#1  
Old 1st April 2013, 10:10
markc markc is offline
Member
 
Join Date: Dec 2012
Posts: 56
Thanks: 6
Thanked 9 Times in 9 Posts
Default Small DNS server

I have a small 220 Mb VPS and thought I could put it to use as a slave DNS server using Debian wheezy. It was an interesting exercise seeing what could or could not run in such a small VPS and this is a bit of a brain dump FWIW. I tried using nginx with just fcgiwrap but it would mean adding "#!/usr/bin/php5-cgi" to a couple of dozen first run PHP scripts. There is no way php-fpm would run along with MySQL and Bind so I ended up installing lighttpd just to run the ISPConfig CP and I only had to alter one file...

Code:
chmod 640 /usr/local/ispconfig/interface/lib/config.inc.php
so that lighttpd running as www-data could access it (the ispconfig user belongs to the www-data group on Debian/Ubuntu systems). Yes, pure CGI (not FastCGI) is pretty slow but it works. I also added just postfix on it's own so the system could send out any email notices. Here is a list of running services...

Code:
~ free
             total       used       free     shared    buffers     cached
Mem:        225280     111036     114244          0          0          0
-/+ buffers/cache:     111036     114244
Swap:       524288          0     524288

~ ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.3  10608   824 ?        Ss   Mar31   0:00 init [2]      
root      3245  0.0  0.7  58808  1640 ?        Sl   Mar31   0:00 /usr/sbin/rsyslogd -c5
bind      3269  0.0  5.2  86940 11760 ?        Ssl  Mar31   0:00 /usr/sbin/named -u bind
root      3294  0.0  0.4  18836   952 ?        Ss   Mar31   0:00 /usr/sbin/cron
www-data  3315  0.0  1.1  80444  2512 ?        S    Mar31   0:00 /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
root      3345  0.0  0.2   4132   652 ?        S    Mar31   0:00 /bin/sh /usr/bin/mysqld_safe
mysql     3657  0.0  4.2  63528  9472 ?        Sl   Mar31   0:00 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mysql/plugin --user=m
root      3865  0.0  1.0  37744  2428 ?        Ss   Mar31   0:00 /usr/lib/postfix/master
postfix   3866  0.0  1.0  39864  2376 ?        S    Mar31   0:00 qmgr -l -t fifo -u
root      3882  0.0  0.4  40936   928 ?        Ss   Mar31   0:00 pure-ftpd (SERVER)                                                                                  
root      3945  0.0  0.5  41640  1212 ?        Ss   Mar31   0:00 /usr/sbin/sshd
postfix   5925  0.0  1.0  39812  2336 ?        S    Mar31   0:00 pickup -l -t fifo -u -c
root      5969  0.0  1.6  69432  3812 ?        Ss   00:55   0:00 sshd: root@pts/0 
root      5971  0.0  0.8  17900  2024 pts/0    Ss   00:55   0:00 -bash
root      5984  0.0  0.4  15260  1092 pts/0    R+   00:59   0:00 ps aux
I had to disable InnoDB for Mysql so here is it's my.cnf...

Code:
[client]
user                    = MYSQL_USERNAME
password                = MYSQL_PASSWORD
port                    = 3306
socket                  = /var/run/mysqld/mysqld.sock

[mysqld]
default-storage-engine  = myisam
port                    = 3306
socket                  = /var/run/mysqld/mysqld.sock
key_buffer_size         = 16K
max_allowed_packet      = 1M
table_open_cache        = 4
sort_buffer_size        = 64K
read_buffer_size        = 256K
read_rnd_buffer_size    = 256K
net_buffer_length       = 2K
thread_stack            = 128K
server-id               = 1
general_log             = 1
general_log_file        = /var/log/mysql/mysql.log
log_error               = /var/log/mysql/error.log
log_slow_queries        = /var/log/mysql/mysql-slow.log
long_query_time         = 2
log-queries-not-using-indexes
ignore_builtin-innodb
skip-external-locking

[mysqldump]
quick
max_allowed_packet      = 16M

[mysql]
no-auto-rehash

[myisamchk]
key_buffer_size         = 8M
sort_buffer_size        = 8M

[mysqlhotcopy]
interactive-timeout
and the lighttpd conf...

Code:
server.modules = (
  "mod_access",
  "mod_alias",
  "mod_compress",
  "mod_redirect",
#  "mod_rewrite",
)

server.document-root        = "/var/www"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc", ".ht" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
cgi.assign                  = ( ".php" => "/usr/bin/php5-cgi" )
compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

$HTTP["url"] =~ "\.(js|css|gif|jpg|png|ico|txt|swf|html|htm)$" {
  expire.url = ( "" => "access 3 days" )
}

$HTTP["url"] =~ "\.(gif|jpe?g|png|htc|css|js|ico)$" {
  accesslog.filename = "/dev/null"
}

$SERVER["socket"] == "0.0.0.0:443" {
  ssl.engine                = "enable"
  ssl.pemfile               = "/etc/ssl/private/lighttpd.pem"
  ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
  ssl.honor-cipher-order = "enable"
  server.document-root      = "/usr/local/ispconfig/interface/web"
}

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
plus these lighttpd modules enabled...

Code:
~ ls /etc/lighttpd/conf-enabled/* -1
/etc/lighttpd/conf-enabled/05-auth.conf@
/etc/lighttpd/conf-enabled/10-accesslog.conf@
/etc/lighttpd/conf-enabled/10-cgi.conf@
/etc/lighttpd/conf-enabled/10-expire.conf@
/etc/lighttpd/conf-enabled/50-phpmyadmin.conf@
And slightly related is I had an emergency where our main mailserver leaked spam via a compromised user account so to help some clients avoid the blacklisting I wanted to set up an alternate outgoing-only SMTP server. I got another even smaller 128Mb VPS (from RamNode with 3Gb SSD) and tried to install postfix but I am more familiar with courier-mta. I ended up using a SSH tunnel back to our main server 10,000 Km away for MySQL access, to avoid running MySQL with a lot of data locally, and to my surprise it came together after a couple of hours work and is currently using only 15Mb of ram!

I think my point is that if ISPConfig could work with SQLite then by using lighttpd+CGI and courier-mta/imap with perhaps MaraDNS then it would be possible to run a few dozen clients out of a $20/yr VPS. And the neat point about these ultra cheap VPS is that they obviously come with an IP and most hosting providers charge more than $20 per year (and up to double that) for just one extra IP!

Last edited by markc; 1st April 2013 at 11:35.
Reply With Quote
Sponsored Links
  #2  
Old 26th April 2013, 00:46
ressel ressel is offline
Senior Member
 
Join Date: Apr 2007
Location: Denmark
Posts: 128
Thanks: 18
Thanked 5 Times in 5 Posts
Default

Why did you install a webserver if it's only dns slave?
Reply With Quote
  #3  
Old 27th April 2013, 04:07
markc markc is offline
Member
 
Join Date: Dec 2012
Posts: 56
Thanks: 6
Thanked 9 Times in 9 Posts
 
Default

So I could add and manage the actual slave zones via ISPConfig.

I didn't want to MySQL replicate a huge amount of otherwise useless (to this server) database content and so far my tests with mirroring ISPConfig to other servers has not been very satisfactory. I'm still not clear on how to manage other servers from a single centralised instance of ISPConfig and I needed this particular slave server up and running asap and using lighttpd and its non-fast CGI module was the quickest path to get it all working on such a small VPS.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
User unknown in relay recipient table Taxick Installation/Configuration 12 9th April 2013 12:31
amavisd not running fbnewtz General 1 16th November 2012 08:12
Sending email issue lezelf Installation/Configuration 15 9th August 2011 11:20
ISPConfig 3 Installation - Postfix queue stuck andrew971218 Installation/Configuration 21 15th July 2011 14:42
amavis & ispconfig 3 yalex2000 Installation/Configuration 20 18th February 2010 17:02


All times are GMT +2. The time now is 23:14.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.