eigenLab Anycast DNS infrastructure
TODO overview
Configure your Gentoo server as eigenLab internal anycast DNS
DISCLAIMER
Read this guide critically! Do not copy/paste commands you find here without understanding what they means ( look for their mean on their man or your preferred web search )!! If you use this guide without understanding you can make your server inaccessible via SSH !!
Create eigendns user on your server
useradd eigendns passwd eigendns # this password is not used for login as password login should be disabled on your server via SSH mkdir /home/eigendns layman -S layman -a eigenlay emerge -vq net-dns/bind emerge -vq app-crypt/monkeysphere # You will need to unlock ** keywords for 9999 version usermod -a -G named eigendns chown -R named:named /etc/bind chmod -R 771 /etc/bind monkeysphere-authentication add-identity-certifier $YOUR_PGP_FINGEPRINT_GOES_HERE mkdir /home/eigendns/.monkeysphere echo 'EigenLab DNS Updater <info@eigenlab.org>' > /home/eigendns/.monkeysphere/authorized_user_ids # edit SSH server config do this by and not with this line ## echo 'AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u' >> /etc/ssh/sshd_config /etc/init.d/sshd restart monkeysphere-authentication update-users # If you have a cron daemon this is very useful echo "0 * * * * root monkeysphere-authentication update-users" >> /etc/crontab chmod -R 755 /home/eigendns chown -R eigendns:eigendns /home/eigendns emerge -vq app-admin/sudo echo 'eigendns ALL= (root) NOPASSWD: /etc/init.d/named restart' >> /etc/sudoers