AdGuard Home Wildcard aliases
-
@nichu42 said in AdGuard Home Wildcard aliases:
So was the wildcard *.agh A entry created by you or Cloudron?
By me because Cloudron shows me the error which you see in my screenshot
@lukas
I see. That should not be necessary, and I don't know if everything works correctly if it is done manually.I am using Cloudflare and as soon as I entered the wildcard alias, the DNS entry was updated automatically with no error message. Everything else you did in AGH seems to be identical to what I did.
So maybe you should solve the DNS issue first (open a ticket regarding Porkbun DNS integration) before trying to troubleshoot in AdGuard Home.
-
Hi,
I try to add wildcard aliases for my AdGuard Home Subdomain to use Client IDs but I get this error:
At Porkbun I added this DNS A-Entry:
--> *.agh.mydomain.tld IN A <Cloudron Server IP>
What could be wrong?
Thank you and Regards
-
G girish referenced this topic on
-
@nichu42 said in AdGuard Home Wildcard aliases:
So was the wildcard *.agh A entry created by you or Cloudron?
By me because Cloudron shows me the error which you see in my screenshot
-
@nichu42 said in AdGuard Home Wildcard aliases:
So was the wildcard *.agh A entry created by you or Cloudron?
By me because Cloudron shows me the error which you see in my screenshot
@lukas yeah, there is a bug in their API or I don't know how to access wildcard dns entries via their API. I have sent them an email.
I have an A record at adguard.cloudron.click. This works: $ curl -H "Content-Type: application/json" -X POST -d '{ "apikey" : "pk1_6e058c5e56b050d8052ee869dbd137857386dcfd403698b46e6d0e7694acf241", "secretapikey" : "sk1_xx" }' https://porkbun.com/api/json/v3/dns/retrieveByNameType/cloudron.click/A/adguard {"status":"SUCCESS","cloudflare":"enabled","records":[{"id":"313173661","name":"adguard.cloudron.click","type":"A","content":"89.58.59.112","ttl":"600","prio":"0","notes":null}]} I have an A record at *.test.cloudron.click . This does not work: $ curl -w '%{response_code}' -H "Content-Type: application/json" -X POST -d '{ "apikey" : "pk1_6e058c5e56b050d8052ee869dbd137857386dcfd403698b46e6d0e7694acf241", "secretapikey" : "sk1_xx" }' https://porkbun.com/api/json/v3/dns/retrieveByNameType/cloudron.click/A/*.test <div id="container"> <h1>An Error Was Encountered</h1> <p>The URI you submitted has disallowed characters.</p> <p>You can probably find what you're looking for on our <a href="/">homepage</a>.</p> </div> 400 I tried with percent encoding but that does not work either: $ curl -w '%{response_code}' -H "Content-Type: application/json" -X POST -d '{ "apikey" : "pk1_6e058c5e56b050d8052ee869dbd137857386dcfd403698b46e6d0e7694acf241", "secretapikey" : "sk1_xx" }' https://porkbun.com/api/json/v3/dns/retrieveByNameType/cloudron.click/A/%2A.test {"status":"SUCCESS","cloudflare":"enabled","records":[]}200 -
G girish marked this topic as a question on
-
@lukas yeah, there is a bug in their API or I don't know how to access wildcard dns entries via their API. I have sent them an email.
I have an A record at adguard.cloudron.click. This works: $ curl -H "Content-Type: application/json" -X POST -d '{ "apikey" : "pk1_6e058c5e56b050d8052ee869dbd137857386dcfd403698b46e6d0e7694acf241", "secretapikey" : "sk1_xx" }' https://porkbun.com/api/json/v3/dns/retrieveByNameType/cloudron.click/A/adguard {"status":"SUCCESS","cloudflare":"enabled","records":[{"id":"313173661","name":"adguard.cloudron.click","type":"A","content":"89.58.59.112","ttl":"600","prio":"0","notes":null}]} I have an A record at *.test.cloudron.click . This does not work: $ curl -w '%{response_code}' -H "Content-Type: application/json" -X POST -d '{ "apikey" : "pk1_6e058c5e56b050d8052ee869dbd137857386dcfd403698b46e6d0e7694acf241", "secretapikey" : "sk1_xx" }' https://porkbun.com/api/json/v3/dns/retrieveByNameType/cloudron.click/A/*.test <div id="container"> <h1>An Error Was Encountered</h1> <p>The URI you submitted has disallowed characters.</p> <p>You can probably find what you're looking for on our <a href="/">homepage</a>.</p> </div> 400 I tried with percent encoding but that does not work either: $ curl -w '%{response_code}' -H "Content-Type: application/json" -X POST -d '{ "apikey" : "pk1_6e058c5e56b050d8052ee869dbd137857386dcfd403698b46e6d0e7694acf241", "secretapikey" : "sk1_xx" }' https://porkbun.com/api/json/v3/dns/retrieveByNameType/cloudron.click/A/%2A.test {"status":"SUCCESS","cloudflare":"enabled","records":[]}200 -
@girish cool, thank you for checking this. So we have to wait for Porkbuns support response, right?
-
@lukas yes. Their API is quite strange, so it's kinda hard to guess. For example, all requests are POST (even to retrieve stuff).
-
@girish I switched to other domain (DNS Provider: Wildcard). Now I have to create manually the *.adgaurd.mydomain.tld DNS A-Entry are there more entries which I have to create manually ?
@lukas
I am using Cloudflare and for me I had to restart the app after adding a client identifier.
Now in my Android I set the
eliasop7.dns.DOMAIN.TLD- this only worked after an app restart I am not sure if the app restart is really necessary.
-
@lukas
I am using Cloudflare and for me I had to restart the app after adding a client identifier.
Now in my Android I set the
eliasop7.dns.DOMAIN.TLD- this only worked after an app restart I am not sure if the app restart is really necessary.@BrutalBirdie thank you but something is generally wrong here... wondering why there is no *.adguard.mydomain.tld but only *.mydomain.tld
...here my Cloudron AdGuard Home App settings:
and If I try to connect via private DNS (Android) then I see this in Log-File:
[error] handling tcp: reading msg: reading len: remote error: tls: unknown certificate authority -
@BrutalBirdie thank you but something is generally wrong here... wondering why there is no *.adguard.mydomain.tld but only *.mydomain.tld
...here my Cloudron AdGuard Home App settings:
and If I try to connect via private DNS (Android) then I see this in Log-File:
[error] handling tcp: reading msg: reading len: remote error: tls: unknown certificate authority -
@BrutalBirdie thank you but something is generally wrong here... wondering why there is no *.adguard.mydomain.tld but only *.mydomain.tld
...here my Cloudron AdGuard Home App settings:
and If I try to connect via private DNS (Android) then I see this in Log-File:
[error] handling tcp: reading msg: reading len: remote error: tls: unknown certificate authority -
@lukas may you explain for what reason you want to have an Alias Domain for AdGuard, please? I think 99% of all use cases doesn't need an Alias Domain for it.
-
@Kubernetes I want to use DoT / DoH on my Android / iOS devices and allow only my clients to use this AdGuard Home instance. I'm doing something wrong?
-
@lukas Okay, then you don't need an Alias in Cloudron for AdGuard. What you need to do is to configure the ClientIDs as I mentioned in your other Thread directly in the AdGuard Home Admin Interface
@Kubernetes But If I don't need an Alias for AdGaurd in Cloudron, how do I set the Client Identifier ind Adroids Private DNS and / or in AdGuard App? Sorry but it's confusing for me.
It this Guide https://docs.cloudron.io/apps/adguard-home/#security i need DoT for my Android devices, to an wildcard alias is needed to identify my Android devices
-
@Kubernetes But If I don't need an Alias for AdGaurd in Cloudron, how do I set the Client Identifier ind Adroids Private DNS and / or in AdGuard App? Sorry but it's confusing for me.
It this Guide https://docs.cloudron.io/apps/adguard-home/#security i need DoT for my Android devices, to an wildcard alias is needed to identify my Android devices
@lukas You have to set the ClientID in Adguard Home Admin Interface, but not in Cloudron. Then all you need to do is to combine the URL to your Adguard Home with the ClientID you have configured already.
This should look like this:
https://adguard.yourdomain.tld/dns-query/CLIENTIDI assume that you never had a look at the Adguard Home Admin Interface, did you? There is a tab "Setup Assistant" which explains how to do it with Android, Windows, Browser, iOS, Router....
I hope that helps?
-
@lukas You have to set the ClientID in Adguard Home Admin Interface, but not in Cloudron. Then all you need to do is to combine the URL to your Adguard Home with the ClientID you have configured already.
This should look like this:
https://adguard.yourdomain.tld/dns-query/CLIENTIDI assume that you never had a look at the Adguard Home Admin Interface, did you? There is a tab "Setup Assistant" which explains how to do it with Android, Windows, Browser, iOS, Router....
I hope that helps?
@Kubernetes said in AdGuard Home Wildcard aliases:
This should look like this:
https://adguard.yourdomain.tld/dns-query/CLIENTIDyes, but for Android I have to use DoT and not DoH ?
DoT DNS over TLS (DoT) is supported and uses port 853 by default. DoT is required for Android's "Private DNS mode" (available since Android 9.0 Pie). To use Client ID identifiers, you must add a wildcard subdomain alias of the form *.adguard.domain.com. -
@Kubernetes said in AdGuard Home Wildcard aliases:
This should look like this:
https://adguard.yourdomain.tld/dns-query/CLIENTIDyes, but for Android I have to use DoT and not DoH ?
DoT DNS over TLS (DoT) is supported and uses port 853 by default. DoT is required for Android's "Private DNS mode" (available since Android 9.0 Pie). To use Client ID identifiers, you must add a wildcard subdomain alias of the form *.adguard.domain.com. -
@lukas Ahh, okay, I don't use DoT, so I don't know how this is setup correctly.
@Kubernetes as I understand this, for DoT I need a wildcard domain. In AdGuard Adnroid app I can use DoH with your string, this works fine.
-
G girish moved this topic from Support on
