns_server[9572]: PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.
    mars 26 02:29:16 vps777955 pdns_server[9572]: Listening for HTTP requests on 0.0.0.0:8081
    mars 26 02:29:16 vps777955 pdns_server[9572]: Creating backend connection for TCP
    mars 26 02:29:16 vps777955 pdns_server[9572]: [bindbackend] Parsing 0 domain(s), will report when done
    mars 26 02:29:16 vps777955 pdns_server[9572]: [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
    mars 26 02:29:16 vps777955 systemd[1]: Started PowerDNS Authoritative Server.
    mars 26 02:29:16 vps777955 pdns_server[9572]: About to create 3 backend threads for UDP
    mars 26 02:29:16 vps777955 pdns_server[9572]: Done launching threads, ready to distribute questions
    mars 26 04:12:47 vps777955 pdns_server[9572]: Backend reported permanent error which prevented lookup (GSQLBackend lookup query:Could not prepare statement: SELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and type=? and name=?: MySQL server has gone away), aborting

    powerdns-admin:
    mars 26 11:01:24 vps777955 gunicorn[8791]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/sqlalchemy/engine/base.py”, line 1171, in _execute_context
    mars 26 11:01:24 vps777955 gunicorn[8791]: conn = self._revalidate_connection()
    mars 26 11:01:24 vps777955 gunicorn[8791]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/sqlalchemy/engine/base.py”, line 457, in _revalidate_connection
    mars 26 11:01:24 vps777955 gunicorn[8791]: “Can’t reconnect until invalid ”
    mars 26 11:01:24 vps777955 gunicorn[8791]: sqlalchemy.exc.StatementError: (sqlalchemy.exc.InvalidRequestError) Can’t reconnect until invalid transaction is rolled back
    mars 26 11:01:24 vps777955 gunicorn[8791]: [SQL: SELECT setting.id AS setting_id, setting.name AS setting_name, setting.value AS setting_value
    mars 26 11:01:24 vps777955 gunicorn[8791]: FROM setting
    mars 26 11:01:24 vps777955 gunicorn[8791]: WHERE setting.name = %s
    mars 26 11:01:24 vps777955 gunicorn[8791]: LIMIT %s]
    mars 26 11:01:24 vps777955 gunicorn[8791]: [parameters: [immutabledict({})]]

    mariadb:
    mars 26 02:31:25 vps777955 /etc/mysql/debian-start[9801]: Looking for ‘mysql’ as: /usr/bin/mysql
    mars 26 02:31:25 vps777955 /etc/mysql/debian-start[9801]: Looking for ‘mysqlcheck’ as: /usr/bin/mysqlcheck
    mars 26 02:31:25 vps777955 /etc/mysql/debian-start[9801]: This installation of MariaDB is already upgraded to 10.4.12-MariaDB, use –force if you still need to run mysql_upgrade
    mars 26 02:31:25 vps777955 /etc/mysql/debian-start[9809]: Checking for insecure root accounts.
    mars 26 02:31:25 vps777955 /etc/mysql/debian-start[9813]: Triggering myisam-recover for all MyISAM tables and aria-recover for all Aria tables
    mars 26 03:31:53 vps777955 mysqld[9762]: 2020-03-26 3:31:53 36 [Warning] Aborted connection 36 to db: ‘pdnsadmin’ user: ‘powerdnsadminuser’ host: ‘localhost’ (Got timeout reading communication packets)
    mars 26 04:22:47 vps777955 mysqld[9762]: 2020-03-26 4:22:47 37 [Warning] Aborted connection 37 to db: ‘pdns’ user: ‘powerdnsuser’ host: ‘localhost’ (Got timeout reading communication packets)
    mars 26 06:11:36 vps777955 mysqld[9762]: 2020-03-26 6:11:36 38 [Warning] Aborted connection 38 to db: ‘pdnsadmin’ user: ‘powerdnsadminuser’ host: ‘localhost’ (Got timeout reading communication packets)
    mars 26 07:42:38 vps777955 mysqld[9762]: 2020-03-26 7:42:38 39 [Warning] Aborted connection 39 to db: ‘pdnsadmin’ user: ‘powerdnsadminuser’ host: ‘localhost’ (Got timeout reading communication packets)
    mars 26 10:07:23 vps777955 mysqld[9762]: 2020-03-26 10:07:23 40 [Warning] Aborted connection 40 to db: ‘pdnsadmin’ user: ‘powerdnsadminuser’ host: ‘localhost’ (Got timeout reading communication packets)

    for information I use a vps ovh under debian 10.3 and kernel: Linux vps777955 4.19.0-5-cloud-amd64 # 1 SMP Debian 4.19.37-5 + deb10u1 (2019-07-19) x86_64 GNU / Linux

    • tat0
      tat0 March 26, 2020

      Hi, I have faced that issue a few times in the /login page and when applying changes. It seems related to how the app manages the session and CSRF token, perhaps a bug, see https://github.com/ngoduykhanh/PowerDNS-Admin/issues/552. Actually I do not know any workaround for this apart than reload the browser a few times in order to regenerate the session. I do not usually face this because I mostly use powerdns trough api. Sorry about that, Regards.

  11. Alan
    Alan April 1, 2020

    I get to the end of the process and get this

    Job for nginx.service failed because the control process exited with error code.
    See “systemctl status nginx.service” and “journalctl -xe” for details.

    • ALan
      ALan April 2, 2020

      Actually I disabled bind and now it’s started up, I haven’t figured out how to get into pdns-admin though

      • tat0
        tat0 April 3, 2020

        Hi, powerdns-Admin should be accessible through the nginx virtualhost configured from step 4. You would need access to it by domain configured in server_name in powerdns-admin.conf. Let me know if you have any other issue. BR.

        • Alan
          Alan April 9, 2020

          I just get an “internal server error”

        • Alan
          Alan April 14, 2020

          when I go to my FQDN it just gives “Internal Server Error”

          • tat0
            tat0 April 18, 2020

            Hi, It seems that powerdns-admin has not been properly build, please check if the service is running (service powerdns-admin status) and if its socket exists (ls -l /run/powerdns-admin/socket). If both are ok, then it should be a nginx virtualhost missconfiguration. I would need both, the output of the build and the nginx config to check what can be the cause of the issue. Regards.

    • tat0
      tat0 April 3, 2020

      Hi, this usually happens when there is another web server running so nginx cannot start. You can check status of nginx by issuing ‘service nginx status’ command. Hope this helps.

  12. GK
    GK April 12, 2020

    http://myhost.mydomain:8081 just work fine.
    But when I go to http://myhost.mydomain , I just get an “internal server error”.

    root@ns01:~# service nginx status
    ● nginx.service – A high performance web server and a reverse proxy server
    Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
    Active: active (running) since Sat 2020-04-11 22:32:56 -03; 20s ago
    Docs: man:nginx(8)
    Process: 979 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 980 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Main PID: 981 (nginx)
    Tasks: 3 (limit: 4915)
    Memory: 3.9M
    CGroup: /system.slice/nginx.service
    ├─981 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
    ├─982 nginx: worker process
    └─983 nginx: worker process

    Apr 11 22:32:56 ns01 systemd[1]: Starting A high performance web server and a reverse proxy server…
    Apr 11 22:32:56 ns01 systemd[1]: Started A high performance web server and a reverse proxy server.

    • tat0
      tat0 April 18, 2020

      Hi, It seems that powerdns-admin has not been properly build, please check if its socket exists (ls -l /run/powerdns-admin/socket). If yes, then it should be a nginx virtualhost missconfiguration. I would need both, the output of the build and the nginx config to check what can be the cause of the issue. Regards.

  13. Alan Stukenholtz
    Alan Stukenholtz April 23, 2020

    root@resolver1:~# ls -l /run/powerdns-admin/socket
    srwxrwxrwx 1 pdns pdns 0 Apr 9 15:06 /run/powerdns-admin/socket
    root@resolver1:~# service powerdns-admin status
    ● powerdns-admin.service – PowerDNS-Admin
    Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor p
    Active: active (running) since Thu 2020-04-09 15:06:08 CDT; 1 weeks 6 days ag
    Main PID: 17011 (gunicorn)
    Tasks: 2 (limit: 4915)
    Memory: 65.5M
    CGroup: /system.slice/powerdns-admin.service
    ├─17011 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-ad
    └─17031 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-ad
    {I edited out my domain name on these lines}
    Apr 13 14:00:23 gunicorn[17011]: File “/opt/web/powerd
    Apr 13 14:00:23 gunicorn[17011]: return dialect.conn
    Apr 13 14:00:23 gunicorn[17011]: File “/opt/web/powerd
    Apr 13 14:00:23 gunicorn[17011]: return self.dbapi.c
    Apr 13 14:00:23 gunicorn[17011]: File “/opt/web/powerd
    Apr 13 14:00:23 gunicorn[17011]: return Connection(*
    Apr 13 14:00:23 gunicorn[17011]: File “/opt/web/powerd
    Apr 13 14:00:23 ******* gunicorn[17011]: super(Connection, s
    Apr 13 14:00:23 ******* gunicorn[17011]: sqlalchemy.exc.Operatio
    Apr 13 14:00:23 ******* gunicorn[17011]: (Background on this err

    PRETTY_NAME=”Debian GNU/Linux 10 (buster)”
    NAME=”Debian GNU/Linux”
    VERSION_ID=”10″
    VERSION=”10 (buster)”
    VERSION_CODENAME=buster
    ID=debian
    HOME_URL=”https://www.debian.org/”
    SUPPORT_URL=”https://www.debian.org/support”
    BUG_REPORT_URL=”https://bugs.debian.org/”

    Static hostname: *****.starrtech.net
    Icon name: computer-container
    Chassis: container
    Machine ID: bbfab8a1430648fa817fcc2af9c2d285
    Boot ID: 9a97a2b3bc4d44ed8a3c8351e4f88360
    Virtualization: openvz
    Operating System: Debian GNU/Linux 10 (buster)
    Kernel: Linux 4.19.0
    Architecture: x86-64

    nginx.conf

    user www-data;
    worker_processes auto;
    pid /run/nginx.pid;
    include /etc/nginx/modules-enabled/*.conf;

    events {
    worker_connections 768;
    # multi_accept on;
    }

    http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
    }

    #mail {
    # # See sample authentication script at:
    # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
    #
    # # auth_http localhost/auth.php;
    # # pop3_capabilities “TOP” “USER”;
    # # imap_capabilities “IMAP4rev1” “UIDPLUS”;
    #
    # server {
    # listen localhost:110;
    # protocol pop3;
    # proxy on;
    # }
    #
    # server {
    # listen localhost:143;
    # protocol imap;
    # proxy on;
    # }
    server {
    listen *:80;
    server_name (mydomain name is here);

    index index.html index.htm index.php;
    root /opt/web/powerdns-admin;
    access_log /var/log/nginx/powerdns-admin.local.access.log combined;
    error_log /var/log/nginx/powerdns-admin.local.error.log;

    client_max_body_size 10m;
    client_body_buffer_size 128k;
    proxy_redirect off;
    proxy_connect_timeout 90;
    proxy_send_timeout 90;
    proxy_read_timeout 90;
    proxy_buffers 32 4k;
    proxy_buffer_size 8k;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_headers_hash_bucket_size 64;

    location ~ ^/static/ {
    include /etc/nginx/mime.types;
    root /opt/web/powerdns-admin/powerdnsadmin;

    location ~* \.(jpg|jpeg|png|gif)$ {
    expires 365d;
    }

    location ~* ^.+.(css|js)$ {
    expires 7d;
    }
    }

    location / {
    proxy_pass http://unix:/run/powerdns-admin/socket;
    proxy_read_timeout 120;
    proxy_connect_timeout 120;
    proxy_redirect off;
    }
    }

    • tat0
      tat0 April 25, 2020

      Hi Alan, It seems to be some gunicorn errors when you execute ‘service powerdns-admin status’ but I can not see the full lines cause they are cut in your comment. Please try to paste them full again. All the rest of configuration you pasted seems to be ok for me so It should be a gunicorn related issue during the buid of powerdns-admin. Sorry I can not help much more as I am not a developer nor related to powerdns-admin staff. I can tell that I am running two or three of this installations weekly on plain debian buster until date and all of them run flawlessly. BR.

  14. Alan Stukenholtz
    Alan Stukenholtz April 29, 2020

    What is your starting point? Which Debian ISO, what install options?
    Virtual environment, or physical?

  15. Alan
    Alan April 29, 2020

    ● powerdns-admin.service – PowerDNS-Admin
    Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor preset: enabled)
    Active: active (running) since Wed 2020-04-29 16:18:06 CDT; 6min ago
    Main PID: 10923 (gunicorn)
    Tasks: 2 (limit: 2288)
    Memory: 66.0M
    CGroup: /system.slice/powerdns-admin.service
    ├─10923 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/flask/bin/gunicorn –pid /run/powerdns-admin/pid –bind unix:/run/powerdns-admin/socket powerdnsadmin:create_app()
    └─10943 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/flask/bin/gunicorn –pid /run/powerdns-admin/pid –bind unix:/run/powerdns-admin/socket powerdnsadmin:create_app()

    Apr 29 16:23:13 resolver3 gunicorn[10923]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/sqlalchemy/engine/strategies.py”, line 114, in connect
    Apr 29 16:23:13 resolver3 gunicorn[10923]: return dialect.connect(*cargs, **cparams)
    Apr 29 16:23:13 resolver3 gunicorn[10923]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/sqlalchemy/engine/default.py”, line 482, in connect
    Apr 29 16:23:13 resolver3 gunicorn[10923]: return self.dbapi.connect(*cargs, **cparams)
    Apr 29 16:23:13 resolver3 gunicorn[10923]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/MySQLdb/__init__.py”, line 84, in Connect
    Apr 29 16:23:13 resolver3 gunicorn[10923]: return Connection(*args, **kwargs)
    Apr 29 16:23:13 resolver3 gunicorn[10923]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/MySQLdb/connections.py”, line 179, in __init__
    Apr 29 16:23:13 resolver3 gunicorn[10923]: super(Connection, self).__init__(*args, **kwargs2)
    Apr 29 16:23:13 resolver3 gunicorn[10923]: sqlalchemy.exc.OperationalError: (MySQLdb._exceptions.OperationalError) (1045, “Access denied for user ‘pda’@’localhost’ (using password: YES)”)
    Apr 29 16:23:13 resolver3 gunicorn[10923]: (Background on this error at: http://sqlalche.me/e/e3q8)
    ~
    ~
    ~

    • Alan
      Alan April 29, 2020

      I think I see what I did wrong, I’m going to try again

      • alan
        alan April 29, 2020

        got through the script but now my URL just brings up the nginx default page

        ● powerdns-admin.service – PowerDNS-Admin
        Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor preset: enabled)
        Active: active (running) since Wed 2020-04-29 17:53:08 CDT; 7min ago
        Main PID: 398 (gunicorn)
        Tasks: 2 (limit: 2288)
        Memory: 101.6M
        CGroup: /system.slice/powerdns-admin.service
        ├─398 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/flask/bin/gunicorn –pid /run/powerdns-admin/pid –bind unix:/run/powerdns-admin/socket powerdnsad
        └─562 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/flask/bin/gunicorn –pid /run/powerdns-admin/pid –bind unix:/run/powerdns-admin/socket powerdnsad

        Apr 29 17:59:24 resolver3 gunicorn[398]: db.query(q)
        Apr 29 17:59:24 resolver3 gunicorn[398]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/MySQLdb/connections.py”, line 239, in query
        Apr 29 17:59:24 resolver3 gunicorn[398]: _mysql.connection.query(self, query)
        Apr 29 17:59:24 resolver3 gunicorn[398]: sqlalchemy.exc.ProgrammingError: (MySQLdb._exceptions.ProgrammingError) (1146, “Table ‘pdns.setting’ doesn’t exist”)
        Apr 29 17:59:24 resolver3 gunicorn[398]: [SQL: SELECT setting.id AS setting_id, setting.name AS setting_name, setting.value AS setting_value
        Apr 29 17:59:24 resolver3 gunicorn[398]: FROM setting
        Apr 29 17:59:24 resolver3 gunicorn[398]: WHERE setting.name = %s
        Apr 29 17:59:24 resolver3 gunicorn[398]: LIMIT %s]
        Apr 29 17:59:24 resolver3 gunicorn[398]: [parameters: (‘site_name’, 1)]
        Apr 29 17:59:24 resolver3 gunicorn[398]: (Background on this error at: http://sqlalche.me/e/f405)

        • tat0
          tat0 May 4, 2020

          Hi, there seems to be a missing table in database (pdns.settings). This table is created when command ‘flask assets build’ is executed, so It could be related to any error in the installation before this command. Check correct install of yarn and nodejs, check that curl is working on the system and check the output of the script to see if you are entering python3 virtual environment properly prior to PowerDNS-Admin flask app and yarn installation. I hope this checks can help you to find the issue. By the way I use latest debian netinst iso image (https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.3.0-amd64-netinst.iso at the time of writing this post) with ssh server and standard system utilities packages selected during install, no graphic environment. I use this for all types of hardware, physical servers, virtual machines (qnap, vmware, virtualbox) as well as cloud servers (AWS and GCP). For nginx serving its default page, make sure you changed the server_name in the file powerdns-admin.conf in /etc/nginx/sites-enabled directory, and make sure you access the pdns-admin page using the domain configured. Regards.

  16. Alegon
    Alegon May 3, 2020

    Hello i’m getting three errors during the install:

    1. Failed to start PowerDNS Authoritative Server.
    2. Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-install-j9DV4l/filelock/
    3. Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-install-LUFM1v/Flask-Assets/
    How can i fix this?

    • tat0
      tat0 May 18, 2020

      Hi, error 1 seem related to pdns installation or a database connection issue. Errors 2 and 3 could be related to yarn install or python virtual environment related, like not being in the virtual env while installig. Can not say much more as I am on mobile. Would need the output of installation script to check for any other evidence. Hope this helps.

  17. Alan
    Alan May 4, 2020

    Two things..
    had to use the command – “PATH=/usr/sbin/:$PATH” before starting or it would give me an error at the end, you can also enter it at the end.

    Also, the whole thing, that was screwing me up is there was a % sign in my password

    • tat0
      tat0 May 8, 2020

      Hi Alan, glad to hear that you solved the issue. It sounds strange to me as my debian servers root path variable already includes ‘/usr/sbin/’. Which user are you running the script with? Script should be run as root user as stated in the post.
      As side note, would you mind to share your distro and/or hw just in case it can help other user who might have similar issues? Thanks in advance.

  18. Pontius Malmberg
    Pontius Malmberg May 11, 2020

    Fresh install, Debian 10 x64 (buster), nothing else installed, ran script, didn’t see any errors. But once going to web page for PowerDNS login, I’m getting “Internal Server Error”. When going to stats page example.com:8081, that page works.
    Here’s output from service powerdns-admin status

    root@ns01:~/pdns# systemctl enable pdns
    Synchronizing state of pdns.service with SysV service script with /lib/systemd/systemd-sysv-install.
    Executing: /lib/systemd/systemd-sysv-install enable pdns
    root@ns01:~/pdns# service powerdns-admin status
    ● powerdns-admin.service – PowerDNS-Admin
    Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor preset: enabled)
    Active: active (running) since Mon 2020-05-11 05:32:32 UTC; 31min ago
    Main PID: 26043 (gunicorn)
    Tasks: 2 (limit: 1149)
    Memory: 68.3M
    CGroup: /system.slice/powerdns-admin.service
    ├─26043 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/flask/bin/gunicorn –pid /run/powerdns-admin/pid –bind unix:/run/powerdns-admin/
    └─26064 /opt/web/powerdns-admin/flask/bin/python /opt/web/powerdns-admin/flask/bin/gunicorn –pid /run/powerdns-admin/pid –bind unix:/run/powerdns-admin/

    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/sqlalchemy/engine/strategies.py”, line 114, in
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: return dialect.connect(*cargs, **cparams)
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/sqlalchemy/engine/default.py”, line 482, in con
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: return self.dbapi.connect(*cargs, **cparams)
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/MySQLdb/__init__.py”, line 84, in Connect
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: return Connection(*args, **kwargs)
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: File “/opt/web/powerdns-admin/flask/lib/python3.7/site-packages/MySQLdb/connections.py”, line 179, in __init__
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: super(Connection, self).__init__(*args, **kwargs2)
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: sqlalchemy.exc.OperationalError: (MySQLdb._exceptions.OperationalError) (1045, “Access denied for user ‘pda’@’loc
    May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: (Background on this error at: http://sqlalche.me/e/e3q8)

    • tat0
      tat0 May 18, 2020

      Hi, as stated in the output of your command ‘service powerdns-admin status’ It seems to be a database connection error (May 11 05:59:03 ns01.DOMAIN gunicorn[26043]: sqlalchemy.exc.OperationalError: (MySQLdb._exceptions.OperationalError) (1045, “Access denied for user ‘pda’@’loc), probably differences between sql01.sql and default_config.py files, you may rebuild pdns-admin with proper values, hope this helps, BR.

  19. Alan Stukenholtz
    Alan Stukenholtz February 23, 2021

    Buster on a windows Hyper-v

    So now that we have it, how do we upgrade powerdns_admin?

    • tat0
      tat0 February 26, 2021

      Hi, unfortunately I no longer maintain those pdns-admin I used to, so I do not have an installation where test it. Anyway by memory the procedure would be something like this:

      cd /opt/web/powerdns-admin
      git fetch
      # backup modified files (e.g. powerdnsadmin/default_config.py)
      git reset --hard
      git pull
      # restore modified files
      source ./flask/bin/activate
      pip install -r requirements.txt
      # db upgrade
      export FLASK_APP=powerdnsadmin/__init__.py
      flask db upgrade
      # regenerate asset files
      yarn install --pure-lockfile
      flask assets build
      deactivate
      chown -R pdns:pdns /opt/web/powerdns-admin/powerdnsadmin/static/
      # restart service

      These would be the steps to have PowerDNS-Admin updated. Do not forget to backup your system, database, and so on just in case things go wrong. Regards.

  20. Moggy
    Moggy August 19, 2021

    Thanks for this. Made life easier.
    However I found that it failed when configuring ‘flask’
    The fix was to install python3-pip instead of python-pip and then using pip3 later on
    apt-get -y install git python3-pip
    #
    pip3 install virtualenv
    #
    pip3 install -r requirements.txt

    Debian 10 Buster (10.10)

    • tat0
      tat0 February 3, 2023

      Hi, thanks for your comment, hopefully It can help others with a similar issue.

Leave a Reply

Your email address will not be published. Required fields are marked *