commit 935e213f27ca04637c65eea3170d7e3c9e75f92c
Author: SSVC Admin <it@ssvc-rimsting.de>
Date: Tue Mar 11 09:31:32 2025 +0100
first commit
diff --git a/.env.sample b/.env.sample
new file mode 100644
index 0000000..b2c86c7
--- /dev/null
+++ b/.env.sample
@@ -0,0 +1,14 @@
+# PowerDNS Server Konfiguration
+PDNS_PORT=53
+PDNS_DB_NAME=powerdns
+PDNS_DB_PASSWORD=secure_pdns_password
+PDNS_API_KEY=secure_api_key_change_me
+PDNS_WEBSERVER_PORT=8081
+PDNS_WEBSERVER_PASSWORD=secure_webserver_password
+PDNS_DEFAULT_TTL=1500
+
+# PowerDNS Admin Konfiguration
+PDNS_ADMIN_PORT=8080
+PDNS_ADMIN_DB_NAME=powerdnsadmin
+PDNS_ADMIN_DB_PASSWORD=secure_pdns_admin_password
+PDNS_ADMIN_SALT=$2b$12$DCzILDEfKfpieQRKd9U6Q. #python3 -c 'import bcrypt; print(bcrypt.gensalt().decode("utf-8"));'
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..35d40f5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+.env
+pdns-admin-mysql-data
+pdns-admin-upload
+pdns-mysql-data
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/Readme.md b/Readme.md
new file mode 100644
index 0000000..2799925
--- /dev/null
+++ b/Readme.md
@@ -0,0 +1,4 @@
+# Readme
+
+## Get verison
+docker exec pdns pdns_server --version
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..5600795
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,97 @@
+version: '3'
+
+services:
+ # MariaDB-Datenbank für PowerDNS Server
+ mysql:
+ image: mariadb:11
+ container_name: mysql
+ restart: unless-stopped
+ environment:
+ MYSQL_ROOT_PASSWORD: ${PDNS_DB_PASSWORD}
+ MYSQL_DATABASE: ${PDNS_DB_NAME}
+ MYSQL_USER: pdns_user
+ MYSQL_PASSWORD: ${PDNS_DB_PASSWORD}
+ volumes:
+ - ./pdns-mysql-data:/var/lib/mysql
+ networks:
+ - pdns-network
+ healthcheck:
+ test: [ "CMD-SHELL", 'mysqladmin ping' ]
+ interval: 10s
+ timeout: 2s
+ retries: 10
+
+ # MariaDB-Datenbank für PowerDNS Admin
+ mysql-admin:
+ image: mariadb:11
+ container_name: mysql-admin
+ restart: unless-stopped
+ environment:
+ MYSQL_ROOT_PASSWORD: ${PDNS_ADMIN_DB_PASSWORD}
+ MYSQL_DATABASE: ${PDNS_ADMIN_DB_NAME}
+ MYSQL_USER: pdns_admin_user
+ MYSQL_PASSWORD: ${PDNS_ADMIN_DB_PASSWORD}
+ volumes:
+ - ./pdns-admin-mysql-data:/var/lib/mysql
+ networks:
+ - pdns-network
+
+ # PowerDNS Server mit MySQL Backend
+ pdns:
+ image: pschiffe/pdns-mysql:${PDNS_VERSION}
+ container_name: pdns
+ restart: unless-stopped
+ ports:
+ - "${PDNS_PORT}:53/tcp"
+ - "${PDNS_PORT}:53/udp"
+ environment:
+ PDNS_primary: "yes"
+ PDNS_api: "yes"
+ PDNS_api_key: ${PDNS_API_KEY}
+ PDNS_webserver: "yes"
+ PDNS_webserver_address: 0.0.0.0
+ PDNS_webserver_port: ${PDNS_WEBSERVER_PORT}
+ PDNS_webserver_password: ${PDNS_WEBSERVER_PASSWORD}
+ PDNS_webserver_allow_from: "0.0.0.0/0,::/0"
+ PDNS_version_string: anonymous
+ PDNS_default_ttl: ${PDNS_DEFAULT_TTL}
+ PDNS_gmysql_user: pdns_user
+ PDNS_gmysql_password: ${PDNS_DB_PASSWORD}
+ PDNS_gmysql_dbname: ${PDNS_DB_NAME}
+ PDNS_gmysql_host: mysql
+ links:
+ - mysql:mysql
+ depends_on:
+ - mysql
+ networks:
+ - pdns-network
+
+ # PowerDNS Admin Web-Interface
+ pdns-admin:
+ image: pschiffe/pdns-admin:latest
+ container_name: pdns-admin
+ restart: unless-stopped
+ ports:
+ - "${PDNS_ADMIN_PORT}:8080"
+ environment:
+ PDNS_ADMIN_SQLA_DB_HOST: mysql-admin
+ PDNS_ADMIN_SQLA_DB_NAME: ${PDNS_ADMIN_DB_NAME}
+ PDNS_ADMIN_SQLA_DB_USER: pdns_admin_user
+ PDNS_ADMIN_SQLA_DB_PASSWORD: ${PDNS_ADMIN_DB_PASSWORD}
+ PDNS_ADMIN_SALT: ${PDNS_ADMIN_SALT}
+ PDNS_VERSION: ${PDNS_VERSION}
+ PDNS_API_KEY: ${PDNS_API_KEY}
+ volumes:
+ - ./pdns-admin-upload:/opt/powerdns-admin/upload
+ links:
+ - mysql-admin:mysql
+ - pdns:pdns
+ depends_on:
+ - mysql-admin
+ - pdns
+ networks:
+ - pdns-network
+
+networks:
+ pdns-network:
+ driver: bridge
diff --git a/set-dot-env.sh b/set-dot-env.sh
new file mode 100755
index 0000000..142c3c2
--- /dev/null
+++ b/set-dot-env.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+
+# Funktion zum Generieren zufälliger Passwörter
+generate_password() {
+ local length=$1
+ # Verwende /dev/urandom für bessere Zufälligkeit, tr für die Auswahl der Zeichen
+ # Wir nutzen Buchstaben und Zahlen, um Probleme mit Sonderzeichen zu vermeiden
+ cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c $length
+}
+
+# Funktion zum Generieren eines bcrypt Salt für PowerDNS Admin
+generate_salt() {
+ # Prüfen, ob Python und bcrypt installiert sind
+ if command -v python3 >/dev/null 2>&1 && python3 -c "import bcrypt" >/dev/null 2>&1; then
+ python3 -c 'import bcrypt; print(bcrypt.gensalt().decode("utf-8"));'
+ else
+ echo "WARNUNG: Python3 oder bcrypt nicht gefunden. Verwende Standard-Salt."
+ echo '$2b$12$xZKJJFAMZ41EFJptSMbZv.'
+ fi
+}
+
+# Zielverzeichnis für die .env-Datei
+ENV_FILE=".env"
+
+# Generiere Passwörter (12 Zeichen)
+PDNS_DB_PASSWORD=$(generate_password 12)
+PDNS_API_KEY=$(generate_password 16)
+PDNS_WEBSERVER_PASSWORD=$(generate_password 12)
+PDNS_ADMIN_DB_PASSWORD=$(generate_password 12)
+
+# Generiere Salt für PowerDNS Admin
+PDNS_ADMIN_SALT=$(generate_salt)
+
+# Erstelle oder überschreibe die .env-Datei
+cat > $ENV_FILE << EOF
+# PowerDNS Server Konfiguration
+PDNS_PORT=53
+PDNS_DB_NAME=powerdns
+PDNS_DB_PASSWORD=${PDNS_DB_PASSWORD}
+PDNS_API_KEY=${PDNS_API_KEY}
+PDNS_WEBSERVER_PORT=8081
+PDNS_WEBSERVER_PASSWORD=${PDNS_WEBSERVER_PASSWORD}
+PDNS_DEFAULT_TTL=1500
+
+# PowerDNS Admin Konfiguration
+PDNS_ADMIN_PORT=8080
+PDNS_ADMIN_DB_NAME=powerdnsadmin
+PDNS_ADMIN_DB_PASSWORD=${PDNS_ADMIN_DB_PASSWORD}
+PDNS_ADMIN_SALT=${PDNS_ADMIN_SALT}
+PDNS_VERSION="4.9"
+EOF
+
+# Ausgabe mit generierten Werten
+echo "Die .env-Datei wurde mit folgenden zufälligen Passwörtern erstellt:"
+echo "PDNS_DB_PASSWORD: $PDNS_DB_PASSWORD"
+echo "PDNS_API_KEY: $PDNS_API_KEY"
+echo "PDNS_WEBSERVER_PASSWORD: $PDNS_WEBSERVER_PASSWORD"
+echo "PDNS_ADMIN_DB_PASSWORD: $PDNS_ADMIN_DB_PASSWORD"
+echo "PDNS_ADMIN_SALT: $PDNS_ADMIN_SALT"
+echo "PDNS_VERSION":"4.9"
+echo ""
+echo "Die Datei wurde als $ENV_FILE gespeichert. Bitte bewahren Sie diese Passwörter sicher auf!"
\ No newline at end of file