This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Need to install bind utils, no need for bind itself for signing | |
apt-get install bind9utils | |
#Create a zone file with the EXACT NAME as the domain! Let's assume its xx.com | |
#Note - we are using urandom to avoid the problem of not enough antropy. | |
#In real life this option should be ommited so random will be used instead | |
#Generate KSK for the xx.com zone: | |
dnssec-keygen -r /dev/urandom -f KSK xx.com | |
#Generate ZSK for the xx.com zone: | |
dnssec-keygen -r /dev/urandom xx.com | |
#open the zone file and include the 2 key files (KSK & ZSK) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#DNSSEC conf for BIND | |
#--------------------- | |
#Add the following conf to BIND conf file | |
#IMPORTANT - dnssec-validation has to be set to 'auto', setting to 'yes' doesn't work | |
sudo nano /etc/bind/named.conf.options | |
dnssec-enable yes; | |
dnssec-validation auto; | |
dnssec-lookaside auto; | |
// if you want to dynamically add zones add the following as well: | |
allow-new-zones yes; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//On an ubuntu machine (I used 16.04) | |
//On TRUSTED machine: | |
//=================== | |
//Install AtomiaDNS API server | |
//----------------------------- | |
sudo su | |
repo="$(wget -q -O - http://public.apt.atomia.com/setup.sh.shtml | sed s/%distcode/`lsb_release -c | awk '{ print $2 }'`/g)"; echo "$repo" | |
echo "$repo" | sh | |
apt-get install atomiadns-masterserver |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Install on an Ubuntu machine (I used 16.04) | |
sudo su | |
//Add the Atomia APT Repository: | |
wget -q -O - http://public.apt.atomia.com/setup.sh.shtml | sed s/%distcode/`lsb_release -c | awk '{ print $2 }'`/g | sh | |
//Install the database schema (will also install MySQL): | |
apt-get install atomiadns-powerdns-database | |
//Install perl and perl mysql driver | |
sudo apt-get install libcgi-session-perl | |
apt-get install libdbd-mysql-perl | |
//To configure the nameserver to sync zones from your Atomia DNS installation, add to /etc/atomiadns.conf: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl -w | |
package Atomia::DNS::PowerDNSDatabase; | |
use Moose; | |
use DBI; | |
use MIME::Base32; | |
use Digest::SHA qw(sha1); | |
use strict; | |
use warnings; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Install Apache httpd server | |
//--------------------------- | |
apt-get install apache2 | |
//verify it's configured OK | |
apache2ctl configtest | |
//Check httpd version and installed modules | |
apache2ctl -v | |
apache2ctl -M | |
//Installing PHP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//based on: https://serverfault.com/questions/549298/retrieving-an-rsa-key-from-a-running-instance-of-apache | |
//Setup | |
//------ | |
sudo apt-get install make | |
sudo apt install gcc | |
sudo apt-get install openssl | |
//make sure it's openssl 1.0.x and not 1.1.x, passe-partout doesn't support it | |
sudo apt-get install libssl-dev | |
//get passe-partout files: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//instructions are taken from: https://github.com/intel/linux-sgx | |
//Installing SGX driver: | |
//----------------------- | |
git clone https://github.com/intel/linux-sgx-driver.git | |
//Check if matching Kernel headers are installed: | |
dpkg-query -s linux-headers-$(uname -r) | |
//If not run: | |
sudo apt-get install linux-headers-$(uname -r) | |
//In order to build: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Download Java 8 JRE from oracle's site | |
//Download Eclipse Mars | |
http://www.eclipse.org/downloads/download.php?file=/technology/epp/downloads/release/mars/2/eclipse-cpp-mars-2-linux-gtk-x86_64.tar.gz&mirror_id=17 | |
//Changes in eclipse.ini: | |
//Change -Dosgi.requiredJavaVersion=1.7 to -Dosgi.requiredJavaVersion=1.8 | |
//Delete the line: -XX:MaxPermSize=256m | |
//Create eclipse.sh in eclipse dir with the following content (modify the JRE folder to match your own): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Installing aiakos server via docker compose: | |
//-------------------------------------------- | |
//prerequisites: make sure you have python 3.6 installed and pip3 & docker-compose installed | |
git clone https://gitlab.com/aiakos/aiakos | |
//modify the docker-compose.yml file: | |
//change this for all services: | |
DATABASE_URL=mysql://<docker container name of sql server>/accounts | |
//specifically for the 'accounts' service: | |
BASE_URL=http://<IP address of server, the way the user's browser can see it (not localhost)>:2121/ | |
//if you want to see Django errors nicely in the browser: |
OlderNewer