DirectAdmin
First subscribe a DirectAdmin Personal Plus (5 Dollars) License. 5 dollars license is enough for Nameserver DNS Clustering.
Prepare Server
nano /etc/hosts
127.0.0.1 localhost.localdomain localhost
93.184.xx.72 ns1.yourprimarynameserver.com ns1
nano /etc/hostname
The /etc/hostname file will contain the hostname without the domain part, eg: ns1
reboot
Download DirectAdmin and pre-load some of the custom-option by command;
bash <(curl -fsSL https://download.directadmin.com/setup.sh) 'auto'
export DA_EMAIL=webmaster@yourprimarynameserver.com
export DA_NS1=ns1.yourprimarynameserver.com
export DA_NS2=ns1.yourprimarynameserver.com
export DA_HOSTNAME="ns1.yourprimarynameserver.com"
export DA_CHANNEL=stable
If you have external Firewall, then run CSF disable entry
export DA_SKIP_CSF=true
export DA_SKIP_MYSQL_INSTALL=true
export DA_INTERACTIVE_CUSTOMBUILD=yes
export DA_INTERACTIVE_CUSTOMBUILD=1
Installation
Finally, run the installation script with DirectAdmin license key;
bash <(curl -fsSL https://download.directadmin.com/setup.sh) 'your license key here'
After installation and finishes the background tasks, adjust CustomBuild Options. And remove all extra packages like email, ftp, mysql, etc programs and keep only DNS related programs. Apache and Php is mandatory you cannot remove, but block all in Firewall other than DNS only and 2222.
Tweak some Settings;
Primary DNS Zone
Create a DNS Zone for primary nameserver. Enter the NS1 and NS2 field with ns1.yourprimarynameserver.com, both field will be ns1 yes.
After creating the zone, keep only the two records. NS record and A record.
Security
Enable two-step verify for admin user. This will failed to API connection with multi-server setup. But don't worry !
Create another administrator level user, (DirectAdmin > Account Manager > Create Administrator)
and make sure that the secondary administrator user's two-step auth is disabled.
/usr/local/directadmin/data/users/anotheradmin/user.conf
twostep_auth=no
Then create a Login Keys for anotheradmin to connect API auth with multi server.
Logout from admin, and log in by the secondary administrator user.
Then browse User Tab section widget layout (not Admin tab), then click the "Login Keys" module.
Create a new login key here. Remember that the "key name" is just an optional thing (as a comment) where you can write a production server name where you will connect this DNS Only server as multi server. And the "key value" is the password as an alternative password of secondary administrator user.
The Login Keys "allow" list would be as follows:
CMD_API_DNS_ADMIN
CMD_API_LOGIN_TEST
CMD_API_USER_EXISTS
and the Login Keys "deny" list would be as follows:
CMD_LOGIN_KEYS
CMD_API_LOGIN_KEYS
CMD_PASSWD
You can connect the DNS Only server with your production server by using this Login Key for API connection:
Login to a production server DirectAdmin panel, then browse Server Manager > Multi Server Setup
Remember that here you will use the username as the secondary administrator login username (not key name), and the password will be the Login Key password (key value).
Then connect multi server and Enjoy !
If you need to migrate the server with existing license, run reboot
or,
systemctl restart directadmin.service
All DNS file located in: /etc/bind/
Force license update:
echo 'Provided license key should go here' > /usr/local/directadmin/conf/license.key
chmod 0600 /usr/local/directadmin/conf/license.key
systemctl restart directadmin
If you want to setup a Third Nameserver:
https://docs.directadmin.com/other-hosting-services/dns/general.html#how-to-add-a-3rd-nameserver-ns3
Post a Comment
Post a Comment