(Last Updated On: August 21, 2018)

In this guide, we will cover the installation of PowerDNS Authoritative Name Server and PowerDNS-Admin on Ubuntu 18.04 and Debian 9 flavors of Linux. PowerDNS is a DNS server, written in C++ and licensed under the GPL. It runs on most Linux and all other Unix derivatives. As of this writing, the latest release is version 4.1.X.

Install PowerDNS on Ubuntu 18.04 / Debian 9

In this section we’re going to install and configure:

  • MariaDB database server.
  • PowerDNS service

Step 1: Install and Configure MariaDB Database Server

We need to install database server which will be used by PowerDNS to store zone files. Note that you also have an option to use text files like BIND. Our database server of choice is MariaDB.

For installation of MariaDB on Ubuntu 18.04, check

Install MariaDB 10.x on Ubuntu 18.04 and CentOS 7

For Debian 9 / Debian use:

How to Install MariaDB 10.3 on Debian 9 / Debian 8

Once the database server is installed and running, proceed to create the PowerDNS Database and User Account in MariaDB.

$ mysql -u root -p
CREATE DATABASE powerdns;

Next is to create powerdns database user and assign privileges:

GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' \
IDENTIFIED BY 'strongpassword';

Flush the privileges to update the user settings:

FLUSH PRIVILEGES;

Switch to powerdns database to create tables:

USE powerdns;

Create the required tables:

CREATE TABLE domains (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255) NOT NULL,
  master                VARCHAR(128) DEFAULT NULL,
  last_check            INT DEFAULT NULL,
  type                  VARCHAR(6) NOT NULL,
  notified_serial       INT UNSIGNED DEFAULT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE UNIQUE INDEX name_index ON domains(name);


CREATE TABLE records (
  id                    BIGINT AUTO_INCREMENT,
  domain_id             INT DEFAULT NULL,
  name                  VARCHAR(255) DEFAULT NULL,
  type                  VARCHAR(10) DEFAULT NULL,
  content               VARCHAR(64000) DEFAULT NULL,
  ttl                   INT DEFAULT NULL,
  prio                  INT DEFAULT NULL,
  change_date           INT DEFAULT NULL,
  disabled              TINYINT(1) DEFAULT 0,
  ordername             VARCHAR(255) BINARY DEFAULT NULL,
  auth                  TINYINT(1) DEFAULT 1,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);


CREATE TABLE supermasters (
  ip                    VARCHAR(64) NOT NULL,
  nameserver            VARCHAR(255) NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (ip, nameserver)
) Engine=InnoDB CHARACTER SET 'latin1';


CREATE TABLE comments (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  name                  VARCHAR(255) NOT NULL,
  type                  VARCHAR(10) NOT NULL,
  modified_at           INT NOT NULL,
  account               VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
  comment               TEXT CHARACTER SET 'utf8' NOT NULL,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);


CREATE TABLE domainmetadata (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  kind                  VARCHAR(32),
  content               TEXT,
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);


CREATE TABLE cryptokeys (
  id                    INT AUTO_INCREMENT,
  domain_id             INT NOT NULL,
  flags                 INT NOT NULL,
  active                BOOL,
  content               TEXT,
  PRIMARY KEY(id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE INDEX domainidindex ON cryptokeys(domain_id);


CREATE TABLE tsigkeys (
  id                    INT AUTO_INCREMENT,
  name                  VARCHAR(255),
  algorithm             VARCHAR(50),
  secret                VARCHAR(255),
  PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

You can confirm that your tables are created:

MariaDB [powerdns]> show tables;
+--------------------+
| Tables_in_powerdns |
+--------------------+
| comments           |
| cryptokeys         |
| domainmetadata     |
| domains            |
| records            |
| supermasters       |
| tsigkeys           |
+--------------------+
7 rows in set (0.000 sec)

Now we have a database and an empty table. PowerDNS should now be able to launch with it.

Step 2: Install PowerDNS on Ubuntu 18.04 / Debian 9

Ubuntu 18.04 comes with systemd-resolve which you need to disable since it binds to port 53 which will conflict with PowerDNS ports.

Run the following commands to disable the resolved service:

sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved

Also, remove the symlinked resolv.conf file

$ ls -lh /etc/resolv.conf 
lrwxrwxrwx 1 root root 39 Jul 24 15:50 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
$ sudo rm /etc/resolv.conf

Then create new resolv.conf file.

sudo echo "nameserver 8.8.8.8" > /etc/resolv.conf

Note that you can install PowerDNS from the official apt repository or from PowerDNS repository. To install from apt repository, run:

sudo apt-get update 
sudo apt-get install pdns-server pdns-backend-mysql

Add official PowerDNS repository for Ubuntu 18.04.

$ cat /etc/apt/sources.list.d/pdns.list
deb [arch=amd64] http://repo.powerdns.com/ubuntu bionic-auth-41 main

Import GPG key:

curl https://repo.powerdns.com/FD380FBB-pub.asc | sudo apt-key add -

Update package list and install PowerDNS package (pdns-server) and MySQL backend (pdns-backend-mysql).

sudo apt-get update
sudo apt-get install pdns-server pdns-backend-mysql

For Debian 9, install the packages from the apt repository without adding new repo:

sudo apt-get update
sudo apt-get install pdns-server pdns-backend-mysql

When asked whether to configure the PowerDNS database with dbconfig-common, answer No

Configure PowerDNS to use MySQL backend:

Here is my MySQL configuration for PowerDNS:

# cat /etc/powerdns/pdns.d/pdns.local.gmysql.conf 
# MySQL Configuration
# Launch gmysql backend
launch+=gmysql
# gmysql parameters
gmysql-host=localhost
gmysql-port=3306
gmysql-dbname=powerdns
gmysql-user=powerdns
gmysql-password=strongpassword
gmysql-dnssec=yes
# gmysql-socket=

Restart pdns service

sudo systemctl restart pdns

You can now test PowerDNS to confirm that the service is online:

# netstat -tap | grep pdns

tcp        0      0 0.0.0.0:domain          0.0.0.0:*               LISTEN      31719/pdns_server   
tcp6       0      0 [::]:domain             [::]:*                  LISTEN      31719/pdns_server   

Check if PowerDNS service is responding correctly:

# dig @127.0.0.1

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @127.0.0.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 65465
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;.				IN	NS

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Aug 10 15:57:10 UTC 2018
;; MSG SIZE  rcvd: 28

Install PowerDNS-Admin on Ubuntu 18.04 / Debian 9

PowerDNS-Admin is a PowerDNS web interface with the following advanced features:

  • Multiple domain management
  • Domain template
  • User management
  • User access management based on domain
  • User activity logging
  • Local DB / LDAP / Active Directory user authentication
  • Support SAML authentication
  • Google OAuth authentication
  • Github OAuth authentication
  • Support Two-factor authentication (TOTP)
  • Dashboard and pdns service statistics
  • DynDNS 2 protocol support
  • Edit IPv6 PTRs using IPv6 addresses directly (no more editing of literal addresses!)

Install Python 3 development package

sudo apt-get install python3-dev

Install required packages for building python libraries from requirements.txt file

sudo apt-get install -y libmysqlclient-dev python-mysqldb libsasl2-dev libffi-dev \
libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev pkg-config

Install yarn to build asset files:

sudo curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
sudo echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
sudo apt-get update 
sudo apt-get install  yarn

Checkout source code and create virtualenv:

git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /opt/web/powerdns-admin
cd /opt/web/powerdns-admin
virtualenv -p python3 flask

Output:

Already using interpreter /usr/bin/python3
Using base prefix '/usr'
New python executable in /opt/web/powerdns-admin/flask/bin/python3
Also creating executable in /opt/web/powerdns-admin/flask/bin/python
Installing setuptools, pkg_resources, pip, wheel...done.

Activate your python3 environment and install libraries:

. ./flask/bin/activate
pip install -r requirements.txt

Create and configure Database:

$ mysql -u root -p
CREATE DATABASE powerdnsadmin;
GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' \
IDENTIFIED BY 'strongpassword';
FLUSH PRIVILEGES;
quit

Before running PowerDNS-Admin, make sure you have config.py available. Let’s create one from the template:

cp config_template.py config.py

Edit the file to

vim config.py

These are the required config:

  • DB connection information
  • PNDS API service endpoint and API key
  • Port Number used
  • Bind Address

Comment out SQLite SQLALCHEMY_DATABASE_URI line and uncomment MySQL one:

# DATABASE CONFIG
#You'll need MySQL-python
SQLA_DB_USER = 'powerdns'
SQLA_DB_PASSWORD = 'strongpassword'
SQLA_DB_HOST = 'localhost'
SQLA_DB_NAME = 'powerdns'

#MySQL
SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'\
+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+'/'+SQLA_DB_NAME
#SQLite
#SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')

See below screenshot:

Once you your config.py is ready. Create the database schema by running commands:

(flask) $ export FLASK_APP=app/__init__.py
(flask)$ flask db upgrade
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> 787bdba9e147, Init DB

Then run db migrate:

(flask)$ flask db migrate -m "Init DB"
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.autogenerate.compare] Detected removed index 'domainidindex' on 'cryptokeys'
INFO [alembic.autogenerate.compare] Detected removed table 'cryptokeys'
INFO [alembic.autogenerate.compare] Detected removed index 'namealgoindex' on 'tsigkeys'
INFO [alembic.autogenerate.compare] Detected removed table 'tsigkeys'
INFO [alembic.autogenerate.compare] Detected removed table 'supermasters'
INFO [alembic.autogenerate.compare] Detected removed index 'nametype_index' on 'records'
INFO [alembic.autogenerate.compare] Detected removed table 'records'
INFO [alembic.autogenerate.compare] Detected removed index 'domainmetadata_idx' on 'domainmetadata'
INFO [alembic.autogenerate.compare] Detected removed table 'domainmetadata'
INFO [alembic.autogenerate.compare] Detected removed index 'name_index' on 'domains'
INFO [alembic.autogenerate.compare] Detected removed table 'domains'
INFO [alembic.autogenerate.compare] Detected removed index 'comments_name_type_idx' on 'comments'
INFO [alembic.autogenerate.compare] Detected removed index 'comments_order_idx' on 'comments'
INFO [alembic.autogenerate.compare] Detected removed table 'comments'
Generating /opt/web/powerdns-
admin/migrations/versions/42ca771ac430_init_db.py ... done

Generate asset files with yarn:

(flask)$ yarn install --pure-lockfile
yarn install v1.9.4
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
[4/4] Building fresh packages...
Done in 14.59s.

(flask)$ flask assets build
Building bundle: generated/login.js
[INFO] Building bundle: generated/login.js
Building bundle: generated/login.css
[INFO] Building bundle: generated/login.css
Building bundle: generated/main.js
[INFO] Building bundle: generated/main.js
Building bundle: generated/main.css
[INFO] Building bundle: generated/main.css

Test that your PowerDNS-Admin runs fine:

(flask)$ ./run.py
[INFO] * Running on http://127.0.0.1:9191/ (Press CTRL+C to quit)
[INFO] * Restarting with stat
[WARNING] * Debugger is active!
[INFO] * Debugger PIN: 466-405-858

Configure systemd service and Nginx

We’re going to be managing PowerDNS-Admin with systemd. Create a service unit file like below:

$ sudo vim /etc/systemd/system/powerdns-admin.service
[Unit]
Description=PowerDNS-Admin
After=network.target

[Service]
User=root
Group=root
WorkingDirectory=/opt/web/powerdns-admin
ExecStart=/opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admin/powerdns-admin.sock app:app

[Install]
WantedBy=multi-user.target

Start Powerdns-Admin service and set it to start on boot:

sudo systemctl daemon-reload
sudo systemctl start powerdns-admin
sudo systemctl enable powerdns-admin

Confirm that status is running state:

# systemctl status powerdns-admin
● powerdns-admin.service - PowerDNS-Admin
   Loaded: loaded (/etc/systemd/system/powerdns-admin.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2018-08-10 16:45:16 UTC; 22s ago
 Main PID: 10405 (gunicorn)
    Tasks: 3 (limit: 1152)
   CGroup: /system.slice/powerdns-admin.service
           ├─10405 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admi
           ├─10427 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admi
           └─10428 /opt/web/powerdns-admin/flask/bin/python3 /opt/web/powerdns-admin/flask/bin/gunicorn --workers 2 --bind unix:/opt/web/powerdns-admi

Aug 10 16:45:16 ubuntu-01 systemd[1]: Started PowerDNS-Admin.
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10405] [INFO] Starting gunicorn 19.7.1
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10405] [INFO] Listening at: unix:/opt/web/powerdns-admin/powerdns-admin.sock (
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10405] [INFO] Using worker: sync
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10427] [INFO] Booting worker with pid: 10427
Aug 10 16:45:17 ubuntu-01 gunicorn[10405]: [2018-08-10 16:45:17 +0000] [10428] [INFO] Booting worker with pid: 10428

Install and Configure Nginx for Powerdns-Admin

Install Nginx using:

sudo apt-get install nginx

Configure Nginx

sudo vim /etc/nginx/conf.d/powerdns-admin.conf

Add content like below:

server {
  listen *:80;
  server_name               powerdns-admin.example.com www.powerdns-admin.example.com;

  index                     index.html index.htm index.php;
  root                      /opt/web/powerdns-admin;
  access_log                /var/log/nginx/powerdns-admin.local.access.log combined;
  error_log                 /var/log/nginx/powerdns-admin.local.error.log;

  client_max_body_size              10m;
  client_body_buffer_size           128k;
  proxy_redirect                    off;
  proxy_connect_timeout             90;
  proxy_send_timeout                90;
  proxy_read_timeout                90;
  proxy_buffers                     32 4k;
  proxy_buffer_size                 8k;
  proxy_set_header                  Host $host;
  proxy_set_header                  X-Real-IP $remote_addr;
  proxy_set_header                  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_headers_hash_bucket_size    64;

  location ~ ^/static/  {
    include  /etc/nginx/mime.types;
    root /opt/web/powerdns-admin/app;

    location ~*  \.(jpg|jpeg|png|gif)$ {
      expires 365d;
    }

    location ~* ^.+.(css|js)$ {
      expires 7d;
    }
  }

  location / {
    proxy_pass            http://unix:/opt/web/powerdns-admin/powerdns-admin.sock;
    proxy_read_timeout    120;
    proxy_connect_timeout 120;
    proxy_redirect        off;
  }
}

Check nginx syntax then restart nginx service:

# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

# systemctl restart nginx

Visit PowerDNS-Admin web interface.

http://powerdns-admin.example.com/

Click “Create an account” button and Register a user. The first user will be in the Administrator role.

When you log in with created username and password, you should get an interface like below:

Enjoy Administering PowerDNS with PowerDNS-Admin on Ubuntu 18.04 / Debian 9 server.

Similar articles:

How to Install and Configure Dnsmasq on Ubuntu 18.04 LTS

How to Setup ISPConfig DNS Only on CentOS 7