I’ve just set up MIAB and am duly impressed. Superb piece of work.
As I’ve gone along though, I’ve run into an issue I can’t get my mind around: I have an existing machine (let’s call IP address IP1) on which I already run various web servers, JIRA, etc. I’ve set up MIAB on a new VM (hosted on Linode) with IP2. Both machines are running fine. However, if I change my domain registrar (GoDaddy) so that NS1 and NS2 for my domain point to the MIAB box, then I can’t figure out how to manage existing domain names.
Perhaps an example will make it clearer:
Assume my existing domain is MYDOMAIN. On GoDaddy I have an A record pointing MYDOMAIN -> “primary” Linode server. Then I have a few CNAME entries (such as www, jira, etc.) that point to the same server, and multiple NGINX site configurations that respond appropriately based on hostname (e.g. jira.mydomain vs www.mydomain).
Now, I have a new machine—let’s call it mail.MYDOMAIN, running as a new VM on Linode. In my domain registrar, I have set up an A record pointing to mail.MYDOMAIN, and installed MIAB per instructions on that box. I have also added two “hostname” entries—that seems to be what GoDaddy uses for glue records—ns1.mail.MYDOMAIN and ns2.mail.MYDOMAIN pointing to IP2.
If I change my DNS registrar’s nameservers to be ns1.mail.MYDOMAIN and ns2.mail.MYDOMAIN, then how/where do I configure other top-level entries (such as newwebsite.MYDOMAIN, say)?
Now that ns1.mail.MYDOMAIN (which is the MIAB box) is my authoritative nameserver, I’m guessing that I need to define new DNS entries in my domain in /etc/nsd/*.conf somewhere.
If I do that—which looks complicated—will my changes be preserved if I reconfigure / update MIAB?
I think I figured it out—or, at least, got to working state. I added a new zone file in /etc/nsd/zones and updated /etc/nsd/zones.conf to refer to the new zone file. After restarting nsd everything seems good.
GoDaddy’s DNS page now says “We can’t display your DNS information because your nameservers aren’t managed by us.”, which makes sense, since my MIAB box is now the authoritative DNS server for my entire domain—including the older machine with www, jira, etc running on it.
The question of what will happen if I reconfigure MIAB is still open, but I have /etc checked into Git now, and so will try it out and see.
Seem to be replying to myself here, but for anyone else who might wonder what happens to /etc/nsd/zones.conf after rerunning mailinabox, it’s overwritten. Thanks to Git, however, I can revert just that one file and still have my new zone in place.
MiaB is intended to be a very simple mail server from a setup perspective. To perform this duty, any measure of customization can end up being problematic for the administrator of the server. So, be prepared for additional breakage and downtime of the server on future updates.
Personally, I do not use MiaB as a DNS server for domains performing other duties, because it is simply not reliable enough.
I have a domain that is exclusively used for the mail server, so I just set the appropriate records on other domains to support mail.
Correct. To properly enter custom DNS records they should be entered in the MiaB Custom DNS page in the admin area. It is NOT adviseable to enter the zone files in the manner you did for exactly this reason.
Sorry but I am answering out of order … I guess I need more caffeine or something, but the answer is the same … in the MiaB admin area under Custom DNS. Or alternatively, you could continue using your existing DNS provider and enter the records that MiaB needs in that DNS. Those entries are found in the admin area under External DNS.
Exactly, MiaB is created in a manner that it is not to be modified in any way. However, there are a few small things that can be modified without risk. Again though for the best overall performance, NOTHING should be modified to avoid issues later with updates, etc.
Honestly, the ‘reliability’ of MiaB is not in question here. If MiaB is installed on a VPS from a good and reliable provider then one can expect 99.99% uptime which means that MiaB will always be up and running doing its job. It IS however a single point of failure which really should be avoided at all costs. Ideally, anyone running MiaB should also have a secondary DNS provider in place to mitigate this risk IF they are running any other services on other servers. As MiaB’s true intended function is solely as a mail server and DNS server for itself, it was never the intention of the developers for it to be running DNS for mission critical resources.
And this is exactly what I would recommend to anyone who is using MiaB to host email for more than one domian, or for a domain which has other services being run on other servers.