Skip to content

Instantly share code, notes, and snippets.

@guiyomh

guiyomh/provision-vagrant-bind-proxy.sh

Created January 26, 2016 13:29
Show Gist options
  • Save guiyomh/fa7649ab82b73ca6aee2 to your computer and use it in GitHub Desktop.
Save guiyomh/fa7649ab82b73ca6aee2 to your computer and use it in GitHub Desktop.
Download ZIP
Configure a local DNS and a local proxy for resolve local vhost on Centos7
Raw
provision-vagrant-bind-proxy.sh
#!/usr/bin/env bash
# @see https://mondedie.fr/viewtopic.php?id=5946
# @see https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-centos-7
echo -e "\n--- Installing DNS ---\n"
yum -y install bind bind-utils > /dev/null 2>&1
cp /etc/named.conf /etc/named.conf.ori
sed -i "s/dnssec-validation.*/dnssec-validation auto;/" /etc/named.conf
cat <<EOF | sudo tee -a /etc/named.trusted
acl "trusted" {
192.168.56.11; # ns1 - can be set to localhost
127.0.0.1; # ns2
};
EOF
chgrp named /etc/named.trusted
echo 'include "/etc/named.trusted";' >> /etc/named.conf
sed -i "s/listen-on port.*/listen-on port 53 { 127.0.0.1; 192.168.56.11; };/" /etc/named.conf
sed -i "s/allow-query.*/allow-query { trusted; };/" /etc/named.conf
sed -i -E "s@(allow-query .+)@\1\n\tallow-transfer { none; };@g" /etc/named.conf
sed -i -E "s@(allow-transfer .+)@\1\n\tallow-update { none; };@g" /etc/named.conf
cat <<EOF | sudo tee -a /etc/named/named.conf.local
zone "example.dev" IN {
# Zone de type maître
type master;
# Fichier de zone
file "/etc/named/zones/db.example.dev";
# On n'autorise pas le transfert de la zone aux serveurs DNS secondaires
allow-transfer { none; };
# On autorise tout le monde à envoyer des requêtes vers cette zone
allow-query { trusted; };
# Prévenir les serveurs DNS secondaires qu'un changement a été effectué dans la zone maître
notify no;
};
EOF
echo 'include "/etc/named/named.conf.local";' >> /etc/named.conf
chgrp named /etc/named/named.conf.local
mkdir -p /etc/named/zones
chgrp named /etc/named/zones
cat <<EOF | sudo tee -a /etc/named/zones/db.example.dev
; ZONE : example.dev
; ------------------------------------------------------------------
\$TTL 7200
@ IN SOA ns1.example.dev. hostmaster.example.dev. (
1601261133 ; Serial YYmmddHHMM
14400 ; Refresh
3600 ; Retry
1209600 ; Expire - 1 week
86400 ) ; Minimum
; NAMESERVERS - NS records
@ IN NS ns1.example.dev.
; Enregistrements A/AAAA
@ IN A 192.168.56.11
ariane-dev IN A 192.168.56.11
ns1 IN A 192.168.56.11
; Sous-domaines - Serveur web
ariane IN CNAME ariane-dev
back IN CNAME ariane-dev
core IN CNAME ariane-dev
EOF
chgrp named /etc/named/zones/db.example.dev
echo -e "->verification DNS"
named-checkzone example.dev /etc/named/zones/db.example.dev
echo -e "->Démarrage du service DNS"
systemctl start named
systemctl enable named
echo -e "\n--- Installing Proxy ---\n"
yum -y install tinyproxy > /dev/null 2>&1
cp /etc/tinyproxy/tinyproxy.conf /etc/tinyproxy/tinyproxy.conf.ori
sed -i 's/ViaProxyName.*/ViaProxyName "my-dev-proxy"/' /etc/tinyproxy/tinyproxy.conf
sed -i "s@Allow 127.0.0.1@Allow 127.0.0.1\nAllow 192.168.56.0/30@" /etc/tinyproxy/tinyproxy.conf
echo -e "->Démarrage du proxy"
systemctl start tinyproxy
systemctl enable tinyproxy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment