Revision [2133]

This is an old revision of fredregistry made by ChazzWolcott on 2010-05-12 12:01:25.

 

FRED Registry HOWTO


I will attempt explain how to correctly setup a server to run the FRED registry backend[0]. I will also briefy run over the basic usage off FRED. I would like to point out at this early stage that I am no expert in FRED. This howto is a complication of my notes I made while installing FRED. The sections on FRED's usage is only my limited expereince and their might be better ways to preform the operations I go through. The OS used in the howto is Debian lenny, but the instructions should fit other flavours.

Install required packages


FRED requires the system to have a number of install packages on the system, otherwise FRED will fail to compile or operate correctly.

On the system we issue the following command;
apt-get install apache2 postgresql gcc autoconf make bison build-essential libpq-dev omniidl4 omniidl4-python libomniorb4-dev libomnithread3-dev libdaemon-dev libboost-dev libboost-thread-dev libboost-date-time-dev libboost-program-options-dev libboost-regex-dev python-imaging python-reportlab tinyerp-server xsltproc apache2-threaded-dev liborbit2-dev libxml2-dev python-cherrypy3 python-simpletal python-omniorb2 omniidl4-python libapache2-mod-python omniorb4-nameserver omniorb4 python-clearsilver python-dnspython python-pygresql fpdns whois openssl libidn11 libidn11-dev python-trml2pdf ttf-freefont python-simplejson php5 sendmail

Answer any questions asked during install. If you're unsure of the answe, select the default option. To run FRED correctly it should be run as it's own user. Create a user called fred on your system. Ensure that the user belongs to the postgres group.

Install FRED


su into the fred account and issue;
wget http://fred.nic.cz/sources/fred-manager

When the download has completed, proceed to download and install FRED with the following commands;
chmod 755 fred-manager & ./fred-manager download & ./fred-manager install

Once fred-manager has compiled and installed all the components of FRED without any errors you may try and start it.
./fred-manager start


Add a TLD


To add a TLD to fred, the fred-admin command is used. Below is the script I use to add TLDs;
#!/bin/sh
ADMCMD="/srv/fred/root/sbin/fred-admin"
	$ADMCMD --zone_add \
	   --zone_fqdn=$1 \
	   --ex_period_min=12 \
	   --ex_period_max=120 \
	   --ttl=18000 \
	   --hostmaster=$2 \
	   --refresh=10600 \
	   --update_retr=3600 \
	   --expiry=1209600 \
	   --minimum=7200 \
	   --ns_fqdn=$3


Below is the script I use to add an extra NS to a TLD;
#!/bin/sh
ADMCMD=/srv/fred/root/sbin/fred-admin
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=$1 --ns_fqdn=ns1.opennic.glue
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=free --ns_fqdn=ns2.opennic.glue
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=free --ns_fqdn=ns5.opennic.glue
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=free --ns_fqdn=ns6.opennic.glue
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=free --ns_fqdn=ns7.opennic.glue
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=free --ns_fqdn=ns21.opennic.glue
	$ADMCMD --zone_ns_add \
	    --zone_fqdn=free --ns_fqdn=ns21.opennic.glue


Add a registrar


In order to registra domains in the TLD just created, a registrar needs to be added to the system, given the correct permissions and an SSL cert needs to be created.

To add a user, use the script below;
#!/bin/sh
ADMCMD=/srv/fred/root/sbin/fred-admin
	$ADMCMD --registrar_add \
	    --handle=jdcomputers \
	    --country=AU \
	    --organization="JD Computers" \
	    --reg_name="JD Computers" \
	    --url=www.jdcomputers.com.au


Now the following script gives the registrar permissions to add domains to a TLD;
#!/bin/sh
ADMCMD="/srv/fred/root/sbin/fred-admin"
	$ADMCMD --registrar_add_zone \
	    --zone_fqdn=free --handle=jdcomputers \
	    --from_date="2009-09-11"


To enable the new user to login, an SSL cert needs to created and its MD5 fingerprint placed into the FRED system. The following will create the cert and key;
openssl req -new -x509 -extensions v3_ca -keyout userkey.pem -out usercert.pem -days 3650 -config /etc/ssl/openssl.cnf


To complete adding the new user, the MD5 fingerprint and users password needs to be entered into FRED. The following script will do this;
#!/bin/sh
MD5=`openssl x509 -noout -fingerprint -md5 -in $1 | awk -F'=' '{ print $2 }'`
HANDLE=$2
PASSWD=$3
ADMCMD=/srv/fred/root/sbin/fred-admin
	$ADMCMD --registrar_acl_add \
	    --handle=$2 \
	    --certificate=$MD5 \
	    --password=$3


Using the QT FRED client


On your Linux desktop of choice, download the FRED client package. The location of it is http:<fred-server-name>:22354/fred-client-2.1.4.zip. If the URL does not work[1], double check FRED is running. Unzip the downloaded package into your home dir. Then issue the following commands inside the unzipped archive;
python ./setup.py build & python ./setup.py install


The config file for the client lives in ./fred-client-2.1.4/data_files/conf/fred/fred-client.conf. The SSL certs live in ./fred-client-2.1.4/ssl/. To setup fred modify thhe following lines in fred-client.conf;
[...]
[connect]
dir=/home/julian/fred-client-2.1.4/ssl
host = <fred-server-name>
port = 22351
ssl_cert = %(dir)s/test-cert.pem
ssl_key  = %(dir)s/test-key.pem
username = jdcomputers
password = <password>
[...]


Once done you can start either the CLI or QT version of the client. In this howto we will use the QT version. To start it issue;
./fred-client-2.1.4fred-client-qt4.pyw

You will know if it worked as next to status it will say "ONLINE: username@fredserver".



0 - http://fred.nic.cz
1 - Troubleshooting is out of scope for this howto

This howto needs more refinement I think. I am not the best at writting this kind of documentation. If you see a problem, feel free to fix it. Remember to leave descriptive notes when saving your edits.



There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki