Skip to main content

PowerDNS Authoritative

This playbook provisions NetActuate virtual servers and configures them as PowerDNS authoritative nameservers. Use this for hosting your own authoritative DNS infrastructure across multiple NetActuate locations.

Provisioning Playbook

---
- hosts: localhost
  connection: local
  gather_facts: false

  vars:
    api_key: "{{ lookup('env', 'NETACTUATE_API_KEY') }}"
    dns_plan: "VR2048x2x40"
    dns_image: "ubuntu-24.04"
    dns_locations:
      - ashburn
      - amsterdam
      - tokyo

  tasks:
    - name: Create PowerDNS servers
      netactuate.cloud.server:
        api_key: "{{ api_key }}"
        hostname: "pdns-auth-{{ item }}"
        plan: "{{ dns_plan }}"
        location: "{{ item }}"
        image: "{{ dns_image }}"
        state: present
      loop: "{{ dns_locations }}"
      register: dns_servers

    - name: Add servers to in-memory inventory
      add_host:
        name: "{{ item.ip_address }}"
        groups: pdns_servers
      loop: "{{ dns_servers.results }}"

Configuration Playbook

---
- hosts: pdns_servers
  become: true
  gather_facts: true

  vars:
    pdns_api_key: "{{ lookup('env', 'PDNS_API_KEY') }}"
    pdns_version: "4.8"

  tasks:
    - name: Install PowerDNS repository
      apt:
        name: apt-transport-https
        state: present
        update_cache: true

    - name: Install PowerDNS Authoritative Server
      apt:
        name:
          - pdns-server
          - pdns-backend-pgsql
        state: present

    - name: Install PostgreSQL
      apt:
        name:
          - postgresql
          - postgresql-client
          - python3-psycopg2
        state: present

    - name: Create PowerDNS database
      become_user: postgres
      postgresql_db:
        name: pdns
        state: present

    - name: Create PowerDNS database user
      become_user: postgres
      postgresql_user:
        db: pdns
        name: pdns
        password: "{{ pdns_db_password }}"
        priv: ALL

    - name: Initialize PowerDNS schema
      become_user: postgres
      command: psql -d pdns -f /usr/share/doc/pdns-backend-pgsql/schema.pgsql.sql
      args:
        creates: /etc/pdns/schema_initialized

    - name: Mark schema as initialized
      file:
        path: /etc/pdns/schema_initialized
        state: touch

    - name: Configure PowerDNS
      copy:
        dest: /etc/pdns/pdns.conf
        content: |
          setuid=pdns
          setgid=pdns
          launch=gpgsql
          gpgsql-host=127.0.0.1
          gpgsql-dbname=pdns
          gpgsql-user=pdns
          gpgsql-password={{ pdns_db_password }}

          api=yes
          api-key={{ pdns_api_key }}
          webserver=yes
          webserver-address=0.0.0.0
          webserver-port=8081
          webserver-allow-from=0.0.0.0/0

          local-address=0.0.0.0
          local-port=53

          default-soa-content=ns1.example.com hostmaster.example.com 0 10800 3600 604800 3600
          default-ttl=3600
        mode: "0600"
        owner: pdns
        group: pdns
      notify: Restart PowerDNS

    - name: Start and enable PowerDNS
      systemd:
        name: pdns
        state: started
        enabled: true

  handlers:
    - name: Restart PowerDNS
      systemd:
        name: pdns
        state: restarted

Adding Zones

After deployment, use the PowerDNS API to add zones:

curl -X POST http://pdns-server:8081/api/v1/servers/localhost/zones \
  -H "X-API-Key: YOUR_PDNS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "example.com.",
    "kind": "Native",
    "nameservers": [
      "ns1.example.com.",
      "ns2.example.com."
    ]
  }'

Multi-Location DNS

Deploying PowerDNS across multiple NetActuate locations provides:

  • Geographic redundancy for your DNS infrastructure
  • Lower latency for DNS queries from different regions
  • High availability if one location becomes unreachable

Combine this setup with NetActuate anycast to advertise a single IP for your nameservers across all locations.

Need Help?

If you need assistance deploying PowerDNS, visit our support page.