DirectSlave - solution to add and remove zones on slave without DirectAdmin

[kwimberl]

strange issue

I am having a strange issue that is preventing the .db from being written:

domain spiritministries.org added with primary ::ffff:107.x.x.x

As you can see it is setting up a master of ::ffff:ipv4 with literally putting in the ::ffff: in front of it!?!?!?!

Any ideas?

 

[kwimberl]

I am having a strange issue that is preventing the .db from being written:

domain spiritministries.org added with primary ::ffff:107.x.x.x

As you can see it is setting up a master of ::ffff:ipv4 with literally putting in the ::ffff: in front of it!?!?!?!

Any ideas?

I solved this problem. The answer is not to have the host line as * (put in the ipv4 there).

 

[Arieh]

I just installed this (2.1) and am using it now..

I wanted to share some things:
- DNSSEC works perfectly, if you use the slave function with axfr (which is the only way in 2.1) - with 1.3/master mode the file gets messed up.


- For Debian I have made this startupscript, modified from bind9:
Needed libs:

apt-get install libcrypt-passwdmd5-perl libconfig-auto-perl libnet-server-perl

#!/bin/sh -e

### BEGIN INIT INFO
# Provides:          directslave
# Required-Start:    $remote_fs
# Required-Stop:     $remote_fs
# Should-Start:      $network $syslog
# Should-Stop:       $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start and stop directslave
# Description:       directslave is a Slave client for DirectAdmin Multiserver
### END INIT INFO

PATH=/sbin:/bin:/usr/sbin:/usr/bin

. /lib/lsb/init-functions
PIDFILE=/usr/local/directslave/run/directslave.pid

check_network() {
    if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" = XSolaris ]; then
        IFCONFIG_OPTS="-au"
    else
        IFCONFIG_OPTS=""
    fi
    if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then
       #log_action_msg "No networks configured."
       return 1
    fi
    return 0
}


case "$1" in
    start)
	log_daemon_msg "Starting domain slave service..." "directslave"
	echo ""

	modprobe capability >/dev/null 2>&1 || true

	if [ ! -x /usr/local/directslave/bin/directslave ]; then
	    log_action_msg "directslave binary missing - not starting"
	    log_end_msg 1
	fi

	if ! check_network; then
	    log_action_msg "no networks configured"
	    log_end_msg 1
	fi

	/usr/local/directslave/bin/directslave --run
	log_end_msg 0
    ;;

    stop)
	log_daemon_msg "Stopping domain slave service..." "directslave"
	if ! check_network; then
	    log_action_msg "no networks configured"
	    log_end_msg 1
	fi

	pid=$(cat ${PIDFILE} 2>/dev/null) || true
	if [ -z "$pid" ]; then		# no pid found, so either not running, or error
	    echo -e "\nNo PID file!"
	fi
	if [ -n $pid ]; then
	    sig=9
	    n=1
	    while kill -$sig $pid 2>/dev/null; do
		if [ $n -eq 1 ]; then
		    echo -e "\nwaiting for pid $pid to die"
		fi
		if [ $n -gt 20 ]; then
		    echo -e "\ngiving up on pid $pid"
		    break
		fi
		n=$(($n+1))
		sleep 1
	    done
            log_end_msg 0
	fi
	rm -f ${PIDFILE}
    ;;

    restart)
	if ! check_network; then
	    log_action_msg "no networks configured"
	    exit 1
	fi

	$0 stop
	$0 start
    ;;
    
    status)
    	ret=0
	status_of_proc -p ${PIDFILE} 2>/dev/null || ret=$?
	exit $ret
	;;

    *)
	log_action_msg "Usage: /etc/init.d/directslave {start|stop|restart|status}"
	exit 1
    ;;
esac

exit 0

apt-get install chkconfig
chkconfig --add directslave

Edit July 22, 2016:
For Debian 8 the following is required to work:

Create:
/lib/systemd/system/directslave.service

[Unit]
Description=DirectSlave
After=network.target

[Service]
PIDFile=/usr/local/directslave/run/directslave.pid
ExecStart=/usr/local/directslave/bin/directslave --run

[Install]
WantedBy=multi-user.target

The following will enable the service to be started on booting:

systemctl enable directslave

 

[jonn]

What a treat, good work on the startup script Arieh, please and thank you.

 

[Arieh]

No problem

I did just edited the script, removed a part that did nothing (part with with /sbin/resolvconf)

 

[redjersey]

I'm trying to install 2.1 and had an error when running /usr/local/directslave/bin/directslave --check

Base class package "Net::Server::HTTP" is empty.
(Perhaps you need to 'use' the module which defines that package first,
or make that module available in @INC (@INC contains: /usr/local/directslave/bin/../lib/ /usr/local/lib/perl5 /usr/local/share/perl5 /usr/lib/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib/perl5 /usr/share/perl5 .).
at /usr/local/directslave/bin/directslave line 11
BEGIN failed--compilation aborted at /usr/local/directslave/bin/directslave line 11.

 

[SeLLeRoNe]

What OS?

If CentOS try: yum install perl-Net-Server-HTTP

Regards

 

[redjersey]

thanks, now /usr/local/directslave/bin/directslave --check
I got all OK (no error)

I have another error msg when running /usr/local/directslave/bin/directslave --debug

Couldn't find pid in existing pid_file at /usr/local/share/perl5/Net/Server/Daemonize.pm line 48.
2016/02/18-11:55:29 Couldn't find pid in existing pid_file at /usr/local/share/perl5/Net/Server/Daemonize.pm line 48.

at line 144 in file /usr/local/share/perl5/Net/Server.pm
2016/02/18-11:55:29 Server closing!

I'm using CentOS

 

[Richard G]

LoL, Sellerone beat me to the previous answer.
I hope you got all modules mentioned in the README installed now.

What do you have in your directslave.conf? I got it like this which works fine:

pid             /var/run/directslave.pid]

However, the start script has some issues if you're using that.
It seems not remove the pid file when restarting.

I used this to fix it in the initscript (the last line is added, in 2 separate occasions):

                echo -n "Stopping DirectSlave..."
                kill `cat /var/run/directslave.pid`
                rm -rf /var/run/directslave.pid

 

[SeLLeRoNe]

Also, if you're starting DS as user and not as root i would suggest to change that path.

For example i run in /usr/local/directslave with a specific user, so i run all the needed component (including the pid) in that path, and chown -R that path for the user i use

That way, you shouldn't have problems.

Regards

 

[Richard G]

Oh good to know that. I thought this was not possible, because the user should have rights to update named stuff.
So I run Directslave as user "named".

I had the pid file in the directslave directory at first, but had the same issue that the pid was not removed.

 

[redjersey]

this is my directslave.conf:

background 0
server_type HTTP
host *
port 2222
sslport 2224
ssl off
ssl_cert /usr/local/directslave/ssl/server.crt
ssl_key /usr/local/directslave/ssl/server.key

debug 1
uid named
gid named

pid /usr/local/directslave/run/directslave.pid
access_log /usr/local/directslave/log/access.log
error_log /usr/local/directslave/log/error.log
action_log /usr/local/directslave/log/action.log

named_workdir /etc/named/secondary
named_conf /etc/named/directslave.conf
retry_time 1200
rndc_path /usr/sbin/rndc

allow 0.0.0.0/0

authfile /usr/local/directslave/etc/passwd

and this is what I'm getting now when running --debug

/usr/local/directslave/bin/directslave --debug
Config: $VAR1 = {
'rndc_path' => '/usr/sbin/rndc',
'retry_time' => '1200',
'ssl_cert' => '/usr/local/directslave/ssl/server.crt',
'named_conf' => '/etc/named/directslave.conf',
'pid' => '/usr/local/directslave/run/directslave.pid',
'ssl_key' => '/usr/local/directslave/ssl/server.key',
'debug' => 1,
'authfile' => '/usr/local/directslave/etc/passwd',
'action_log' => '/usr/local/directslave/log/action.log',
'server_type' => 'HTTP',
'error_log' => '/usr/local/directslave/log/error.log',
'uid' => 'named',
'ssl' => 'off',
'access_log' => '/usr/local/directslave/log/access.log',
'background' => 0,
'port' => '2222',
'host' => '*',
'sslport' => '2224',
'named_workdir' => '/etc/named/secondary',
'allow' => '0.0.0.0/0',
'gid' => 'named'
};
Listen ports: $VAR1 = [
'2222'
];
2016/02/18-12:19:26 main (type Net::Server::HTTP) starting! pid(3382)
Resolved [*]:2222 to [::]:2222, IPv6
Not including resolved host [0.0.0.0] IPv4 because it will be handled by [::] IPv6
Resolved [*]:2222 to [::]:2222, IPv6
Not including resolved host [0.0.0.0] IPv4 because it will be handled by [::] IPv6
Duplicate configuration (TCP) on [::]:2222 with IPv6) - skipping
Binding to TCP port 2222 on host :: with IPv6
Setting gid to "25 25"
Setting uid to "25"

 

[SeLLeRoNe]

Change:
host *
to
host YOUR_SERVER_IP(IPv4)

Regards

 

[Richard G]

LoL you beat me to it again.

But it fine this way if somebody want's to run it at IPv6.

 

[redjersey]

I have changed the host field and now I've got this:

/usr/local/directslave/bin/directslave --debug
Config: $VAR1 = {
'rndc_path' => '/usr/sbin/rndc',
'retry_time' => '1200',
'ssl_cert' => '/usr/local/directslave/ssl/server.crt',
'named_conf' => '/etc/named/directslave.conf',
'pid' => '/usr/local/directslave/run/directslave.pid',
'ssl_key' => '/usr/local/directslave/ssl/server.key',
'debug' => 1,
'authfile' => '/usr/local/directslave/etc/passwd',
'action_log' => '/usr/local/directslave/log/action.log',
'server_type' => 'HTTP',
'error_log' => '/usr/local/directslave/log/error.log',
'uid' => 'named',
'ssl' => 'off',
'access_log' => '/usr/local/directslave/log/access.log',
'background' => 0,
'port' => '2222',
'host' => '192.210.123.123',
'sslport' => '2224',
'named_workdir' => '/etc/named/secondary',
'allow' => '0.0.0.0/0',
'gid' => 'named'
};
Listen ports: $VAR1 = [
'2222'
];
2016/02/18-15:04:59 main (type Net::Server::HTTP) starting! pid(16611)
Duplicate configuration (TCP) on [192.210.123.123]:2222 with IPv4) - skipping
Binding to TCP port 2222 on host 192.210.123.123 with IPv4
Setting gid to "25 25"
Setting uid to "25"

it seems like it's just a warning according to:
http://forum.directadmin.com/showthread.php?t=43924&page=9

but the readme says when running --debug it should says somethings like

if you see 'DirectSlave/2.1-beta connection OK` then everything works fine.

 

[Richard G]

No it doesn't.
It will only say connection OK when there is a real connection present, which is not the case right now.

So you might start now with changing the 'allow' to the ip of the server which is connecting to directslave and test things.

 

[redjersey]

ok I made a stupid mistake. I forgot to turn on the multi-server on DA (I thought adding the multi-server = turn the feature on)

but now when I turn on the multi-server, I can't make any connection when clicking on "test connection"

I got:
Unable to get api result. Check your configuration options.

and --debug says:

2016/02/18-17:08:41 main (type Net::Server::HTTP) starting! pid(13346)
Duplicate configuration (TCP) on [192.210.145.15]:2222 with IPv4) - skipping
Binding to TCP port 2222 on host 192.210.145.15 with IPv4
Setting gid to "25 25"
Setting uid to "25"
This doesn't look like start-end
at /usr/local/share/perl5/Net/Server.pm line 601

 

[redjersey]

just want to make a quick update - all works now

I have changed the allow back to:

0.0.0.0/0

and now it's fine thanks all for your help!!!!!

 

[Richard G]

That's in fact not very good, because anyone knowing your password can connect now.
But you have to set it up in /32 format for a single ip. So if your directadmin server is having ip address 92.168.12.40 you should use:

allow    92.168.12.40/32

and don't forget to restart directslave. It should work then.

 

[Richard G]

Ah wait.... if it still not works, try adding these to your /etc/named.conf on your directslave server in the options section (a.a.a.a = master and b.b.b.b = slave):

        allow-transfer { a.a.a.a; };
        allow-notify { a.a.a.a; };

And on your Directadmin master server:

        allow-transfer { b.b.b.b; };
        allow-notify { b.b.b.b; };

The allow-notify on the master is probably not necessary, but I use it both in this way and it works fine then.

Don't forget to restart Directslave on the slave and named on the master after the changes.