Quick setup NTP, DNS, Postfix relay on CentOS 7

We always recommend one functionality per vm or server, but is some case it may make sense to combine roles. In this blog we will look at quick set-up of infrastructure vm used as postfix relay, ntp and dns server.
1. Relay will forward all messaged for tekyhost.com to mserver.tekyhost.com
2. VM will act as NTP server for other systems on your network as long as they are on 192.168.1.0/24 network
3. DNS server will recursively lookup names for clients as long as they are on 192.168.1.0/24 network

postfix

Postfix should already be installed on CentOS 7
Modify /etc/postfix/main.cf

inet_interfaces = all
relay_domains = tekyhost.com, domain2.com
transport_maps = hash:/etc/postfix/transport
vi /etc/postfix/transport
tekyhost.com smtp:[208.83.208.152]

Allow firewalld access and enable deamon

#firewall-cmd --permanent --zone=public –add-port=25/tcp
#firewall-cmd --reload
#systemctl start postfix
#systemctl enable postfix

 

ntp

#yum install ntp
Modify /etc/ntp.conf
Replace server with trusted ntp stratum2 server or use
http://www.pool.ntp.org/en/

restrict 192.168.1.0 netmask 255.255.255.0 nomodify notrap
logfile /var/log/ntp.log

Add firewalld access and enable deamon

#firewall-cmd --add-service=ntp --permanent
#firewall-cmd --reload
#systemctl start ntpd
#systemctl enable ntpd
#systemctl status ntpd

Run tests

#ntpq -p
#date -R

dns

yum install bind bind-utils

Edit configuration file to add ACL list and allow it to query DNS server

vi /etc/named.conf

acl "trusted" {
192.168.1.0/24;
};
allow-query { trusted; };

Allow firewalld access and enable daemon

firewall-cmd --permanent --zone=public --add-port=53/udp
firewall-cmd –reload
systemctl enable named
systemctl start named