Denis Machard

My technical gists

Infrastructure background, developer mindset. I build things for pleasure.
    @github @mastodon @rss
    dnstap howto

    Installation guide of DNS-collector from binary

    This post details how to install the go-dnscollector tool with systemd.

    Installation

    Install go-dnscollector from binary

    Create some folders and user

    adduser -M dnscollector

mkdir /etc/dnscollector/
mkdir /var/run/dnscollector/

    Export the following variable to get the version you want to download

    export DNSCOLLECTOR_VERSION=v1.0.0

    Download the binary

    wget https://github.com/dmachard/go-dnscollector/releases/download/$(echo $DNSCOLLECTOR_VERSION)/go-dnscollector_$(echo $DNSCOLLECTOR_VERSION)_linux_amd64.tar.gz
tar xvf go-dnscollector_$(echo $DNSCOLLECTOR_VERSION)_linux_amd64.tar.gz
mv go-dnscollector /usr/bin/
mv config.yml /etc/dnscollector/config.yml.default

    Certificate

    Create a certificate. In this example we used a self-signed cert. Prefer to use an official TLS certificate according to your context.

    cd /etc/dnscollector/
openssl req -x509 -nodes -newkey rsa:2048 -keyout dnscollector.key -out dnscollector.crt

    Configuration

    Configure go-dnscollector

    touch /etc/dnscollector/config.yml

vim config.yml
trace:
  verbose: true

pipelines:
  - name: tap
    dnstap:
      listen-ip: 0.0.0.0
      listen-port: 6000
      tls-support: true
      cert-file: "/etc/dnscollector/dnscollector.crt"
      key-file: "/etc/dnscollector/dnscollector.key"
    routing-policy:
      forward: [ log ]

  - name: log
    logfile:
      file-path:  "/var/run/dnscollector/dnstap.log"
      max-size: 100
      max-files: 10
      mode: text

    Start

    Enable & Start stunnel. Configure your systemd service

    vim /usr/lib/systemd/system/dnscollector.service

[Unit]
Description=Go DnsCollector
Documentation=https://github.com/dmachard/go-dnscollector
Wants=network-online.target
After=network-online.target

[Service]
User=dnscollector
Group=dnscollector
ExecStart=/usr/bin/go-dnscollector --config /etc/dnscollector/config.yml
ExecStop=/usr/bin/pkill go-dnscollector
Type=simple

[Install]
WantedBy=multi-user.target

    Chown

    chown dnscollector:dnscollector -R /etc/dnscollector/
chown -R dnscollector:dnscollector /var/run/dnscollector/

    Enable and start the go-dnscollector service.

    systemctl enable --now dnscollector
systemctl restart dnscollector
    propulsed by hugo and hugo-theme-gists