| 1 |
Simple domain list synchronisation tool |
|---|
| 2 |
======================================= |
|---|
| 3 |
|
|---|
| 4 |
This tool is designed to work with the AlternC control panel (http://alternc.org) |
|---|
| 5 |
on Debian, although with the right amount of configuration, it can be made to |
|---|
| 6 |
work with any platform. |
|---|
| 7 |
|
|---|
| 8 |
Design principle |
|---|
| 9 |
================ |
|---|
| 10 |
|
|---|
| 11 |
The master server (or some other server talking to the master) makes the list |
|---|
| 12 |
of domains to be mirrored on a webpage somewhere. This package will fetch this |
|---|
| 13 |
list, compare it to its local cache, and configure bind to be a slave for the |
|---|
| 14 |
new domains detected. |
|---|
| 15 |
|
|---|
| 16 |
The list is fetched with "wget" by default. The script supports SSL and HTTP |
|---|
| 17 |
Authentification. It is designed to run through a cron job. |
|---|
| 18 |
|
|---|
| 19 |
Installation |
|---|
| 20 |
============ |
|---|
| 21 |
|
|---|
| 22 |
Under debian, just apt-get install alternc-slavedns or dpkg -i. |
|---|
| 23 |
|
|---|
| 24 |
Under other platforms, or for porters (this example assumes a FreeBSD install): |
|---|
| 25 |
|
|---|
| 26 |
1. Install the slavedns script whereever you want (probably around |
|---|
| 27 |
/usr/local/sbin/alternc-slavedns) |
|---|
| 28 |
|
|---|
| 29 |
2. Install the default configuration file in /etc/alternc/slavedns/default.conf (or |
|---|
| 30 |
modify the script to change this path). |
|---|
| 31 |
|
|---|
| 32 |
3. Setup a cronjob like this: |
|---|
| 33 |
|
|---|
| 34 |
10 * * * * root /usr/local/sbin/alternc-slavedns > /dev/null |
|---|
| 35 |
|
|---|
| 36 |
although the script *might* be able to run as non-root. |
|---|
| 37 |
|
|---|
| 38 |
Configuration |
|---|
| 39 |
============= |
|---|
| 40 |
|
|---|
| 41 |
Configuration is driver by the slavedns.conf (for default values) and scripts |
|---|
| 42 |
created in the /etc/slavedns directory (for each sync'd domain). |
|---|
| 43 |
|
|---|
| 44 |
Creating a new site |
|---|
| 45 |
------------------- |
|---|
| 46 |
|
|---|
| 47 |
In short: |
|---|
| 48 |
|
|---|
| 49 |
cd /etc/alternc/slavedns |
|---|
| 50 |
cp -p defaults.conf site.conf |
|---|
| 51 |
vi site.conf |
|---|
| 52 |
slavedns # optional, should run in the next cron |
|---|
| 53 |
|
|---|
| 54 |
The settings in defaults.conf are self explanatory. |
|---|
| 55 |
|
|---|
| 56 |
Configuring file locations and programs |
|---|
| 57 |
--------------------------------------- |
|---|
| 58 |
|
|---|
| 59 |
The defaults.conf file can override quite a few locations and programs for |
|---|
| 60 |
different environments. For example, under FreeBSD, you will probably want: |
|---|
| 61 |
|
|---|
| 62 |
CACHEDIR=/var/spool/slavedns |
|---|
| 63 |
BINDDIR=/etc/namedb/slavedns |
|---|
| 64 |
BINDINCLUDE=/etc/namedb/slavedns.conf |
|---|
| 65 |
|
|---|
| 66 |
and many sites (including FreeBSD), will require: |
|---|
| 67 |
|
|---|
| 68 |
NAMED="ndc restart" |
|---|
| 69 |
|
|---|
| 70 |
Some servers might also require: |
|---|
| 71 |
|
|---|
| 72 |
WGETFLAGS="--no-check-certificate" |
|---|
| 73 |
|
|---|
| 74 |
if they don't have a "real" SSL certificate. |
|---|
| 75 |
|
|---|
| 76 |
Surviving disasters |
|---|
| 77 |
------------------- |
|---|
| 78 |
|
|---|
| 79 |
It is sometimes possible that this setup degenerates to the point it can't reach |
|---|
| 80 |
the master server, for example if the server is reached through DNS. |
|---|
| 81 |
|
|---|
| 82 |
For this reason, it might be advisable to hardcode those domain names in /etc/hosts |
|---|
| 83 |
so that if this nameserver looses its zonefiles, it can at least fetch them again |
|---|
| 84 |
from the upstream. |
|---|
