- Timestamp:
- 01/05/12 18:04:18 (13 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/DNSDB.pm
r216 r218 143 143 sub loadConfig { 144 144 my $basename = shift || ''; # this will work OK 145 ##fixme $basename isn't doing what I think I thought I was trying to do. 145 146 146 147 my $deferr = ''; # place to put error from default config file in case we can't find either one -
trunk/INSTALL
-
Property svn:keywords
set to
Id Date Author
r217 r218 1 $Id : INSTALL 508 2011-11-16 21:28:37Z kdeugau$1 $Id$ 2 2 3 3 Requirements … … 6 6 - Any CGI-capable web server that can execute arbitrary files or 7 7 files with administrator-defineable extensions 8 - PostgreSQL >= 7.4. It should be possible to (fairly) trivially patch 9 the code for any other DBMS that supports: 10 - an IP address/CIDR netblock data type 11 - higher/greater, lower/less than, contains, and is-contained-by 12 operators 8 - PostgreSQL >= 7.4. It should be possible to trivially convert to 9 other DBMSes, however I recommend against any that don't fully 10 support transactions on all changes. 13 11 - Perl >= 5.6 14 12 - Standard modules: … … 29 27 - NetAddr::IP >= 4.x. 3.x may work, however 4.x has been out for 30 28 more than 4 years. 29 - tinydns - support for other DNS server software is planned 31 30 32 31 Installing DeepNet DNS Administrator … … 35 34 1) Untar in a convenient location. You should be able to simply use the 36 35 unpacked tarball as-is, or you can run "make install" to install files 37 in /usr/local/ lib/dnsadmin-#VERSION#, with configuration modulesin38 /usr/local/etc/dns admin-#VERSION#.36 in /usr/local/share/dnsadmin-#VERSION#, with configuration in 37 /usr/local/etc/dnsdb. 39 38 40 The Makefile supports substitution on most standard 41 GNU/FHS-ish paths,so you could also run:39 The Makefile supports substitution on most standard GNU/FHS-ish paths, 40 so you could also run: 42 41 43 42 make install prefix=/opt … … 51 50 to install for packaging under /tmp/dnsdbpkgroot with the core scripts 52 51 and HTML packaged under /usr/share/dnsdb-#VERSION#, and the configuration 53 modulespackaged under /etc/dnsdb.52 packaged under /etc/dnsdb. 54 53 55 2) Configuration: These module files will either be in the cgi-bin/ 56 directory from the unpacked tarball, or /usr/local/etc/dnsdb 57 if installed with 'make install'. 58 a) Edit MyIPDB.pm: you need to set the database DSN and 59 company info. You should probably also set the syslog facility and 60 default custid. 61 b) Edit CustIDCK.pm as needed to validate customer IDs. 54 2) Configuration: By default DNS Administrator looks for configuration in 55 /etc/dnsdb/dnsdb.conf. Edit this file with the database name, user, and 56 password, and the database host if necessary. 62 57 63 4) As a Postgres superuser, create a database user and the database: 58 Setting the options under the "mail" heading is also recommended. 59 60 3) As a Postgres superuser, create a database user and the database (replace 61 the database name, user and password as appropriate): 64 62 65 63 shell> psql template1 66 pg# create user ipdb with password "ipdbpwd";67 pg# create database ipdb owner ipdb;64 pg# create user dnsdb with password "dnsdbpwd"; 65 pg# create database dnsdb owner dnsdb; 68 66 69 Add the PL/pgSQL language to the database. This is not strictly 70 necessary but there are triggers on the poolips and allocations table 71 to automatically update a last-modified column. 67 Create the inital tables using dns.sql: 72 68 73 pg# \c ipdb 74 pg# create language plpgsql 69 shell> psql -U dnsdb dnsdb <dns.sql 75 70 76 Create the inital tables using cgi-bin/ipdb.psql:77 71 78 shell> psql -U ipdb ipdb <cgi-bin/ipdb.psql 79 80 5) Configure your webserver to call the IPDB scripts at an appropriate 81 web path. A webroot pointing to the HTML files (first level under 82 the ipdb-#VERSION#/ tarball directory, or /usr/local/lib/ipdb-#VERSION#) 83 should work fine; a server alias under an existing virtual host should 84 work as well. 85 86 Set $IPDB::webpath (the web path to your IPDB install) in MyIPDB.pm. 87 Straight out of the tarball it should work at the webroot, but if you 88 want it in a subdirectory, you'll need to set this variable to get all 89 of the internal links to behave properly. 72 ##work 73 4) Configure your webserver to call the DNS Administrator scripts 74 at an appropriate web path. A webroot pointing to the HTML files 75 (first level under the dnsadmin-#VERSION#/ tarball directory, or 76 /usr/local/lib/dnsadmin-#VERSION#) should work fine; a server 77 alias under an existing virtual host should work as well. 90 78 91 79 The directory containing the HTML and scripts must have at least the … … 94 82 Options ExecCGI IncludesNoEXEC 95 83 96 6) User lists can be maintained two basic ways: 97 98 a) Use the built-in user manager to add and remove users. This 99 requires mod_auth_pgsql, configured with read/write access to the 100 IPDB users table. A default user admin, password admin, is created 101 in step 4 above - make sure to create a new user as an admin, and 102 remove the default user (or at least change its password). 103 104 b) Use the built-in user manager as in a) but create a short script to 105 export the user list to a standard .htpasswd file. This may be 106 useful if mod_auth_pgsql isn't easily available. 107 108 c) Maintain an external .htpasswd file of your own, configured and 109 maintained however you like. In this case the access-pwd-update.pl 110 script should edited to match the .htpasswd filename/path and should 111 be called from cron to make sure new users get added to the 112 database, and old ones get deleted. This extra maintenance of user 113 lists is necessary to support the access controls, which are stored 114 in the database. 115 116 You will have to either temporarily create a user "admin", so that user 117 can grant other users priviledges, or run the following on the database: 118 119 UPDATE users SET acl='bacdsA' WHERE username='newadminuser'; 120 121 Replace 'newadminuser' as appropriate. 122 123 If you don't do this, nobody will be able to make any changes; 124 access-pwd-update.pl only grants minimal read access to new users. 125 126 7) (optional) Pick a log facility by setting $IPDB::syslog_facility in 127 MyIPDB.pm, and tweak your syslog configuration to direct IPDB logging 128 to a custom log. Most logging is at the level of "info" or "warn". 129 Full changes are not logged. Logging verbosity isn't very high, so it 130 may be acceptable to leave the log stream at the defaults. 84 5) A default user "admin", password "admin" is created when you create 85 the initial tables in step 3. You should at least change the password 86 on this account, or create another superuser account and remove this 87 one. 131 88 132 89 --- 133 90 134 Basic installation should now be complete! Log in as an admin user, 135 add your ARIN, RIPE, LACNIC, AfriNIC, or APNIC allocations and start 136 documenting your netblock usage. 91 Basic installation should now be complete! Log in and start adding 92 your domains and domain records. 137 93 138 If you want to export rWHOIS data, see http://www.unixadmin.cc/rwhois/ 139 for a place to start on setting up an rWHOIS server. Note that 140 db2rwhois.pl creates and maintains the net-<cidr> trees, all you have 141 to do is configure the daemon itself. Schedule runs of 142 cgi-bin/extras/db2rwhois.pl followed by rwhois_indexer (every hour 143 should be plenty often). You'll need to fill in correct organization 144 contact info in MyIPDB.pm. 145 146 If you're just running from the unpacked tarball directory, you may need 147 to create symlinks in cgi-bin/extras/ for IPDB.pm and MyIPDB.pm, 148 pointing to ../IPDB.pm and ../MyIPDB.pm respectively. Otherwise 149 db2rwhois.pl won't be able to find these modules. 94 A minimal export script is included (export.pl). This should be modified 95 to create the tinydns data file where appropriate for your installation, 96 and set to be called from cron on a regular basis. -
Property svn:keywords
set to
Note:
See TracChangeset
for help on using the changeset viewer.