Docker image for PowerDNS Admin.
Provides full database configuration, salt generation, configuration management, and so on...
PowerDNS Admin is a PowerDNS web interface with monitoring and administration features.
https://hub.docker.com/r/monogramm/docker-powerdns-admin/
master
latest
0.2
This image is based on the official ngoduykhanh/PowerDNS-Admin repository. It is inspired from PowerDNS-Admin and ixpict/powerdns-admin-pgsql.
This image does not contain the database for PowerDNS Admin. You need to use either an existing database or a database container.
You can use the sample docker-compose:
- update the
image
fields by themonogramm/docker-powerdns-admin:master
- create the
.env
with your properties - run
docker-compose up -d
The PowerDNS Admin image supports auto configuration via environment variables.
Examples:
-
Postgresql (default)
PDA_DB_USER=pdnsadmin PDA_DB_PASSWORD= PDA_DB_TYPE=postgresql PDA_DB_HOST=postgresql PDA_DB_PORT=5432 PDA_DB_NAME=pdnsadmin SQLALCHEMY_TRACK_MODIFICATIONS=True
-
MySQL / MariaDB
PDA_DB_USER=pdnsadmin PDA_DB_PASSWORD=somethingverysecure PDA_DB_TYPE=mysql PDA_DB_HOST=mysql PDA_DB_PORT=5432 PDA_DB_NAME=pdnsadmin SQLALCHEMY_TRACK_MODIFICATIONS=True
-
SQLite
PDA_DB_USER=pdnsadmin PDA_DB_PASSWORD=somethingverysecure PDA_DB_TYPE=sqlite PDA_DB_NAME=pdnsadmin SQLALCHEMY_TRACK_MODIFICATIONS=True
Examples:
-
Default
GUNICORN_TIMEOUT=120 GUNICORN_WORKERS=4 GUNICORN_LOGLEVEL=info BIND_ADDRESS=0.0.0.0 PORT=9191
-
SSL (you need to provide certificates yourself)
GUNICORN_TIMEOUT=120 GUNICORN_WORKERS=4 GUNICORN_LOGLEVEL=warn GUNICORN_CERTFILE=/etc/letsencrypt/live/my.domain.com/fullchain.pem GUNICORN_KEYFILE=/etc/letsencrypt/live/my.domain.com/privkey.pem BIND_ADDRESS=0.0.0.0 PORT=443
Example:
-
Default
PDNS_PROTO=http PDNS_HOST=localhost PDNS_PORT=8081
-
SSL
PDNS_PROTO=https PDNS_HOST=powerdns PDNS_PORT=8081
-
Manual (see PowerDNS Admin settings)
PDNS_API_URL=<https://powerdns:8081/api/v1>
-
Example:
SECRET_KEY=somethingreallysecureornothingtogeneraterandomsecret TIMEOUT=5 LOG_LEVEL=WARN LOG_FILE=pdnsadmin.log SALT=somethingsecureornothingtogeneraterandomsalt
SECRET_KEY
and SALT
will be randomly generated on startup and kept in config if left empty.
-
Disabled by default, SAML can be configured with the following properties:
SAML_ENABLED SAML_DEBUG SAML_PATH SAML_METADATA_URL SAML_METADATA_CACHE_LIFETIME SAML_IDP_SSO_BINDING SAML_IDP_ENTITY_ID SAML_NAMEID_FORMAT SAML_ATTRIBUTE_EMAIL SAML_ATTRIBUTE_GIVENNAME SAML_ATTRIBUTE_SURNAME SAML_ATTRIBUTE_NAME SAML_ATTRIBUTE_USERNAME SAML_ATTRIBUTE_ADMIN SAML_ATTRIBUTE_GROUP SAML_GROUP_ADMIN_NAME SAML_GROUP_TO_ACCOUNT_MAPPING SAML_ATTRIBUTE_ACCOUNT SAML_SP_ENTITY_ID SAML_SP_CONTACT_NAME SAML_SP_CONTACT_MAIL SAML_SIGN_REQUEST SAML_WANT_MESSAGE_SIGNED SAML_LOGOUT SAML_LOGOUT_URL
See docker-config_template.py
for details.
Disabled by default, you can enable creation of a default admin user by setting ADMIN_USERNAME
, ADMIN_PASSWORD
and ADMIN_EMAIL
.
The user will only be created for a new instance of PowerDNS Admin!
-
Example configuration:
ADMIN_USERNAME=admin ADMIN_PASSWORD=somethingverysecure ADMIN_FIRSTNAME=PowerDNS ADMIN_LASTNAME=Admin ADMIN_EMAIL=admin@my.domain.com
The container can initialize its settings through environment variables. The settings will only be created for a new instance of PowerDNS Admin!
-
Settings available:
MAINTENANCE FULLSCREEN_LAYOUT RECORD_HELPER LOGIN_LDAP_FIRST DEFAULT_RECORD_TABLE_SIZE DEFAULT_DOMAIN_TABLE_SIZE AUTO_PTR RECORD_QUICK_EDIT PRETTY_IPV6_PTR DNSSEC_ADMINS_ONLY ALLOW_USER_CREATE_DOMAIN BG_DOMAIN_UPDATES SITE_NAME SESSION_TIMEOUT PDNS_API_URL PDNS_API_KEY PDNS_VERSION LOCAL_DB_ENABLED SIGNUP_ENABLED LDAP_ENABLED LDAP_TYPE LDAP_URI LDAP_BASE_DN LDAP_ADMIN_USERNAME LDAP_ADMIN_PASSWORD LDAP_FILTER_BASIC LDAP_FILTER_USERNAME LDAP_SG_ENABLED LDAP_ADMIN_GROUP LDAP_OPERATOR_GROUP LDAP_USER_GROUP LDAP_DOMAIN GITHUB_OAUTH_ENABLED GITHUB_OAUTH_KEY GITHUB_OAUTH_SECRET GITHUB_OAUTH_SCOPE GITHUB_OAUTH_API_URL GITHUB_OAUTH_TOKEN_URL GITHUB_OAUTH_AUTHORIZE_URL GOOGLE_OAUTH_ENABLED GOOGLE_OAUTH_CLIENT_ID GOOGLE_OAUTH_CLIENT_SECRET GOOGLE_TOKEN_URL GOOGLE_OAUTH_SCOPE GOOGLE_AUTHORIZE_URL GOOGLE_BASE_URL OIDC_OAUTH_ENABLED OIDC_OAUTH_KEY OIDC_OAUTH_SECRET OIDC_OAUTH_SCOPE OIDC_OAUTH_API_URL OIDC_OAUTH_TOKEN_URL OIDC_OAUTH_AUTHORIZE_URL FORWARD_RECORDS_ALLOW_EDIT REVERSE_RECORDS_ALLOW_EDIT TTL_OPTION
If you got any questions or problems using the image, please visit our Github Repository and write an issue.