Kali ini ane mau share cara sinkronisasi primary DNS ispCP ke secondary DNS server. Tapi sebelumnya, apa itu ispCP?
isp Control Panel (ispCP) is an open source project founded to build a Multi Server Control and Administration Panel. This Control Panel is usable by any Internet Service Provider (ISP).
Nah ispCP sendiri mengemas aplikasi2 hosting seperti Apache, Bind9, Courier, Postfix, ProFTP, dan Awstats. dan sampai saat ini support untuk beberapa linux distro seperti Debian (Etch, Lenny, Squeeze), Ubuntu, dan FreeBSD.
Kalau dibandingkan dengan cPanel secara pribadi jelas lebih nyaman cPanel. Tp krn ini open source dan gratis, worth bgt buat dicoba dan digunakan.
Yuk, langsung aja… Ane asumsikan temen2 udah pada berhasil install ispCP ini.
Yang diperlukan :
2 buah server ( 1 untuk primary DNS di ispCP itu sendiri dan 1 lagi buat secondary DNS nya )
Tested with ispCP Version : 1.7 on Debian Lenny
ispCP server (Primary)
- Edit
/etc/ispcp/ispcp.confdan tambahkan IP server secondary DNS pada bagian "# BIND data section". - masuk ke folder
/var/www/ispcp/gui/domain( buat folder tersebut jika belum ada ) - Buat file
index.phpdan masukan script berikut :
1<?php
2require '../include/ispcp-lib.php';
3
4$cfg = ispCP_Registry::get('Config');
5$sql = ispCP_Registry::get('Db');
6
7$count_query = "SELECT COUNT(`domain_id`) AS cnt FROM `domain`";
8$start_index = 0;
9$rows_per_page = 100;
10
11$query = "SELECT `domain_name` FROM `domain`
12 ORDER BY `domain_id` ASC
13 LIMIT $start_index, $rows_per_page";
14
15$rs = exec_query($sql, $count_query);
16$records_count = $rs->fields['cnt'];
17$rs = exec_query($sql, $query);
18$count_query1 = "SELECT COUNT(`alias_id`) AS cnt1 FROM `domain_aliasses`";
19$start_index1 = 0;
20$rows_per_page1 = 100;
21
22$query1 = "SELECT `alias_name` FROM `domain_aliasses`
23 ORDER BY `alias_id` ASC
24 LIMIT $start_index1, $rows_per_page1";
25
26$rs1 = exec_query($sql, $count_query1);
27
28$records_count1 = $rs1->fields['cnt1'];
29$rs1 = exec_query($sql, $query1);
30$all_records_count=$records_count+$records_count1;
31if ($rs->rowCount() == 0) {
32 echo "//NO DOMAINS LISTED";
33} else {
34 echo "//$all_records_count DOMAINS LISTED ON $cfg->SERVER_HOSTNAME [$cfg->BASE_SERVER_IP]\n";
35 while (!$rs->EOF){
36 echo "zone \"".$rs->fields['domain_name']."\"{\n";
37 echo "\ttype slave;\n";
38 echo "\tfile \"/var/cache/bind/".$rs->fields['domain_name'].".db\";\n";
39 echo "\tmasters { $cfg->BASE_SERVER_IP; };\n";
40 echo "\tallow-notify { $cfg->BASE_SERVER_IP; };\n";
41 echo "};\n";
42 $rs->moveNext();
43 }
44}
45
46if ($rs1->rowCount() == 0) {
47 echo "//END DOMAINS LIST\n";
48}
49else {
50 while (!$rs1->EOF){
51 echo "zone \"".$rs1->fields['alias_name']."\"{\n";
52 echo "\ttype slave;\n";
53 echo "\tfile \"/var/cache/bind/".$rs1->fields['alias_name'].".db\";\n";
54 echo "\tmasters { $cfg->BASE_SERVER_IP; };\n";
55 echo "\tallow-notify { $cfg->BASE_SERVER_IP; };\n";
56 echo "};\n";
57 $rs1->moveNext();
58 }
59echo "//END DOMAINS LIST\n";
60}
61?>
- Buat file
.htaccesssupayaindex.phptersebut hanya bisa diakses melalui IP secondary DNS server.
1Order Deny,Allow
2Deny from all
3Allow from [IP.SECONDARY.DNS.SERVERMU]
- Ubah konfigurasi
Apache AllowOverride NonemenjadiAllowOverride Limitsupaya.htaccessdapat berfungsi.
1vi /etc/apache2/sites-enabled/00_master.conf
- Ubah kepemilikan file pada
/var/www/ispcp/gui/domain
1chown vu2000:www-data -R /var/www/ispcp/gui/domain
- Generate key untuk secure zone transfer (TSIG)
1cd /etc/bind; dnssec-keygen -a hmac-md5 -b 128 -n HOST TRANSFER
Hasil key ada pada file transfer.+[bla-bla-bla].private. Didalamnya ada kode yang nantinya digunakan untuk sinkron auth. Misal : Key: 6alK9JEHMqH/ZDpFHtlstg==
Masukan kode tersebut pada konfigurasi BIND
1vi /etc/bind/named.conf.options
1//
2//SECONDARY NS
3//
4key "TRANSFER" {
5 algorithm hmac-md5;
6 secret "6alK9JEHMqH/ZDpFHtlstg==";
7};
8server [IP.SECONDARY.DNS.SERVERMU] {
9 keys {
10 TRANSFER;
11 };
12};
Konfigurasi pada primary DNS server sudah selesai. Lalu kita masuk ke tahap berikutnya, yaitu :
konfigurasi pada secondary DNS server
Saya asumsikan BIND sudah terinstall di server Secondary DNS ini.
- Edit konfiurasi BIND (
/etc/bind/named.conf) dan tambahkaninclude "/etc/bind/named.conf.backup". - Buat keys zone transfer
1vi /etc/bind/named.conf.options
dan tambahkan konfigurasi berikut :
1//
2//SECONDARY NS
3//
4key "TRANSFER" {
5 algorithm hmac-md5;
6 secret "6alK9JEHMqH/ZDpFHtlstg==";
7};
8server [IP.ISPCP.SERVER] {
9 keys {
10 TRANSFER;
11 };
12};
- Buat script untuk cronjob:
vi /etc/cron.d/dnsupdatedan tambahkan :
* */12 * * * root /usr/bin/wget http://[IP.ISPCP.SERVER]/domain/ -O /etc/bind/named.conf.backup && /etc/init.d/bind9 reload
- Terakhir, coba reload cronjob untuk memastikan trik kita sukses.
1/etc/init.d/cron reload
