The Hoof & Paw
DocsCategoriesTagsView the current conditions from the WolfspyreLabs WeatherstationToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage

Infrastructure

coredns-01.mgt.wolfspyre.io 198.18.42.53 coredns-02.dmz.wolfspyre.io 198.18.40.53 coredns-03.wolfspyre.com 192.0.2.53 coredns-04.kvm.wolfspyre.io 198.18.50.53

Systems

Specific setup

coredns user/group userid/gid

According to our local copy of users uids/gid across different flavors of unix, Gentoo is the only variant that’s assigned/reserved a UID/GID for Coredns. 312 Additionally Nothing of significance is using 312 in other variants! ERGO! 312 it is!

1
useradd --home-dir /home/coredns --uid 312 --create-home --system coredns --user-group --shell /sbin/nologin --comment "CoreDNS User"

Directories and files

/home/coredns /etc/coredns /usr/bin/coredns

install --group coredns --owner coredns --mode 0755 --verbose /usr/src/coredns/coredns /usr/bin/coredns is how we’ll install the binary / put it in place.

root@coredns-01:/usr/src/coredns# install --group coredns --owner coredns --mode 0755 --verbose /usr/src/coredns/coredns /usr/bin/coredns '/usr/src/coredns/coredns' -> '/usr/bin/coredns' root@coredns-01:/usr/src/coredns# ls -la /usr/bin/coredns -rwxr-xr-x 1 coredns coredns 48315952 Aug 24 01:22 /usr/bin/coredns

init files

Create the systemd init file

cat <<EOF> /usr/lib/systemd/system/coredns.service

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
[Unit]
Description=CoreDNS DNS server
Documentation=https://coredns.io
After=network.target

[Service]
PermissionsStartOnly=true
LimitNOFILE=1048576
LimitNPROC=512
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
User=coredns
WorkingDirectory=/home/coredns
ExecStart=/bin/bash -c '/usr/bin/coredns -conf=/etc/coredns/Corefile'
ExecReload=/bin/kill -SIGUSR1 $MAINPID
Restart=on-failure

[Install]
WantedBy=multi-user.target

Make it executable

chmod +x /usr/lib/systemd/system/coredns.service

enable and start the service

1
2
systemctl enable coredns
systemctl start coredns

of course, it won’t run yet:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
root@coredns-01:/usr/src/coredns# systemctl status coredns
● coredns.service - CoreDNS DNS server
     Loaded: loaded (/lib/systemd/system/coredns.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Wed 2022-08-24 01:26:20 UTC; 20s ago
       Docs: https://coredns.io
    Process: 67441 ExecStart=/bin/bash -c /usr/bin/coredns -conf=/etc/coredns/Corefile (code=exited, status=1/FAILURE)
   Main PID: 67441 (code=exited, status=1/FAILURE)

Aug 24 01:26:20 coredns-01 systemd[1]: coredns.service: Scheduled restart job, restart counter is at 5.
Aug 24 01:26:20 coredns-01 systemd[1]: Stopped CoreDNS DNS server.
Aug 24 01:26:20 coredns-01 systemd[1]: coredns.service: Start request repeated too quickly.
Aug 24 01:26:20 coredns-01 systemd[1]: coredns.service: Failed with result 'exit-code'.
Aug 24 01:26:20 coredns-01 systemd[1]: Failed to start CoreDNS DNS server.

because we’ve not created the config file! :)

Go on to the configure section and lets get some resolution going!