Listener::Named::Slave::Provisioning
This listener file will create a php script /var/www/imscp/gui/public/provisioning/slave_provisioning.php that echoes all zones available on your i-MSCP server for zone provisioning on the secondary nameserver. Optionally a HTTP authentication file will be created /var/www/imscp/gui/public/provisioning/.htpasswd. Read the configuration options in the listener file for further details.
Author / Maintainer
Compatibility
i-MSCP >= 1.2.12
Howto install
- Copy the 10_named_slave_provisioning.pl listener file into the /etc/imscp/listeners.d directory. This listener is available in the contrib/Listeners/Named directory of the i-MSCP archive.
- Run perl imscp-autoinstall -dasr named from your i-MSCP version archive and add the slave DNS servers
How-To install the slave DNS servers (w/o i-MSCP)
For this case study, we have three i-MSCP servers with the following hostnames and IP addresses:
We want to add two slave nameservers with the following hostnames and IP addresses:
For each slave nameserver we want to create, we install a fresh Debian Jessie or Ubuntu distribution (base/minimal install), and run the following commands:
Once done, in the /etc/bind/named.conf file, we need add the following configuration stanzas:
then, we need edit the /etc/bind/named.conf.local configuration file as follows:
then, we need edit the /etc/bind/named.conf.options as follow:
- options {
- directory "/var/cache/bind";
- dnssec-validation auto;
- auth-nxdomain no;
- listen-on-v6 { any; };
- # add your ipv6 IP(s) of the nameservers, if needed
- listen-on port 53 {
- 127.0.0.1;
- # the primary IP address of your nameserver, on the secondary nameserver 2.2.2.2
- # (respectfully their real IP addresses of course)
- 2.2.2.1;
- };
- allow-recursion {
- 127.0.0.1;
- };
- allow-query { any; };
- allow-transfer {
- # your i-MSCP server IP(s)
- 1.1.1.1;
- 1.1.1.2;
- 1.1.1.3;
- };
- notify no;
- };
- logging {
- channel bind9log {
- file "/var/log/named/bind9.log" versions 3 size 10m;
- severity dynamic;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel security {
- file "/var/log/named/security.log" versions 2 size 5m;
- severity dynamic;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- category default {
- bind9log;
- };
- category security {
- security;
- };
- category lame-servers {
- null;
- };
- };
then, create the /root/syncdns.sh script as follow:
with the following content:
- #!/bin/bash
- declare -A masters
- masters[imscpserver1.domain.tld]="1.1.1.1"
- masters[imscpserver2.domain.tld]="1.1.1.2"
- masters[imscpserver3.domain.tld]="1.1.1.3"
- for K in "${!masters[@]}" do
- # echo $K ${masters[$K]}
- # in the next line change HTTPUSER and HTTPPASS for the same credentials you used
- # in the listener on your i-MSCP server in $authUsername and $authPassword variables, # if you didn't specified any login credentials just remove or comment our the
- # "--user=HTTPUSER --password=HTTPSPASS" options.
- /usr/bin/wget https://${masters[$K]}:4443/provisioning/slave_provisioning.php --no-check-certificate -O /etc/bind/named.conf.$K.download --user=HTTPUSER --password=HTTPSPASS if test -s /etc/bind/named.conf.$K.download; then
- cp /etc/bind/named.conf.$K.download /etc/bind/named.conf.$K
- /usr/bin/logger "i-MSCP: DNS zones updated from $K\!"
- else
- /usr/bin/logger "i-MSCP: DNS zones could not be downloaded from $K\!"
- fi
- done
- /etc/init.d/bind9 reload
And finally add a cron task by running the following command:
