Powerdns with sqlite

Thu, May 14, 2020 2-minute read

Installing powerdns on Centos 8 is fairly simple:

sudo yum install epel-release
sudo dnf install -y 'dnf-command(config-manager)'
sudo dnf config-manager --set-enabled PowerTools
sudo curl -o /etc/yum.repos.d/powerdns-auth-master.repo https://repo.powerdns.com/repo-files/centos-auth-master.repo
sudo dnf install pdns

Recursor same way:

sudo yum install epel-release
sudo dnf install -y 'dnf-command(config-manager)'
sudo dnf config-manager --set-enabled PowerTools
sudo curl -o /etc/yum.repos.d/powerdns-rec-master.repo https://repo.powerdns.com/repo-files/centos-rec-master.repo
sudo dnf install pdns-recursor

Powerdns configuration files are located in

/etc/pdns

/etc/pdns-recursor

Add a configuration dir for both services:

sudo mkdir /etc/pdns/pdns.d
sudo mkdir /etc/pdns-recursor/recursor.d
sudo touch /etc/pdns/pdns.d/local.conf
sudo touch /etc/pdns/pdns.d/sqlite.conf
sudo touch /etc/pdns/pdns.d/api.conf
sudo touch /etc/pdns-recursor/recursor.d/local.conf

Edit the powerdns configuration files:

sudo cat <<EOT >> /etc/pdns/pdns.d/local.conf
launch=
local-ipv6=
local-address=10.1.0.10, 127.0.0.1
local-port=5300
default-soa-name=ns1.r00t.dk
default-ttl=3600
disable-axfr=yes
log-dns-details=on
loglevel=3
master=yes
allow-dnsupdate-from=192.168.0.0/24, 10.0.0.0/8, 127.0.0.0/8, ::1
cache-ttl=10
#uncomment the following line if you want to hide what kind of name server you are running - you can also use
#version-string=anonymous
#version-string='its a kind of magic'
EOT

sudo cat <<EOT >> /etc/pdns/pdns.d/api.conf
api=yes
api-key=<yoursecretkey>
webserver=yes
#the port you want the api to listen on
webserver-port=8081
#uncomment the following two lines if you want the api available from other than localhost
#webserver-address=0.0.0.0
#webserver-allow-from=0.0.0.0/0

EOT

sudo cat <<EOT >> /etc/pdns/pdns.d/sqlite.conf
launch+=gsqlite3
# Database location
gsqlite3-database=/var/lib/powerdns/pdns.sqlite3
gsqlite3-dnssec=on
EOT

Edit the powerdns recursor configuration files:

sudo cat <<EOT >> /etc/pdns-recursor/recursor.d/local.conf
local-address=10.1.0.10,127.0.0.1
forward-zones=r00t.dk=127.0.0.1:5300
allow-from=0.0.0.0/0
#trace=on
#uncomment the following line if you want to hide what kind of name server you are running - you can also use
#version-string=anonymous
#version-string='its a kind of magic'
EOT

Sqlite also needs to be primed, but before that can happen you need to install sqlite unless its already installed:

sudo dnf install sqlite

Install the schema for the sqlite database:

sudo sqlite3 /var/lib/powerdns/pdns.sqlite3 < /usr/share/doc/pdns-backend-sqlite/schema.sqlite3.sql
sudo chown pdns:pdns /var/lib/powerdns/pdns.sqlite3

Lastly you need to enable and start both services:

sudo systemctl enable pdns
sudo systemctl enable pdns-recursor
sudo systemctl start pdns
sudo systemctl start pdns-recursor

That should be everything to get a powerdns server with a recursor up and running on Centos 8

You can test if the api is accessible by opening a brower towards the ip address of the nameserver on port 8081. This should give you a status page with information about your powerdns server.

If you spot any errors in this, feel free to send me a mail.