Initial commit

Signed-off-by: Jacob Kiers <code@kiers.eu>

setup/config/nginx/sites-available/powerdns.conf

@@ -0,0 +1,19 @@
+client_body_temp_path /run/client_body;
+proxy_temp_path /run/proxy_temp;
+fastcgi_temp_path /run/fastcgi_temp;
+scgi_temp_path /run/scgi_temp;
+uwsgi_temp_path /run/uwsgi_temp;
+
+server {
+  listen 3000;
+
+  root /app/code/static;
+
+  location /api/ {
+    proxy_pass http://127.0.0.1:8082;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_read_timeout 86400;
+  }
+}

setup/config/supervisor/conf.d/nginx.conf

@@ -0,0 +1,10 @@
+[program:nginx]
+directory=/tmp
+command=/usr/sbin/nginx -g "daemon off;"
+user=root
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0

setup/config/supervisor/conf.d/powerdns-server.conf

@@ -0,0 +1,10 @@
+[program:powerdns-server]
+command=/usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no --config-dir=/app/data/config/pdns.conf
+directory=/app/data
+user=cloudron
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0

setup/data/README.md

@@ -0,0 +1,17 @@
+# PowerDNS Authoritative Server
+
+Hey there!
+
+This app contains a [PowerDNS Authoritative DNS server](https://doc.powerdns.com/authoritative/).
+With this, you have the full power of PowerDNS at your fingertips.
+
+By default, it is configured as a primary server. The configuration is stored
+in the file called `/app/data/config/pdns.conf` and the `pdns.d` subdirectory.
+
+After you have made changes to it you can restart just powerdns-server by running
+`supervisorctl restart powerdns-server`.
+
+It uses the sqlite3 backend, and has an administrative web interface. For
+security purposes this is disabled by default. In order to use the admin
+interface, you must change the webserver and api settings in the
+`01-api.conf` file.

setup/data/config/pdns.conf

@@ -0,0 +1,11 @@
+#################################
+# include-dir	Include *.conf files from this directory
+#
+# include-dir=
+include-dir=/app/data/config/pdns.d
+
+#################################
+# launch	Which backends to launch and order to query them in
+#
+# launch=
+launch=

setup/data/config/pdns.d/00-pdns.conf

@@ -0,0 +1,16 @@
+local-address=::1,0.0.0.0
+
+primary=yes
+version-string=anonymous
+
+allow-axfr-ips=127.0.0.0/8,::1,2a02:a470:2cda::/48,2a01:4f8:c17:7865::/64,2607:7c80:54:6::53,204.87.183.53
+allow-dnsupdate-from=127.0.0.0/8,::1,fe80::/10,2a02:a470:2cda::/48
+
+default-soa-content=dns.home.kie.rs hostmaster.@ 0 10800 3600 604800 3600
+default-soa-edit=INCEPTION-INCREMENT
+
+launch+=gsqlite3
+gsqlite3-database=/app/data/db/pdns.sqlite3
+gsqlite3-dnssec=yes
+
+

setup/data/config/pdns.d/01-api.conf

@@ -0,0 +1,27 @@
+# Webserver and API configuration
+
+# In order to enable the administrative interface, make sure that the
+# following three keys are updated.
+#
+# Generate a secure API key with the following command:
+# `LC_CTYPE=C tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c32`
+#
+# This API key is also the password for the web interface.
+webserver=no
+api=no
+api-key=HereYourSuperSecureApiKeyWhichIsAlsoThePasswordForTheAdminInterface
+
+
+# Listen address for the webserver. Defaults to everywhere, so the API can reach it.
+webserver-address=0.0.0.0
+
+# The webserver port to listen on. Do not change this.
+webserver-port=8082
+
+# Where to allow requests from. Basic firewall.
+# Update this to allow the API to work.
+webserver-allow-from=127.0.0.0/8,::1,fe80::/10,0.0.0.0/0,::/0
+
+# Controls the verbosity of webserver logging
+# Accepted values: none, normal, detailed
+webserver-loglevel=normal

setup/data/config/pdns.d/02-logging.conf

@@ -0,0 +1,5 @@
+loglevel=5
+
+log-dns-details=yes
+log-dns-queries=yes
+log-timestamp=yes