PowerDNS Recursor

by tkelso
3 deployments · 0 still active · last rev. 4 months ago

Compatible with: Debian 9
						#!/bin/bash

# <UDF name="sys_hostname" Label="Hostname" example="Required" />
# <UDF name="whitelist" Label="Whitelisted IPs" example="Required. Comma separated list. IP or Range, eg: 192.168.0.0/16" />
# <UDF name="pubkey" Label="Public RSA Key" example="Optional" default="" />
# <UDF name="listenon" Label="Listen On" oneof="Private,Public,Both" example="IP to listen on. Defaults to Private" default="Private" />

# Stops SSH to prevent login during setup
systemctl stop ssh
hostnamectl set-hostname $SYS_HOSTNAME
apt-get update && apt-get upgrade -y && apt-get install pdns-recursor -y

if [ -z "PUBKEY" ]; then
    echo "No pubkey set."
else
    mkdir /root/.ssh
    echo $PUBKEY > /root/.ssh/authorized_keys
fi


pubip=$(ip a | grep "global eth0" | grep -v "192.168.*" | cut -d ' ' -f6); echo ${pubip:0:-3}
privip=$(ip a | grep "global eth0" | grep 192 | cut -d ' ' -f6); echo ${privip:0:-3}


echo "allow-from=$WHITELIST" >> /etc/powerdns/recursor.conf
if [[ $LISTENON == "Private" ]]; then
    echo "local-address=127.0.0.1,$PRIVIP" >> /etc/powerdns/recursor.conf
elif [[ $LISTENON == "Public" ]]; then
    echo "local-address=127.0.0.1,$PUBIP" >> /etc/powerdns/recursor.conf
else
    echo "local-address=127.0.0.1,$PUBIP,$PRIVIP" >> /etc/powerdns/recursor.conf
fi

systemctl restart pdns-recursor
systemctl start ssh