dnssec

Author: RootShell-coder

Dockerfile

@@ -102,6 +102,7 @@ RUN set -eux; \
 		mariadb-connector-c \
 		yaml-cpp \
 		zeromq \
+		openssl \
 		\
         pwgen \
 		supervisor \
@@ -118,6 +119,9 @@ RUN set -eux; \
 		php81-openssl \
 		php81-session \
 		php81-tokenizer \
+		php81-mbstring \
+		php81-xml \
+		composer \
 		musl musl-utils musl-locales tzdata \
 		; \
 	true "Setup user and group"; \
@@ -131,30 +135,32 @@ RUN set -eux; \
 	true "Cleanup"; \
 	rm -f /var/cache/apk/*
 
+RUN set -eux; \
+	mkdir -p /var/www/html; \
+	cd /var/www/html; \
+	wget https://github.com/poweradmin/poweradmin/archive/refs/tags/v${POWERADMIN_VER}.tar.gz; \
+	tar -xf v${POWERADMIN_VER}.tar.gz && rm -f v${POWERADMIN_VER}.tar.gz; \
+	mv poweradmin-${POWERADMIN_VER} poweradmin; \
+	rm -rf /var/www/html/poweradmin/install/
+
 COPY --from=builder /build/powerdns-root /
 COPY supervisor /etc/supervisor
 COPY powerdns /etc/powerdns
 COPY entrypoint /usr/bin
 COPY nginx /etc/nginx
 COPY php81 /etc/php81
+COPY poweradmin /var/www/html/poweradmin/inc
 
 RUN set -eux; \
-	mkdir -p /var/www/html; \
-	cd /var/www/html; \
-	wget https://github.com/poweradmin/poweradmin/archive/refs/tags/v${POWERADMIN_VER}.tar.gz; \
-	tar -xf v${POWERADMIN_VER}.tar.gz && rm -f v${POWERADMIN_VER}.tar.gz; \
-	mv poweradmin-${POWERADMIN_VER} poweradmin; \
-	rm -rf /var/www/html/poweradmin/install/; \
-	\
 	chmod 0750 /etc/powerdns; \
   	chmod 0640 /etc/powerdns/pdns.conf; \
   	chown -R root:powerdns /etc/powerdns; \
 	chown -R nginx:nginx /var/www/html; \
 	chmod +x /usr/bin/entrypoint; \
 	cp /usr/share/zoneinfo/${TZ} /etc/localtime
 
-COPY poweradmin /var/www/html/poweradmin
+EXPOSE 53 8081 80
+EXPOSE 53/UDP
 
-EXPOSE 53/TCP 53/UDP 8081/TCP 80/TCP
 ENTRYPOINT [ "entrypoint" ]
 CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"]

entrypoint

@@ -1,5 +1,29 @@
 #!/bin/sh
 
+#Defaults
+# mysql
+MYSQL_HOST=${MYSQL_HOST:-localhost}
+MYSQL_PORT=${MYSQL_PORT:-3306}
+MYSQL_DATABASE=${MYSQL_DATABASE:-pdns}
+MYSQL_USER=${MYSQL_USER:-pdns}
+MYSQL_PASSWORD=${MYSQL_PASSWORD:-pdns}
+
+#php
+SESSION_KEY=`pwgen 32 1`
+
+
+PDNS_ALLOW_AXFR_IPS=${PDNS_ALLOW_AXFR_IPS:-127.0.0.1}
+PDNS_MASTER=${PDNS_MASTER:-yes}
+PDNS_SLAVE=${PDNS_SLAVE:-no}
+PDNS_CACHE_TTL=${PDNS_CACHE_TTL:-20}
+PDNS_DISTRIBUTOR_THREADS=${PDNS_DISTRIBUTOR_THREADS:-3}
+PDNS_RECURSIVE_CACHE_TTL=${PDNS_RECURSIVE_CACHE_TTL:-10}
+PDNS_ALLOW_RECURSION=${PDNS_ALLOW_RECURSION:-127.0.0.1}
+PDNS_RECURSOR=${PDNS_RECURSOR:-no}
+POWERADMIN_HOSTMASTER=${POWERADMIN_HOSTMASTER:-}
+POWERADMIN_NS1=${POWERADMIN_NS1:-}
+POWERADMIN_NS2=${POWERADMIN_NS2:-}
+
 # Setup run directory
 if [ ! -d /run/powerdns ]; then
 	mkdir -p /run/powerdns
@@ -11,27 +35,26 @@ chmod 0755 /run/powerdns
 
 if [ -n "$MYSQL_HOST" ]; then
     sed -i "s!MYSQL_HOST!${MYSQL_HOST}!" /etc/powerdns/conf.d/gmysql.conf
-	sed -i "s!{{MYSQL_HOST}}!${MYSQL_HOST}!" /var/www/html/poweradmin/config.inc.php
+	sed -i "s!{{MYSQL_HOST}}!${MYSQL_HOST}!" /var/www/html/poweradmin/inc/config.inc.php
 fi
 if [ -n "$MYSQL_PORT" ]; then
     sed -i "s!MYSQL_PORT!${MYSQL_PORT}!" /etc/powerdns/conf.d/gmysql.conf
-	sed -i "s!{{MYSQL_PORT}}!${MYSQL_PORT}!" /var/www/html/poweradmin/config.inc.php
+	sed -i "s!{{MYSQL_PORT}}!${MYSQL_PORT}!" /var/www/html/poweradmin/inc/config.inc.php
 fi
 if [ -n "$MYSQL_DATABASE" ]; then
     sed -i "s!MYSQL_DATABASE!${MYSQL_DATABASE}!" /etc/powerdns/conf.d/gmysql.conf
-	sed -i "s!{{MYSQL_DB}}!${MYSQL_DATABASE}!" /var/www/html/poweradmin/config.inc.php
+	sed -i "s!{{MYSQL_DB}}!${MYSQL_DATABASE}!" /var/www/html/poweradmin/inc/config.inc.php
 fi
 if [ -n "$MYSQL_USER" ]; then
     sed -i "s!MYSQL_USER!${MYSQL_USER}!" /etc/powerdns/conf.d/gmysql.conf
-	sed -i "s!{{MYSQL_USER}}!${MYSQL_USER}!" /var/www/html/poweradmin/config.inc.php
+	sed -i "s!{{MYSQL_USER}}!${MYSQL_USER}!" /var/www/html/poweradmin/inc/config.inc.php
 fi
 if [ -n "$MYSQL_PASSWORD" ]; then
     sed -i "s!MYSQL_PASSWORD!${MYSQL_PASSWORD}!" /etc/powerdns/conf.d/gmysql.conf
-	sed -i "s!{{MYSQL_PASSWORD}}!${MYSQL_PASSWORD}!" /var/www/html/poweradmin/config.inc.php
+	sed -i "s!{{MYSQL_PASSWORD}}!${MYSQL_PASSWORD}!" /var/www/html/poweradmin/inc/config.inc.php
 fi
 
-	SESSION_KEY=`pwgen 32 1`
-	sed -i "s!{{SESSION_KEY}}!${SESSION_KEY}!" /var/www/html/poweradmin/config.inc.php
+	sed -i "s!{{SESSION_KEY}}!${SESSION_KEY}!" /var/www/html/poweradmin/inc/config.inc.php
 
 # Setup web access
 if [ ! -f /etc/powerdns/conf.d/webserver.conf ] && [ -n "$POWERDNS_WEBSERVER_ALLOW_FROM" ]; then

nginx/http.d/default.conf

@@ -1,5 +1,3 @@
-# This is a default site configuration which will simply return 404, preventing
-# chance access to any other virtualhost.
 upstream php {
     server  127.0.0.1:9000;
 }
@@ -10,34 +8,41 @@ server {
 	root /var/www/html/;
 	index index.html index.php;
 
+	location ~ /\. {
+    	deny all;
+    	log_not_found off;
+  	}
+
+    location ~* /\.(ht|svn|hg) {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+
+    location ~ (/\.gitignore|/\.git) {
+            deny all;
+            access_log off;
+            log_not_found off;
+    }
+
+    location ~* \.(?:jpe?g|gif|png|ico|swf|svg|eot|ttf|otf|woff|htc|css|js)$ {
+    	expires max;
+  	}
+
     location / {
-                # First attempt to serve request as file, then
-                # as directory, then fall back to displaying a 404.
-        try_files $uri $uri/ =404;
+        try_files $uri $uri/ /index.php;
     }
 
   	location ~ \.php$ {
+    	try_files       $uri = 404;
     	include			fastcgi_params;
     	fastcgi_pass 	php;
 		fastcgi_index	index.php;
 		fastcgi_param	SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		include         /etc/nginx/fastcgi_params;
 
 		fastcgi_buffer_size 32k;
 		fastcgi_buffers 4 32k;
 		fastcgi_cache_valid 200 60m;
   	}
- 	
-	location ~ /\. {
-    	deny all;
-    	log_not_found off;
-  	}
-
-    location ~* \.(?:jpe?g|gif|png|ico|swf|svg|eot|ttf|otf|woff|htc|css|js)$ {
-    	expires max;
-  	}
-
-	# You may need this to prevent return 404 recursion.
-	location = /404.html {
-		internal;
-	}
 }

php81/php-fpm.d/www.conf

@@ -20,8 +20,8 @@
 ; Unix user/group of processes
 ; Note: The user is mandatory. If the group is not set, the default user's group
 ;       will be used.
-user = nginx
-group = nginx
+user = powerdns
+group = powerdns
 
 ; The address on which to accept FastCGI requests.
 ; Valid syntaxes are:

poweradmin/config.inc.php

@@ -16,7 +16,7 @@
 
 $timezone = 'Europe/Moscow';
 
-$pdnssec_use = false;
+$pdnssec_use = true;
 $pdnssec_debug = false;
 $pdnssec_command = '/usr/bin/pdnsutil';