Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
software:stapler [04-Jul-2012 18:11] – Angelo Babudro | software:stapler [11-Jul-2023 16:04] (current) – [Known bugs and deficiencies] Angelo Babudro | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Stapler ====== | ====== Stapler ====== | ||
- | Stapler is a Perl application developed to simplify server DNS zone file maintenance. | + | Stapler is a Perl application developed |
- | Every time I added a server to my network, I had to change the zone files for all of the domains in which that server would be used. If it was a web or e-mail server, I might have a dozen zone files to edit. If I changed IP addressing schemes, I had to edit all the zone files. | ||
- | Stapler makes this all very easy by keeping your primary and secondary | + | ===== Background ===== |
+ | Every time I added a server to my network I changed the zone files by hand for all of the domains in which that server would be used. | ||
- | To use Stapler | + | Stapler |
- | $ locate ANSIColor.pm | + | ===== Recent updates ===== |
+ | February 2017: Stapler 4.28 now supports single dynamic IP addresses, such as on a residential Internet service, that can be updated using a Cron job on the dynamic host and a simple web page on the DNS server that has Stapler on it. Running the Cron job every four hours, for example, would check your server' | ||
- | You should see something like this (path may be different): | + | March 2017: Stapler 4.29 significant update with revision of several areas of logic. |
- | | + | |
+ | October 2017: | ||
+ | |||
+ | June 2021: Stapler 4.39 brings a lot of updates that have been needed for a while due to changes in BIND. | ||
+ | |||
+ | ===== Requirements ===== | ||
+ | To use Stapler you need to be using BIND for DNS resolution (it does not work with things like TinyDNS). | ||
+ | |||
+ | Stapler was initially developed in Perl 5 version | ||
+ | |||
+ | Perl CPAN modules required: | ||
+ | * Term::ANSIColor | ||
+ | * Switch | ||
+ | |||
+ | As of April 2017 the Gentoo emerge command to install or verify installation of these modules is: | ||
+ | |||
+ | emerge -va perl-Term-ANSIColor dev-perl/ | ||
+ | |||
+ | As of June 2021 Stapler works with Arch Linux standard installation (i.e., no special packages needed). | ||
+ | |||
+ | |||
+ | ===== Download ===== | ||
+ | 1. Download the {{ : | ||
+ | |||
+ | 2. Get the version you want. | ||
+ | |||
+ | |<100% 8em>| | ||
+ | ^ Release Date ^ Description ^ | ||
+ | | 03 Sept 2022| {{ : | ||
+ | | 07 Jun 2021 | {{ : | ||
+ | | 27 Nov 2018 | {{ : | ||
+ | | 02 Feb 2018 | {{ : | ||
+ | | 18 Jan 2018 | {{ : | ||
+ | | 19 Oct 2017 | {{ : | ||
+ | | 11 Mar 2017 | {{ : | ||
+ | |||
+ | 3. Validate the download against the checksums: | ||
+ | md5sum --check --ignore-missing stapler.md5 | ||
===== Installation ===== | ===== Installation ===== | ||
+ | Prior to version 4.42 the files were stored without a path, but from version 4.42 there is now a directory that will be created with the version number, e.g., ./ | ||
- | Download the script | + | The Perl script |
+ | ln -s / | ||
+ | |||
+ | Run the '' | ||
+ | cd / | ||
+ | stapler | ||
- | ftp:// | + | ... to build the DNS files for projectA. |
- | Paths are preserved in the tar file. The Perl script should placed in / | ||
- | To view the archive you can use:< | + | ==== Unpack |
+ | Install the file as root from your // | ||
+ | sudo mkdir / | ||
+ | sudo tar -C /etc/stapler -xPpzf stapler-YYYY-MM-DD.tgz | ||
+ | |||
+ | The above will put everything in /etc/stapler where you can edit and create your configuration files. | ||
+ | |||
+ | If you would like to use version control and/or the ability to have multiple configurations for Stapler (e.g., for multiple clients' | ||
+ | sudo su | ||
+ | mkdir -p / | ||
+ | ln -s / | ||
+ | | ||
+ | cp -av / | ||
+ | cd / | ||
+ | rm stapler | ||
+ | mv stapler.conf.dist stapler.conf | ||
+ | mv checkin.php.dist checkin.php | ||
+ | ln -s / | ||
+ | |||
+ | The above steps will make the //active// directory point to a branch for the hostname on which you unpack the software. | ||
+ | |||
+ | Make additional directories under // | ||
+ | svn add trunk branches | ||
+ | |||
+ | With this method you can set the //active// directory to point to whatever directory you want to use to create DNS zone files on a given server, and that way all of your DNS boxes can update from the same repository. | ||
+ | |||
+ | ==== Weekly root cache update ==== | ||
+ | Configure a weekly Cron job to update your DNS root server cache. | ||
+ | 00 00 * * Sun wget -O / | ||
+ | |||
+ | ==== Put executable in your path ==== | ||
+ | Optional: | ||
+ | ln -s / | ||
===== Configuration ===== | ===== Configuration ===== | ||
You will find comments within the configuration files, which include: | You will find comments within the configuration files, which include: | ||
- | - 192.168.1 --- a sample of a netblock configuration, you can have as many of these as you like. | + | - 192.168 --- a sample of a netblock configuration. You can have as many of these as you like. |
- aliases.stapler --- machine aliases (a.k.a., sub-domains). | - aliases.stapler --- machine aliases (a.k.a., sub-domains). | ||
- domain.primary --- domains for which this DNS server is authoritative (i.e., the master). | - domain.primary --- domains for which this DNS server is authoritative (i.e., the master). | ||
- domain.secondary --- domains names for which this DNS server is a relay (i.e., a slave). | - domain.secondary --- domains names for which this DNS server is a relay (i.e., a slave). | ||
- | - named.root --- a copy of the root name servers that is publicly available. | ||
- stapler.conf --- the main configuration file. | - stapler.conf --- the main configuration file. | ||
+ | ==== Edit the configuration ==== | ||
+ | Edit the '' | ||
+ | |||
+ | ==== Configure your domains ==== | ||
+ | Edit the files **domain.primary** and **domain.secondary** as needed. | ||
+ | * The //primary// file lists all the domains for which //this// DNS server is the authoritative master. | ||
+ | * The // | ||
+ | |||
+ | You could have many slaves, and you might have several masters. | ||
+ | |||
+ | Instructions are contained within each file. | ||
+ | |||
+ | ==== Configure CNAME aliases ==== | ||
+ | Often you'll want a machine to have more than one name. ns1 might also be mail, dev, ops, whatever. | ||
+ | |||
+ | As with the other files, you will find examples and instructions when you open it. | ||
+ | |||
+ | |||
+ | ===== Trial run ===== | ||
+ | At this point you should be able to type '' | ||
+ | |||
+ | Use the **-n** (dry run) flag to do everything except reload DNS, so you can examine the zone files and the named.conf file before putting them into effect. | ||
+ | |||
+ | There is a **-h** / **--help** command that lists the available options. | ||
+ | |||
+ | |||
+ | ===== Add Dynamic DNS support ===== | ||
+ | Dynamic DNS support is introduced in version 4.31. This permits you to make your DNS server support dynamically-changing IP addresses, somewhat like commercial services like DynDNS do. | ||
+ | |||
+ | Dynamic DNS support is optional. | ||
+ | |||
+ | If you have servers at home or other locations where the IP addresses change, and you find yourself having to go to those boxes to retrieve their IP address whenever it changes, then you want to use Dynamic DNS. If you are paying for a Dynamic DNS service and are happy with it, then I am not suggesting you change. | ||
+ | |||
+ | The concept is rather simple. | ||
+ | |||
+ | First, create a file named '' | ||
+ | 1.2.3.4 | ||
+ | 5.6.7.8 | ||
+ | |||
+ | Now change ownership of that file so that Apache can manage it: | ||
+ | chown apache dynamic | ||
+ | |||
+ | Of course, replace " | ||
+ | |||
+ | Next, decide if you want to make a symlink to the checkin.php script for the web server or copy the file. Your web server will need to be permitted to follow symlinks, which it probably is not by default, so the simplest thing to do is copy the file. A symlink has the benefit of updating the web script whenever you udpate the source package. | ||
+ | |||
+ | So either make a symlink: | ||
+ | ln -s / | ||
+ | |||
+ | ...or else copy the script: | ||
+ | cp / | ||
+ | |||
+ | You will also need to give permission to **apache** (or **www** or whatever user name your web server runs as) to run two commands using '' | ||
+ | file in / | ||
+ | apache | ||
+ | |||
+ | Obviously, you need to really trust Stapler to not mess up your DNS, but there' | ||
+ | |||
+ | The final step is to put your dynamic DNS into action by automating a call-out on your machines that have dynamic IP addresses. | ||
+ | 0 * * * * / | ||
+ | |||
+ | The **user** variable is optional. | ||
+ | |||
+ | The **host** variable indicates which host to change inside the / | ||
+ | |||
+ | When set to a non-zero value, the **verbose** variable causes you to get an e-mail even when nothing changes. | ||
+ | |||
+ | Any output of the wget command is piped to /dev/null because we don't want the machine running the cron to generate an e-mail, but rather the remote host's checkin.php script. | ||
+ | |||
+ | ===== Known bugs and deficiencies ===== | ||
+ | The format of the config file needs a bit of an overhaul to be more consistent. | ||
+ | |||
+ | The handling of special records such as SPF and DKIM needs improvement. | ||
+ | |||
+ | DNSSEC configuration is not working properly. | ||
+ | |||
+ | There is no IPv6 support. | ||
- | ===== Tips ===== | + | Stapler is not intended to manage a situation where each domain has different hosts defined. |