Atomia DynDNS Agent

Atomia DynDNS Agent

38 views 0

This manual describes how to install, set up, and use the Atomia DynDNS Agent that allows your customers to automatically point subdomains to their home computers.

Overview

The DynDNS agent allows your customers to automatically point subdomains to their home computers using the popular DynDNS protocol.

Installation

The DynDNS server must be installed on a linux machine. The preconditions are that the machine has access to Automation Server and Account API. The actual installation is done like this:

apt-get install atomia-dyndns

After that you need to change the config file /etc/dyndns.conf and configure there the urls to access Automation Server and Account API.

[Automation Server API]
api_url=https://automationserver.test.hetzner1.atomiademo.com/CoreAPIBasicAuth.svc?wsdl

[Account API]
api_url=https://accountapi.test.hetzner1.atomiademo.com/AtomiaAccountApiBasicAuth.svc?wsdl

The second part involves changing the /etc/dyndns-server.conf config file:

port=8245

The only thing that can be set there is the port. Last but not least the server needs to be restarted:

stop atomia-dyndns
start atomia-dyndns

Setting up SSL support

  1. SSL support is achieved through pound server, which is used to redirect and decrypt traffic. First thing you need is to have the SSL certificate and private key in PEM format.
    1. Export the certificate and private key from the Atomia application servers (usually it is the certificate starting with a star (*)). During export select the options “Include all certificates in the certification path” and “Export all extended properties”.
    2. Copy the certificate to the linux server.
    3. Convert the certificate using openssl pkcs12 -in star.pfx -out star.pem -nodes
  2. The next step is to set up the pound server. We first create a new user to run, secure the certificate and then install pound.
    adduser pound
    chown pound:pound /etc/pound/star.pem
    chmod 400 /etc/pound/star.pem
    apt-get install pound
    
  3. Then we change the /etc/pound/pound.cfg as follows:
    User            "pound"
    Group           "pound"
    
    LogLevel        1
    Alive           30
    Control "/var/run/pound/poundctl.socket"
    
    ListenHTTPS
            Address 0.0.0.0
            Cert "/etc/pound/star.pem"
            Port 443
    
            Service
                    BackEnd
                            Address 127.0.0.1
                            Port    8245
                    End
            End
    End
    
  4. The port 8245 correspends to the port above and 443 is the defaut SSL port. star.pem is our certificate file we create above. If listening on port 80 is also desired add the following section at the end of the file:
    ListenHTTP
            Address 0.0.0.0
            Port 80
    
            Service
                    BackEnd
                            Address 127.0.0.1
                            Port    8245
                    End
            End
    End
    
  5. Lastly the pond server needs to be activated. Just change the /etc/default/pound file:
    startup=1
    
  6. And then start the pound server:
    /etc/init.d/pound start
    

    This will cause the SSL support to work on top of the HTTP version already working on port 8245.

Was this helpful?