/**************************************************************************************************
DNS Master, a webbased frontend for PowerDNS
---------------------------------------------------------------------------------------------------
Support: info@systemdeveloper.nl
Sourceforge: https://sourceforge.net/projects/dmsmaster/
Author: SystemDeveloper.NL
Date: 2012-10-08
Version: 1.0
---------------------------------------------------------------------------------------------------
Copyrighted by SystemDeveloper.NL
**************************************************************************************************/
1. INSTALL
1.1 Download the sourcecode, gunzip, untar and place it in your webroot.
1.2 Edit /includes/database.class.php en change the database credentials to your own database you wish to use.
1.3 chmod the backup directory so apache can write to it. (chmod 660 of chmod 600). Please note that the backupdirectory needs to
be located 1 directory higher than the document root where the DNSMaster is installed.
1.4 Load the /install/dnsmaster.sql into your database. This will create the required tables and add the admin login (see also 1.5)
After installation you can delete this install directory.
1.5 Edit includes/base.class.php and change the encrypt key.
WARNING! After changing this key, your existing user passwords are NOT valid anymore, so they
won't be able to login. But, in the default setup you CAN login using user 'DNSMaster' and password 'DNSM4STER'.
This user is the only user that can login with a plain password AND can modify other users' passwords!!!
After you change the encryption key, use this DNSMaster user to alter/reset the admin password.
When ready, delete the DNSMaster user.
You're done!
2. Usage
2.1. Adding nameservers
You'll have to add some nameservers and assign them to template variabled e.g. %NS1%, %NS2% and %NS3%
2.2. Adding templates
New domains are based upon defined templates. In these templates you can use the following variables:
%DOMAIN% Replaced bij domainname
%NS1% Use %NS1%, %NS2% or as many as defined in 2.1
$IPV4% Replaced by IPv4 address when adding a new domain
$IPV6% Replaced by IPv6 address when adding a new domain
%SERIAL% Replaced by serial when adding a new domain (default YYYYMMDD01)
%TTL% Replaced by TTL when adding a new domain
2.3. Adding Domains
self explanatory
2.4. Adding Users
self explanatory
2.5. Reporting
Reporting simply uses some basic checks for each domain that belongs to a specific user (admin had access to all domains).
2.6. Backup / Restore
When a backup is made via System -> Backup, the system wil generate a SQL file with TRUNCATE <tables> and INSERT <data> statements of all tables
except the backup table itself. This is considered a FULL Backup.
When a user alters data (user, templates, domains) the system wil automatically backup the user, template/template_record or domain/records tables only.
You should take care when restoring these backups because THEY ARE NOT FULL BACKUPS!
When restoring backups you can select one of the 10 last backups. Selecting a full backup is safest as it will take care of all dependencies.
Selecting any other backup MIGHT FAIL because of depencies. e.g. You can not restore a backup of only users because the system doesn't allow you
to TRUNCATE the user table if the're still domains assigned to user. (Foreign key constraint).
Use these backups on your own risk or simple retrieve the required insert statements and insert them manually in the database.
Just for safety, the system wil make a full backup prior to any restore action.
3. Security
3.1. Groups
Users are assigned to group, but you can't change group through the frontend. You'll have to do this manuallt using a tool like phpMyAdmin.
A 'group' gets it's privileges through the 'group_perms' field. In this field you;ll find a list of the Ajax functions availeble in the system.
If a group e.g. has the following permissions: addDNS,modifyDNS,findDNS,deleteDNS,saveDNS,removeDNS,editDNS then users assigned in this group can
fully manage their domains.
If a group has access to the 'addUser' permission, the group user actually is considered an 'admin' user. This means the user e.g. can see all domains
instead only the domains assing to him. It's used like a global check to decide if the user can see 'admin' views or user 'views'.
Don't ask why ... it's like it is and will probably change in the future ;)
3.2. Input validation
There is none because these checks will eventually end up in a seprate class which hasn't been developed yet.