How To Install PowerDNS on Debian 11

In this guide, we intend to teach you How To Install PowerDNS and PowerDNS Admin on Debian 11.

PowerDNS (pdns) is an open-source authoritative DNS server that works as an alternative to traditional BIND (named) DNS. PowerDNS offers better performance and has minimal memory requirements. It also works with many supporting backends ranging from simple zone files to complex database setups as well as various SQL platforms (Mysql, MariaDB, Oracle, PostgreSQL).

PowerDNS Admin is a web-based administration interface for PowerDNS. Unlike other older front-end applications for PowerDNS, which often write directly to the PowerDNS database, it uses the PowerDNS application programming interface introduced in PowerDNS.

Steps To Install PowerDNS and PowerDNS Admin on Debian 11

To complete this guide, you must log in to your server as a non-root user with sudo privileges. To do this, you can follow our guide on Initial Server Setup with Debian 11.

Also, it would be best if you had a domain name that is pointed to your server’s IP address.

Install MariaDB on Debian 11

In this guide, we use MariaDB as backend storage for PowerDNS zone files.

First, update your local package index with the following command:

sudo apt update

Then, use the following command to install the required packages and dependencies:

sudo apt install software-properties-common gnupg2 curl git -y

Now use the following command to install MariaDB on Debian 11:

sudo apt install mariadb-server mariadb-client

Start and enable your MariaDB service:

# sudo systemctl start mariadb
# sudo systemctl enable mariadb

Create PowerDNS Database

At this point, you need to log in to your MariaDB shell by using the command below:

sudo mysql -u root

Then, from your MariaDB shell run the command below to create a PowerDNS database, here we named it powerdb:

MariaDB [(none)]> CREATE DATABASE powerdb;

Next, create a PowerDNS user and grant all the privileges to it. Here we named it poweruser, remember to choose a strong password for:

MariaDB [(none)]> GRANT ALL ON powerdb.* TO 'poweruser'@'%' IDENTIFIED BY 'password';

Finally, flush the privileges and exit from the MariaDB shell:

MariaDB [(none)]> FLUSH PRIVILEGES; 
MariaDB [(none)]> EXIT

Disable systemd-resolved Service on Debian 11

systemd-resolved is a system service that provides network name resolution to local applications. It implements a caching and validating DNS/DNSSEC stub resolver, as well as an LLMNR and MulticastDNS resolver and responder.

At this point, you need to disable and stop the systemd-resolved service by using the commands below:

# sudo systemctl stop systemd-resolved
# sudo systemctl disable systemd-resolved

Then, you need to remove the symbolic link for the /etc/resolv.conf file by using the command below:

# ls -lh /etc/resolv.conf
-rw-r--r-- 1 root root 102 Nov  6 05:11 /etc/resolv.conf
# sudo unlink /etc/resolv.conf

Next, use the following command to update the /etc/resolv.conf:

echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf

Install PowerDNS on Debian 11

At this point, we will install PowerDNS from the APT repository.

To do this, you can use the command below:

sudo apt install pdns-server pdns-backend-mysql

When your installation is completed, you can configure your PowerDNS database.

Configure PowerDNS Database on Debian 11

At this point, you need to import the PowerDNS database schema. To do this run the command below with the PowerDNS user and database that you have created before:

mysql -u poweruser -p powerdb < /usr/share/pdns-backend-mysql/schema/schema.mysql.sql

After the schema has been imported, you need to configure the PowerDNS connection details to the database. To do this, create and open a file with your favorite text editor, here we use vi:

sudo vi /etc/powerdns/pdns.d/pdns.local.gmysql.conf 

Add the following lines to the file with your PowerDNS database values:

# MySQL Configuration
# Launch gmysql backend
launch+=gmysql
# gmysql parameters
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=powerdb
gmysql-user=poweruser
gmysql-password=password
gmysql-dnssec=yes
# gmysql-socket=

When you are done, save and close the file.

Set the correct ownership and permission for the file:

# sudo chown pdns: /etc/powerdns/pdns.d/pdns.local.gmysql.conf 
# sudo chmod 640 /etc/powerdns/pdns.d/pdns.local.gmysql.conf

Now you can verify your PowerDNS database connection on Debian 11 by using the command below:

# sudo systemctl stop pdns.service 
# sudo pdns_server --daemon=no --guardian=no --loglevel=9

In your output you will see:

Output
...
Nov 06 07:46:55 gmysql Connection successful. Connected to database 'powerdb' on '127.0.0.1'.
Nov 06 07:46:55 About to create 3 backend threads for UDP
Nov 06 07:46:55 gmysql Connection successful. Connected to database 'powerdb' on '127.0.0.1'.
Nov 06 07:46:55 gmysql Connection successful. Connected to database 'powerdb' on '127.0.0.1'.
Nov 06 07:46:55 gmysql Connection successful. Connected to database 'powerdb' on '127.0.0.1'.
Nov 06 07:46:55 Done launching threads, ready to distribute questions
...

Start and Enable PowerDNS Service

At this point, start and enable your PowerDNS service by using the following commands:

# sudo systemctl restart pdns 
# sudo systemctl enable pdns

Check PowerDNS Port

Verify that port 53 is open for PowerDNS on Debian 11:

sudo ss -alnp4 | grep pdns
Output
udp   UNCONN 0      0            0.0.0.0:53        0.0.0.0:*    users:(("pdns_se                                   rver",pid=5962,fd=5))
tcp   LISTEN 0      128          0.0.0.0:53        0.0.0.0:*    users:(("pdns_se                                   rver",pid=5962,fd=7))

You can also check if PowerDNS is responding to requests by using the command below:

dig @127.0.0.1
Output
; <<>> DiG 9.16.15-Debian <<>> @127.0.0.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 53549
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;.                              IN      NS

;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Nov 06 07:52:50 EST 2022
;; MSG SIZE  rcvd: 28

At this point, the installation of PowerDNS is completed, you can proceed to the next step to install PowerDNS Admin on Debian 11.

Install PowerDNS Admin on Debian 11

With this Web-based admin tool, we can easily manage the PowerDNS server. To install PowerDNS admin, you need to install the Python development package and other required packages.

Install Required packages

First, use the following command to install the Python development package:

sudo apt install python3-dev

Then, install the required build tools:

sudo apt install libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config apt-transport-https virtualenv python3-venv build-essential libmariadb-dev git python3-flask -y

At this point, you need to install Node.js on Debian 11. To do this, use the following commands:

# curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash -
# sudo apt install -y nodejs

Also, you need to have Yarn installed on your server. To do this, use the following commands to add the GPG key and repository and install Yarn:

# curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
# echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
# sudo apt update
# sudo apt install yarn -y

Clone PowerDNS Admin Souce Code

At this point, you need to clone the PowerDNS admin source code on Debian 11 by using the command below:

# sudo su - 
# git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /var/www/html/pdns

Create a Virtual Environment

At this point, you need to switch to your /var/www/html/pdns/ directory and create a virtual environment by using the commands below:

# cd /var/www/html/pdns/ 
# virtualenv -p python3 flask

Activate the environment and install the libraries specified in the requirements.txt:

# source ./flask/bin/activate
# pip install --upgrade pip
# pip install -r requirements.txt

After that, use the following command to deactivate your environment:

deactivate

Now you need to configure the PowerDNS admin connectivity to our database.

Configure PowerDNS Admin Connection to PowerDNS Database

To do this, you need to edit the following file:

vi /var/www/html/pdns/powerdnsadmin/default_config.py

Find the lines below and change them to your PowerDNS database details:

### DATABASE CONFIG
SQLA_DB_USER = 'poweruser'
SQLA_DB_PASSWORD = 'password'
SQLA_DB_HOST = '127.0.0.1'
SQLA_DB_NAME = 'powerdb'
SQLALCHEMY_TRACK_MODIFICATIONS = True
....

When you are done, save and close the file.

Create a Database Schema

To do this, you can run the following commands step by step:

# cd /var/www/html/pdns/
# source ./flask/bin/activate
# export FLASK_APP=powerdnsadmin/__init__.py
# flask db upgrade

When you are finished, you should get an output similar to this:

Output
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade  -> 787bdba9e147, Init DB
INFO  [alembic.runtime.migration] Running upgrade 787bdba9e147 -> 59729e468045, Add view column to setting table
INFO  [alembic.runtime.migration] Running upgrade 59729e468045 -> 1274ed462010, Change setting.value data type
INFO  [alembic.runtime.migration] Running upgrade 1274ed462010 -> 4a666113c7bb, Adding Operator Role
INFO  [alembic.runtime.migration] Running upgrade 4a666113c7bb -> 31a4ed468b18, Remove all setting in the DB
INFO  [alembic.runtime.migration] Running upgrade 31a4ed468b18 -> 654298797277, Upgrade DB Schema
INFO  [alembic.runtime.migration] Running upgrade 654298797277 -> 0fb6d23a4863, Remove user avatar
...

Next, you need to generate the asset files using Yarn on Debian 11:

# yarn install --pure-lockfile 
# flask assets build

Last, deactivate your virtual environment:

deactivate

Enable PowerDNS API access on Debian 11

At this point, you need to edit the following file to enable PowerDNS API access:

sudo vi /etc/powerdns/pdns.conf

Find the sections below and add the following lines shown below:

# api   Enable/disable the REST API (including HTTP listener)
#
# api=no
api=yes

#################################
# api-key       Static pre-shared authentication key for access to the REST API
#
# api-key=
api-key=3ce1af6c-981d-4190-a559-1e691d89b90e #You can generate one from https://codepen.io/corenominal/pen/rxOmMJ

When you are done, save and close the file.

Finally, restart PowerDNS on Debian 11 to apply the changes:

sudo systemctl restart pdns

Create PowerDNS Admin Virtual Host File on Debian 11

To complete this step, you need to install Nginx on your server:

sudo apt install nginx

Then, use the following command to create and open a PowerDNS virtual host file:

sudo vi /etc/nginx/conf.d/powerdns-admin.conf

Add the following content to the file:

server {
  listen	*:80;
  server_name               your-domain-name;

  index                     index.html index.htm index.php;
  root                      /var/www/html/pdns;
  access_log                /var/log/nginx/pdnsadmin_access.log combined;
  error_log                 /var/log/nginx/pdnsadmin_error.log;

  client_max_body_size              10m;
  client_body_buffer_size           128k;
  proxy_redirect                    off;
  proxy_connect_timeout             90;
  proxy_send_timeout                90;
  proxy_read_timeout                90;
  proxy_buffers                     32 4k;
  proxy_buffer_size                 8k;
  proxy_set_header                  Host $host;
  proxy_set_header                  X-Real-IP $remote_addr;
  proxy_set_header                  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_headers_hash_bucket_size    64;

  location ~ ^/static/  {
    include  /etc/nginx/mime.types;
    root /var/www/html/pdns/powerdnsadmin;

    location ~*  \.(jpg|jpeg|png|gif)$ {
      expires 365d;
    }

    location ~* ^.+.(css|js)$ {
      expires 7d;
    }
  }

  location / {
    proxy_pass            http://unix:/run/pdnsadmin/socket;
    proxy_read_timeout    120;
    proxy_connect_timeout 120;
    proxy_redirect        off;
  }

}

When you are done, save and close the file.

Rename the default Nginx file with the command below:

sudo mv /etc/nginx/sites-enabled/default{,.old}

Check the syntax of your created file:

nginx -t
Output
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Next, set the correct ownership for the file:

sudo chown -R www-data: /var/www/html/pdns

Restart Nginx to apply the changes:

sudo systemctl restart nginx

Manage PowerDNS Admin on Debian 11

To start and enable your service, you need to create a system unit file for PowerDNS Admin.

create and open the file with the following command:

sudo vi /etc/systemd/system/pdnsadmin.service

Add the following content to the file:

[Unit]
Description=PowerDNS-Admin
Requires=pdnsadmin.socket
After=network.target

[Service]
PIDFile=/run/pdnsadmin/pid
User=pdns
Group=pdns
WorkingDirectory=/var/www/html/pdns
ExecStart=/var/www/html/pdns/flask/bin/gunicorn --pid /run/pdnsadmin/pid --bind unix:/run/pdnsadmin/socket 'powerdnsadmin:create_app()'
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

When you are done, save and close the file.

Also, you need to create a socket file for PowerDNS Admin:

sudo vi /etc/systemd/system/pdnsadmin.socket

Add the following content to the file:

[Unit]
Description=PowerDNS-Admin socket

[Socket]
ListenStream=/run/pdnsadmin/socket

[Install]
WantedBy=sockets.target

when you are done, save and close the file.

Next, create an environment file:

# mkdir /run/pdnsadmin/
# echo "d /run/pdnsadmin 0755 pdns pdns -" >> /etc/tmpfiles.d/pdnsadmin.conf

Set the correct permissions for it:

# chown -R pdns: /run/pdnsadmin/
# chown -R pdns: /var/www/html/pdns/powerdnsadmin/

Finally, reload the system daemon:

sudo systemctl daemon-reload

Next, use the following commands to start and enable the PowerDNS Admin service on Debian 11:

sudo systemctl enable --now pdnsadmin.service pdnsadmin.socket

Verify your PowerDNS Admin is active and running on your server:

#sudo systemctl status pdnsadmin.service
● pdnsadmin.service - PowerDNS-Admin
     Loaded: loaded (/etc/systemd/system/pdnsadmin.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-11-06 08:39:08 EST; 44s ago
TriggeredBy: ● pdnsadmin.socket
   Main PID: 17291 (gunicorn)
      Tasks: 2 (limit: 4679)
...
#sudo systemctl status pdnsadmin.socket
● pdnsadmin.socket - PowerDNS-Admin socket
     Loaded: loaded (/etc/systemd/system/pdnsadmin.socket; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-11-06 08:39:08 EST; 44s ago
   Triggers: ● pdnsadmin.service
     Listen: /run/pdnsadmin/socket (Stream)
...

Access PowerDNS Admin Web Interface

At this point, you can access your PowerDNS Admin web interface by typing your server’s IP or Domain name in your web browser:

http://domain_name 
or 
http://IP_address

Begin by creating the admin user account. With the required details provides, click register to create the account. Now login to the PowerDNS Admin interface using the created user credentials.

PowerDNS Admin screen

Here, provide the PowerDNS API URL to connect to PowerDNS and manage it. Then, click on the Update button to save the changes. You should see the following page:

PowerDNS Admin settings

Click on the Dashboard button. You should see the PowerDNS admin dashboard on the following screen:

PowerDNS Admin dashboard

There are many configurations you can make to your server using the PowerDNS admin web UI such as editing the domain templates, removing domains, managing user accounts e.t.c. You can view the history of activities performed as well.

Conclusion

At this point, you have learned to Install PowerDNS and PowerDNS Admin on Debian 11.

Hope you enjoy it.

You may be like these articles:

How To Install Elasticsearch on Ubuntu 22.04

How To Install Sendmail on Ubuntu 22.04

Install and Configure GitLab on Ubuntu 22.04

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay informed and not overwhelmed, subscribe now!