Wildcard domain expect A record for the service
-
The wildcard only works for subdomains (my.example.com) not the bare domain (example.com)
So if you want to install something on example.com you have setup an A record for that also https://docs.cloudron.io/domains/#wildcard-dns
-
N nebulon marked this topic as a question on
-
It will fail on waiting for DNS propagation, until an explicit A DNS entry will be created, routing to the same server.
Suggested fix: verify if DNS record could be resolved, without explicit DNS records requirements.This is expected. There is no Wildcard concept in DNS. It comes from bind (the software) behavior/configuration . At the DNS protocol level, you can only query explicit entries.
-
It will fail on waiting for DNS propagation, until an explicit A DNS entry will be created, routing to the same server.
Suggested fix: verify if DNS record could be resolved, without explicit DNS records requirements.This is expected. There is no Wildcard concept in DNS. It comes from bind (the software) behavior/configuration . At the DNS protocol level, you can only query explicit entries.
@girish said in Wildcard domain expect A record for the service:
This is expected. There is no Wildcard concept in DNS. It comes from bind (the software) behavior/configuration . At the DNS protocol level, you can only query explicit entries.
I don't know if it's standard or specific from some specific implementation, but on all DNS providers I ever used, I was able and happily created just one entry:
Aentry with*key and my server box IP's and had it working.I understand, however, that you might have another experience - you have a broader exposure due to the users base, but I still believe that it's more then enough just try to do DNS lookup on the specific entry, without requiring a dedicated
Aentry - this way you preserve functionality check and make DNS Wildcard management easier for those who decide to use.Please, correct me if I'm wrong!
-
You can test this with your provider by only setting up one DNS record, the wildcard record and then see if the bare domain resolves correctly. In either case, Cloudron only checks by resolving the domain/subdomain in question as you suggest, we don't check the api or anything from the provider if wildcard is used.
-
You can test this with your provider by only setting up one DNS record, the wildcard record and then see if the bare domain resolves correctly. In either case, Cloudron only checks by resolving the domain/subdomain in question as you suggest, we don't check the api or anything from the provider if wildcard is used.
@nebulon said in Wildcard domain expect A record for the service:
You can test this with your provider by only setting up one DNS record, the wildcard record and then see if the bare domain resolves correctly. In either case, Cloudron only checks by resolving the domain/subdomain in question as you suggest, we don't check the api or anything from the provider if wildcard is used.
I did! My setup worked just fine from command line (with
host), but Cloudron's app setup didn't work, until I setup an explicitArecord - hence my 'bug' report! -
@girish said in Wildcard domain expect A record for the service:
This is expected. There is no Wildcard concept in DNS. It comes from bind (the software) behavior/configuration . At the DNS protocol level, you can only query explicit entries.
I don't know if it's standard or specific from some specific implementation, but on all DNS providers I ever used, I was able and happily created just one entry:
Aentry with*key and my server box IP's and had it working.I understand, however, that you might have another experience - you have a broader exposure due to the users base, but I still believe that it's more then enough just try to do DNS lookup on the specific entry, without requiring a dedicated
Aentry - this way you preserve functionality check and make DNS Wildcard management easier for those who decide to use.Please, correct me if I'm wrong!
@potemkin_ai said in Wildcard domain expect A record for the service:
I still believe that it's more then enough just try to do DNS lookup on the specific entry, without requiring a dedicated A entry
This is how it works already. There is actually no way in DNS to lookup wildcards i.e there is no such thing as
host *.domain.com. Cloudron can only dohost app.domain.com. The '*' entry you enter in registrar/hosting provider is just a configuration for the DNS server.So, I think the issue was probably something else. Maybe some DNS propagation issue or something else. Can you make out from the logs why it failed?
-
I quickly tried this. I set up
*.wildcard.smartserver.ioandwildcard.smartserver.ioin my DNS provider and addedwildcard.smartserver.ioas Wildcard provider. Then, I installedtest.wildcard.smartserver.io, it looks up like below...Apr 24 17:51:44 box:tasks update 2115: {"message":"Waiting for propagation of test.wildcard.smartserver.io"} Apr 24 17:51:44 box:dns/waitfordns waitForDns: waiting for test.wildcard.smartserver.io to be 185.232.70.47 in zone smartserver.io Apr 24 17:51:44 box:dns/waitfordns waitForDns: nameservers are ["chad.ns.cloudflare.com","carol.ns.cloudflare.com"] Apr 24 17:51:44 box:dns/waitfordns resolveIp: Checking if test.wildcard.smartserver.io has A record at 173.245.59.82 Apr 24 17:51:44 box:dns/waitfordns isChangeSynced: test.wildcard.smartserver.io (A) was resolved to 185.232.70.47 at NS chad.ns.cloudflare.com (173.245.59.82). Expecting 185.232.70.47. Match true Apr 24 17:51:44 box:dns/waitfordns resolveIp: Checking if test.wildcard.smartserver.io has A record at 172.64.33.82 Apr 24 17:51:44 box:dns/waitfordns isChangeSynced: test.wildcard.smartserver.io (A) was resolved to 185.232.70.47 at NS chad.ns.cloudflare.com (172.64.33.82). Expecting 185.232.70.47. Match true Apr 24 17:51:44 box:dns/waitfordns resolveIp: Checking if test.wildcard.smartserver.io has A record at 108.162.193.82 Apr 24 17:51:44 box:dns/waitfordns isChangeSynced: test.wildcard.smartserver.io (A) was resolved to 185.232.70.47 at NS chad.ns.cloudflare.com (108.162.193.82). Expecting 185.232.70.47. Match true Apr 24 17:51:44 box:dns/waitfordns waitForDns: test.wildcard.smartserver.io at ns chad.ns.cloudflare.com: done Apr 24 17:51:44 box:dns/waitfordns resolveIp: Checking if test.wildcard.smartserver.io has A record at 108.162.192.80 Apr 24 17:51:44 box:dns/waitfordns isChangeSynced: test.wildcard.smartserver.io (A) was resolved to 185.232.70.47 at NS carol.ns.cloudflare.com (108.162.192.80). Expecting 185.232.70.47. Match true Apr 24 17:51:44 box:dns/waitfordns resolveIp: Checking if test.wildcard.smartserver.io has A record at 173.245.58.80 Apr 24 17:51:44 box:dns/waitfordns isChangeSynced: test.wildcard.smartserver.io (A) was resolved to 185.232.70.47 at NS carol.ns.cloudflare.com (173.245.58.80). Expecting 185.232.70.47. Match true Apr 24 17:51:44 box:dns/waitfordns resolveIp: Checking if test.wildcard.smartserver.io has A record at 172.64.32.80 Apr 24 17:51:44 box:dns/waitfordns isChangeSynced: test.wildcard.smartserver.io (A) was resolved to 185.232.70.47 at NS carol.ns.cloudflare.com (172.64.32.80). Expecting 185.232.70.47. Match true Apr 24 17:51:44 box:dns/waitfordns waitForDns: test.wildcard.smartserver.io at ns carol.ns.cloudflare.com: done Apr 24 17:51:44 box:dns/waitfordns waitForDns: test.wildcard.smartserver.io has propagated -
@potemkin_ai said in Wildcard domain expect A record for the service:
I still believe that it's more then enough just try to do DNS lookup on the specific entry, without requiring a dedicated A entry
This is how it works already. There is actually no way in DNS to lookup wildcards i.e there is no such thing as
host *.domain.com. Cloudron can only dohost app.domain.com. The '*' entry you enter in registrar/hosting provider is just a configuration for the DNS server.So, I think the issue was probably something else. Maybe some DNS propagation issue or something else. Can you make out from the logs why it failed?
@girish thank you and yeah - I understand. I usually test things with
abrakadabra.mydomain.com, given that*exists onmydomain.comI can't see logs now and unfortunately I'm out of hands to repeat things, but the reason I've decided to try to add
Aentry was exactly a log entry saying something like 'checking if A entry exists' - it was for quite long time and since*record existed for a few weeks, I didn't suspect cache problem. Especially, since you useunboundthat does direct requests, from what I remember.As soon as I created
Aentry everything went smooth in a minute or two - that's when I decided to raise a ticket.I understand I'm not helping with the details - please, feel free to close this thread if so. I was hoping it make some sense to you from the code perspective, as you might be checking something like
dig forum.cloudron.io A, as opposed tohost forum.cloudron.io. -
G girish has marked this topic as solved on
