Initial commit

Signed-off-by: Jacob Kiers <code@kiers.eu>

setup/data/README.md

@@ -0,0 +1,17 @@
+# PowerDNS Authoritative Server
+
+Hey there!
+
+This app contains a [PowerDNS Authoritative DNS server](https://doc.powerdns.com/authoritative/).
+With this, you have the full power of PowerDNS at your fingertips.
+
+By default, it is configured as a primary server. The configuration is stored
+in the file called `/app/data/config/pdns.conf` and the `pdns.d` subdirectory.
+
+After you have made changes to it you can restart just powerdns-server by running
+`supervisorctl restart powerdns-server`.
+
+It uses the sqlite3 backend, and has an administrative web interface. For
+security purposes this is disabled by default. In order to use the admin
+interface, you must change the webserver and api settings in the
+`01-api.conf` file.

setup/data/config/pdns.conf

@@ -0,0 +1,11 @@
+#################################
+# include-dir	Include *.conf files from this directory
+#
+# include-dir=
+include-dir=/app/data/config/pdns.d
+
+#################################
+# launch	Which backends to launch and order to query them in
+#
+# launch=
+launch=

setup/data/config/pdns.d/00-pdns.conf

@@ -0,0 +1,16 @@
+local-address=::1,0.0.0.0
+
+primary=yes
+version-string=anonymous
+
+allow-axfr-ips=127.0.0.0/8,::1,2a02:a470:2cda::/48,2a01:4f8:c17:7865::/64,2607:7c80:54:6::53,204.87.183.53
+allow-dnsupdate-from=127.0.0.0/8,::1,fe80::/10,2a02:a470:2cda::/48
+
+default-soa-content=dns.home.kie.rs hostmaster.@ 0 10800 3600 604800 3600
+default-soa-edit=INCEPTION-INCREMENT
+
+launch+=gsqlite3
+gsqlite3-database=/app/data/db/pdns.sqlite3
+gsqlite3-dnssec=yes
+
+

setup/data/config/pdns.d/01-api.conf

@@ -0,0 +1,27 @@
+# Webserver and API configuration
+
+# In order to enable the administrative interface, make sure that the
+# following three keys are updated.
+#
+# Generate a secure API key with the following command:
+# `LC_CTYPE=C tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c32`
+#
+# This API key is also the password for the web interface.
+webserver=no
+api=no
+api-key=HereYourSuperSecureApiKeyWhichIsAlsoThePasswordForTheAdminInterface
+
+
+# Listen address for the webserver. Defaults to everywhere, so the API can reach it.
+webserver-address=0.0.0.0
+
+# The webserver port to listen on. Do not change this.
+webserver-port=8082
+
+# Where to allow requests from. Basic firewall.
+# Update this to allow the API to work.
+webserver-allow-from=127.0.0.0/8,::1,fe80::/10,0.0.0.0/0,::/0
+
+# Controls the verbosity of webserver logging
+# Accepted values: none, normal, detailed
+webserver-loglevel=normal

setup/data/config/pdns.d/02-logging.conf

@@ -0,0 +1,5 @@
+loglevel=5
+
+log-dns-details=yes
+log-dns-queries=yes
+log-timestamp=yes