Part 2: Install Admin UI for Dns Safety
Note
If possible, always prefer to use the fully configured virtual appliance on your own VMware vSphere/ESXi or Microsoft Hyper-V infrastructure or in Microsoft Azure. Moving on to the new version of DNS Safety will be so much easier!
Having installed the core components of DNS Safety itself on Debian 11 or Raspberry PI we now continue with installation of Admin UI. Remember we are using the installation scripts from our GitHub repository (look for subfolder named ui.deb). Just run the scripts one by one as root.
Step 1. Install Apache
Admin UI for DNS Safety is built up using Python Django and requires Apache web server to run. Run bash 01_apache.sh in the console to install the requirements.
#!/bin/bash
# all web packages are installed as root
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# install pip3 and other python modules, ldap/sasl (we need it for python ldap module)
apt -y install python3-pip python3-dev libjpeg-dev zlib1g-dev \
libldap2-dev libsasl2-dev libssl-dev sudo dnsutils tmux libatlas-base-dev
# install django and all other modules
pip3 install django==4.1
pip3 install pytz
pip3 install tld
pip3 install requests
pip3 install pandas==1.4.2
pip3 install PyYAML
pip3 install PyOpenSSL
pip3 install psutil
# there are some bugs in Ubuntu 18 and Python3 environment concerning the LDAP module,
# so we fix them by removing obsolete ldap modules and reinstalling the correct one
pip3 uninstall ldap
pip3 uninstall ldap3
pip3 uninstall python-ldap
# ok this one is fine
pip3 install python-ldap
# install apache and mod_wsgi and some other useful programs
apt -y install apache2 libapache2-mod-wsgi-py3 htop mc
# install kerberos client libraries
export DEBIAN_FRONTEND=noninteractive
apt -y install krb5-user
Step 2. Install Admin UI
Run bash 02_ui.sh in the console to install the Admin UI package.
#!/bin/bash
# all packages are installed as root
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# default arc
MAJOR="1.0.0"
MINOR="7112"
ARCH="amd64"
# see if it is RPI or not?
cat /proc/cpuinfo | grep -m 1 ARMv7 > /dev/null 2>&1
if [ $? -eq 0 ]; then
ARCH="armhf"
fi
# default os
OSNAME="debian11"
if [ -f "/etc/lsb-release" ]; then
OSNAME="ubuntu20"
fi
# download
wget http://packages.diladele.com/dnssafety-ui/$MAJOR.$MINOR/$ARCH/release/$OSNAME/dnssafety-ui-$MAJOR.${MINOR}_$ARCH.deb
# install
dpkg --install dnssafety-ui-$MAJOR.${MINOR}_$ARCH.deb
# first relabel folder
chown -R daemon:daemon /opt/dnssafety-ui
# let UI of Dns Safety manage the network ONLY on amd64 based Debian 11 or Ubuntu 20, on RPI it is left as not managed
if [ "$ARCH" != "armhf" ]; then
sudo -u daemon python3 /opt/dnssafety-ui/var/console/utils.py --network=$OSNAME
fi
Note that on Raspberry PI the Admin UI is NOT managing the network settings!
Step 3. Integrate
Finally, to integrate Admin UI with Apache run bash 03_integrate.sh.
#!/bin/bash
# all packages are installed as root
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# the dsdnsd daemon will listen on ports 80, 443 for a 'access blocked page'
# so UI will be running on port 8000, it is already set so in
# /etc/apache2/sites-available/dnssafety-ui.conf but we also need to set
# apache to listen on port 8000 instead of port 80 (which is taken by dsdnsd)
sed -i 's/Listen 80/Listen 8000/g' /etc/apache2/ports.conf
# now integrate with apache
a2dissite 000-default
a2ensite dnssafety-ui
# and restart all daemons
service apache2 restart
# one more additional step on ubuntu
if [ -f "/etc/lsb-release" ]; then
# change cloud config to preserve hostname, otherwise our UI cannot set it
sed -i 's/preserve_hostname: false/preserve_hostname: true/g' /etc/cloud/cloud.cfg
fi
Reboot your server now to see that everything comes back to life correctly after it. After reboot, open your browser and navigate to the IP address of the server, you should see the login page of the UI. Note the Admin UI runs on port 8000!
