Denis Machard

My technical gists

Infrastructure architect by profession but always consider himself as a developer and an open source enthusiast.
@github @mastodon @rss
dnstap howto

Installation guide of DNS-collector from binary

This post details how to install the go-dnscollector tool with systemd.

Installation

Install go-dnscollector from binary

Create some folders and user

adduser -M dnscollector

mkdir /etc/dnscollector/
mkdir /var/run/dnscollector/

Export the following variable to get the version you want to download

export DNSCOLLECTOR_VERSION=v1.0.0

Download the binary

wget https://github.com/dmachard/go-dnscollector/releases/download/$(echo $DNSCOLLECTOR_VERSION)/go-dnscollector_$(echo $DNSCOLLECTOR_VERSION)_linux_amd64.tar.gz
tar xvf go-dnscollector_$(echo $DNSCOLLECTOR_VERSION)_linux_amd64.tar.gz
mv go-dnscollector /usr/bin/
mv config.yml /etc/dnscollector/config.yml.default

Certificate

Create a certificate. In this example we used a self-signed cert. Prefer to use an official TLS certificate according to your context.

cd /etc/dnscollector/
openssl req -x509 -nodes -newkey rsa:2048 -keyout dnscollector.key -out dnscollector.crt

Configuration

Configure go-dnscollector

touch /etc/dnscollector/config.yml

vim config.yml
trace:
  verbose: true

pipelines:
  - name: tap
    dnstap:
      listen-ip: 0.0.0.0
      listen-port: 6000
      tls-support: true
      cert-file: "/etc/dnscollector/dnscollector.crt"
      key-file: "/etc/dnscollector/dnscollector.key"
    routing-policy:
      forward: [ log ]

  - name: log
    logfile:
      file-path:  "/var/run/dnscollector/dnstap.log"
      max-size: 100
      max-files: 10
      mode: text

Start

Enable & Start stunnel. Configure your systemd service

vim /usr/lib/systemd/system/dnscollector.service

[Unit]
Description=Go DnsCollector
Documentation=https://github.com/dmachard/go-dnscollector
Wants=network-online.target
After=network-online.target

[Service]
User=dnscollector
Group=dnscollector
ExecStart=/usr/bin/go-dnscollector --config /etc/dnscollector/config.yml
ExecStop=/usr/bin/pkill go-dnscollector
Type=simple

[Install]
WantedBy=multi-user.target

Chown

chown dnscollector:dnscollector -R /etc/dnscollector/
chown -R dnscollector:dnscollector /var/run/dnscollector/

Enable and start the go-dnscollector service.

systemctl enable --now dnscollector
systemctl restart dnscollector
propulsed by hugo and hugo-theme-gists