Bind Integration
Integration with BIND ¶
Licence: GNU Free Documentation License
WiND comes with a php tool that generates zone files by polling data from the database and a bash script that invokes the php script, checks the generated zone files and integrades them in the dns system (aka BIND). This tutorial describes how to install, configure and schedule the periodical execution of these scripts.
Both scripts are included in the /trunk/tools/ directory in the svn repository.
In detail, the php tool resides in /trunk/tools/dnszones-poller/ directory which inludes the following files:
10.in-addr.arpa.conf --> configuration file for the reverse dns zones
10.in-addr.arpa.schema --> schema for the reverse dns zone files
dnszones-poller.php --> the php script that generates the zones files
yourdomain.conf --> configuration file for the forward dns zones
yourdomain.schema --> schema for the forward dns zones
The bash script resides in /trunk/tools/zone_update/ and it's named zone_update.
When these instructions were lastly updated there wasn't any installer utility for WiND available, so the scripts mentioned above should have to be installed manualy. I think that the best way to explain things is usually by a step by step method. This method is used here too, but, since you would never try to install WiND if you didn't know how to copy or edit files, details about this kind of things are missing from the following steps.
STEP 1: Copy the files ¶
Copy the /trunk/tools/dnszones-poller/ directory to a path of your choice. You may choose /usr/local/lib directory in compliance with the FHS (Filesystem Hierarchy Standard). Make sure that no other users than the administrators of WiND have read or write permission in dnszones-poller's directory, since it contains configuration parameters that permit logging in and writing to the WiND database.
Copy the /trunk/tools/zone_update/zone_update file to a path of your choice. You may choose /usr/local/bin (FHS-compatible). Make sure it has its execution bit set ( "chmod +x" it ;).
STEP 2: Configure the dnszones-poller ¶
Edit /usr/local/lib/dnszones-poller/yourdomain.conf and /usr/local/lib/dnszones-poller/10.in-addr.arpa.conf
These are configuration files for the zones generated by the poller. yourdomain.conf is made for the forward zone and 10.in-addr.arpa.conf is made for the reverse zone. Parameters to be configured in them are the zone type (forward or reverse), the zone suffix (top level domain), the nameserver domain, the name of the schema file to be used for the zones files and login information for the database (mysql server host, user, password, database name). They are quite self-explanatory.
Edit /usr/local/lib/dnszones-poller/10.in-addr.arpa.schema and /usr/local/lib/dnszones-poller/yourdomain.schema
These files are schemas for the generated zone files. Tokens that start and end with double '#', eg. ##ZONES##, are substituted by the php script with values polled from the database. Make sure that you don't touch the lines containing the substring "; serial", since these are used by the bash script as a marked point to attach the correct serial of the zone files.
The filenames of both .conf and .schema files should be changed to match your dns zones. eg. yourdomain.conf and yourdomain.schema should be renamed to xwmn.conf and xwmn.schema if your domain is 'xwmn'.
STEP 3: Configure the zone_update bash script ¶
There are two (2) variables, ZONES_ROOT and PHP_SCRIPT, that have to be edited in the zone_update script. ZONES_ROOT should be changed to the path where the dns zone files are stored in your system (eg. /etc/bind/zones/)
PHP_SCRIPT should be changed to the full path of dnszones-poller.php (eg. /usr/local/lib/dnszones-poller/dnszones-poller.php)
After finishing with STEP 3 you may run the zone_update script and have your dns synchronized with WiND. The user running the zone_update script must have privileges to manipulate the dns system (rw access to dns zones directory and be able to run rndc dns control utility). In debian-based systems, the "best" user to run zone_update is the user 'bind'.
The usage of the zone_update script is:
zone_update zonefile
where zonefile is the filename (just the filename, not the full path) of the dns zone file that you want to syncronize with the WiND database. BE SURE that your zone files have the same filename with the correspoding .conf files in dnszones-poller's directory, but without the extention ".conf". Also, your zone files must include a "; serial" comment next to their serial so that the bash script can find the line containing the serial.
STEP 4: Add a cronjob ¶
You would probably want to run zone_update periodically to continiously synchronize your dns with WiND. One way to do this is by adding a cronjob to the crontab of the user that is meant to run the script (eg. the user 'bind' in debian systems) for each zone you want to be periodically synchronized with WiND. An interval of 5 minutes before each repetition of the cronjob is found to be ok. For example, in debian, you could invoke your system's editor to edit the crontab of the user 'bind' like this (as root):
# crontab -e -u bind
and add the following lines to synchronize zones xwmn and 10.in-addr.arpa every 5 mins with WiND and keep a log file:
*/5 * * * * /usr/local/bin/zone_update xwmn >>/var/log/zone_update.log 2>&1
*/5 * * * * /usr/local/bin/zone_update 10.in-addr.arpa >>/var/log/zone_update.log 2>&1
The implementations of the cron system may vary through different systems, so you may need to consult the manual of the implementation used in your system to make things right.
That's all!
If you find a bug, check that it has not already been discovered by someone else and open a Ticket
