NicToolServer - Exporting to tinydns

Exporting NicTool DNS data to tinydns

To export zone data from NicTool to tinydns, you must have several things set up.

1. Create nameservers in NicTool - Log into via the web interface, create a sub-group if desired, and then add a nameserver.

2. Configure tinydns. This assumes you have djbdns already installed. A typical configuration is shown.
tinydns-conf tinydns tinydns /usr/local/tinydns/ns1 10.0.0.1
axfrdns-conf tinydns tinydns /usr/local/axfrdns/ns1 /usr/local/tinydns/ns1 10.0.0.1
The use of tinydns:tinydns for the user/group is arbitrary. You can use any username/group you'd like, but doing so will require extra effort on your part..
3. Configure the NicTool export user.

Using your system password editing tools (adduser, useradd, etc), add the user 'nictool' for the export processes to run as.

4. Set up SSH keys for rsync updates

su - nictool
ssh-keygen -d
su - tinydns
ssh-keygen -d
cat ~nictool/.ssh/id_dsa.pub >> ~tinydns/.ssh/authorized_keys
setuidgid nictool ssh tinydns@ns1.example.com
When you ssh to your nameserver, you'll be prompted to accept its host key. You should then be logged in successfully. This must work in order for updates to happen automatically.
5. Do a manual export

cd /usr/local/nictool
mkdir ns1
cd ns1
ln -s ../server/bin/nt_export.pl .
./nt_export.pl
./nt_export.pl -nsid N

The nt_export.pl script will create a data-NS directory in the current working directory. Inside will be the data file exported by NicTool with all your zone data. Also left behind will be a 'run' file. That run file can be run from cron, init, or daemontools. If the information about the nameserver is correct in the database, and the nictool user has permission to SSH to the nameserver as the 'tinydns' user, then the export will likely succeed.
6. Test the NicTool export process.

./run (wait 10 seconds, ignore any errors)
Ctrl-C (cancel)
./run

At this point the export process is running. Ctrl-C to cancel.
7. Add servers to supervised directory.

** FreeBSD ports **
echo "svscan_enable=\"YES\"" >> /etc/rc.conf
/usr/local/etc/rc.d/svscan.sh start
mkdir /var/service
ln -s /var/service /service
** FreeBSD ports**
ln -s /usr/local/tinydns/ns1 /service
ln -s /usr/local/nictool/ns1 /service

8. Configure remote servers.

ssh ns2.example.com
cd /usr/ports/dns/djbdns
sudo make install clean
cd /usr/ports/net/rsync
sudo make install clean
echo "svscan_enable=\"YES\"" >> /etc/rc.conf
mkdir /var/service
ln -s /usr/local/tinydns/ns2 /service
/usr/local/etc/rc.d/svscan.sh start
tinydns-conf tinydns tinydns /usr/local/tinydns/ns2 10.0.0.2
chown -R tinydns /usr/local/tinydns/ns2/root
tail /service/tinydns/ns2/log/main/current
exit (return to nictool master)
scp ~nictool/.ssh/id_dsa.pub tinydns@10.0.0.2:.ssh/authorized_keys
There is an older version of this document for use with the c++ program. .