Select Page

Configuration requirements:

To successfully install and use cPanel DNSOnly, your system must meet the following requirements:

  • A fresh centos 8 required.
  • Your server must allow traffic on ports 53, 953, and 2087.
  • If you want the server to send email notifications, you must allow traffic on port 25.
  • If your DNS cluster will include domains that use DNSSEC, all of the cluster’s servers must run PowerDNS.
copy and past the code in your terminal.
su –

 

yum update && yum upgrade -y

 

# Set email

 

HOSTNAME=yourhostname
DOMAINNAME=yourdomain
ADMIN_EMAIL=adminemail
MAILTO=$ADMIN_EMAIL
PHP_VERSION=7.4
PHP_VERSION_SHORT=74
PHP_DEBUG_IP=“yourdebugip”
TIME_ZONE=“America/Los_Angeles”
echo 
# Kernel domain name
kernel.domainname=`echo $DOMAINNAME`” >> /etc/sysctl.conf

 

echo -e “127.0.0.1\t`echo $HOSTNAME`.`echo $DOMAINNAME` `echo $HOSTNAME`” >> /etc/hosts
echo -e “::1\t`echo $HOSTNAME`.`echo $DOMAINNAME` `echo $HOSTNAME`” >> /etc/hosts
hostnamectl set-hostname $HOSTNAME.$DOMAINNAME
echo “HOSTNAME=\”$HOSTNAME.$DOMAINNAME\”” >> /etc/sysconfig/network
sysctl -p /etc/sysctl.conf

 

################################
# YUM Auto Update and rollback #
################################

 

echo ‘tsflags=repackage’ >> /etc/yum.conf
echo ‘%_repackage_all_erasures 1’ >> /etc/rpm/macros
mkdir -p /var/spool/repackage

 

echo ‘#!/bin/sh
yum update -y’ > /etc/yum_auto_update.sh

 

# HOW TO RESTORE:
# yum history
# yum history undo ID
# rpm -Uvh �rollback ‘3 hours ago’
# rpm -Uvh �rollback ‘august 13’
# rpm -Uvh �rollback ‘yesterday’

 

# Time zone:
ln -sf /usr/share/zoneinfo/$TIME_ZONE /etc/localtime

 

#######################################################
#   Disable iptables at boot time and in process      #
#######################################################
systemctl disable iptables
service iptables stop
iptables-save > /tmp/iptables.txt
iptables-restore < /tmp/iptables.txt

 

# security precautions
# crond security to disable all users to run crond
echo ALL >>/etc/cron.deny

 

#disable IPv6
echo -e “NETWORKING_IPV6=no\nIPV6INIT=no” >>  /etc/sysconfig/network

 

#check if there is a user without password (empty password)
# cat /etc/shadow | awk -F: ‘($2==””){print $1}’

 

sed -i ‘s/#UseDNS yes/UseDNS no/g’ /etc/ssh/sshd_config
mkdir ~/.ssh
echo ‘GSSAPIAuthentication no’ > ~/.ssh/ssh_config

 

## add below lines to 
echo -e “root\tsoft\tnofile\t120000
root\thard\tnofile\t300000
mysql\tsoft\tnofile\t120000
mysql\thard\tnofile\t300000
apache\tsoft\tnofile\t120000
apache\thard\tnofile\t300000″ >> /etc/security/limits.conf

 

## exclude indonesia’s repositories
echo ‘exclude=.uk, .id, .ir, .cn, .th, .vn ‘ >> /etc/yum/pluginconf.d/fastestmirror.conf
echo ‘exclude=.netonboard.com’ >> /etc/yum/pluginconf.d/fastestmirror.conf
echo 
# by default MAILTO is unset, so crond mails the output by itself
# example:  MAILTO=root
MAILTO=`echo $ADMIN_EMAIL`

 

YUM_PARAMETER=\”-x kernel* -x php*\”
 >> /etc/sysconfig/yum-cron

 

################################
#   Adjust TCP Max Port        #
################################

 

# Maximal number of remembered connection requests, which still 
# did not receive an acknowledgement from connecting client.
# The default value is 1024 for systems with more than 128 MB of memory,
# and 128 for low memory machines. If server suffers of overload, try to
# increase this number.

 

echo “15000” >/proc/sys/net/ipv4/tcp_max_syn_backlog

 

## setup high volume file access mode
ulimit -n 131070

 

## Disable SELinux
echo 0 >  /sys/fs/selinux/enforce
setenforce 0
sed -i ‘s/^SELINUX=enforcing/SELINUX=disabled/’ /etc/selinux/config

 

# Centos 7
sudo yum install epel-release wget -y
# ******************* #
# *** PASTE BREAK *** #
# ******************* #

 

################################
#   Add Repositories           #
################################

 

#################################
#         VMWare Tools          #
#################################
echo ‘[vmware-tools]
name = VMware Tools
baseurl = https://packages.vmware.com/packages/rhel7/x86_64/
enabled = 1
gpgcheck = 1′ > /etc/yum.repos.d/vmware-tools.repo

 

yum upgrade

 

cd /usr/src/
wget  http://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
wget https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
rpm –import VMWARE-PACKAGING-GPG-RSA-KEY.pub
yum clean all
sudo yum install open-vm-tools open-vm-tools-devel -y ;\
systemctl enable vmtoolsd.service ; systemctl start vmtoolsd.service
# ******************* #
# *** PASTE BREAK *** #
# ******************* #

 

##########################################
#      How to Disable Network Manager    #
##########################################
#Last modified: August 7, 2019
#Overview
#This document describes how to disable the Network Manager service.
#The Network Manager service automates the network’s settings and disrupts connections to the 
#IP addresses that reside in the ipaliases module.
#Warning:
#You must disable the Network Manager service and enable the network.
#service service before you install cPanel & WHM.
#For more information about how to disable the Network Manager service,
# read RedHat’s Disabling Network Manager documentation.

 

#Warning:
#cPanel, L.L.C. does not support the Network Manager service.
#Exercise extreme caution when you disable the Network Manager. 
#Your server may lose its network services if you do not disable Network Manager correctly.
#Disable the Network Manager service
#To disable the Network Manager service, perform the following steps:

 

#Disable Network Manager with the following commands:

 

# CentOS 6, CloudLinux 6, Red Hat Enterprise Linux 6 (RHEL), or Amazon Linux:
# #
# service NetworkManager stop
#   chkconfig NetworkManager off  
# #

 

# CentOS 7, CloudLinux 7, or RHEL 7:

 

systemctl stop NetworkManager
systemctl disable NetworkManager 

 

#Change to the /etc/sysconfig/network-scripts directory.

 

#Open the ifcfg-eth0 and ifcfg-lo files with your preferred text editor and, 
#if they exist, set the following keys’ values:

 

NM_CONTROLLED=no
ONBOOT=yes
Important:

 

#If either of these keys does not exist in your ifcfg-eth0 and ifcfg-lo files, 
#do not add it. Instead, proceed to Step 4.
#Run the following commands to restart the network:

 

CentOS 7, CloudLinux 7, or RHEL 7:
#
systemctl enable network.service
systemctl start network.service
#
##########################################
#           Install cPanel DNSOnly       #
##########################################
#To install cPanel DNSOnly, perform the following steps:
#To open the /home directory, run the following command:

 

cd /home
#To fetch the latest installation files from cPanel’s servers, run the following command:

 

curl -o latest-dnsonly -L https://securedownloads.cpanel.net/latest-dnsonly
#To open and execute the installation files, run the following command:

 

sh latest-dnsonly

Access cPanel DNSOnly

To access the cPanel DNSOnly interface, perform the following steps:

  • Navigate to https://IP:2087 in your preferred browser.
  • Enter root in the Username text box.

  • Enter your password in the Password text box.

  • Click Log in.

 

Connect WHM with DNSonly

Login to your whm and search for dns cluster in search box

Global dns option should be enabled if not click enable and click click add a new server to cluster type cpanel

Type your DNSonly username and password.

dnsonly-login

Now, click on Generate Token.

You successfully created the API token “ns1example”.

Copy the following token to a safe place: 8237492398xxxxxtest

For more information about how to use this token to make API calls, read our Developer Documentation.

Copy the token and go back to your whm