Noho.st domain inacessible

@anbu
try this address tell me if you reach your admin ?

https://024-241-008-061.res.spectrum.com/yunohost/admin/

Yes, it reaches my admin.

Starting Nmap 7.91 ( https://nmap.org ) at 2023-01-05 23:16 Jerusalem Standard Time

NSE: Loaded 153 scripts for scanning.

NSE: Script Pre-scanning.

Initiating NSE at 23:16

Completed NSE at 23:16, 0.00s elapsed

Initiating NSE at 23:16

Completed NSE at 23:16, 0.00s elapsed

Initiating NSE at 23:16

Completed NSE at 23:16, 0.00s elapsed

Initiating Ping Scan at 23:16

Scanning 24.241.8.61 [4 ports]

Completed Ping Scan at 23:16, 0.19s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 23:16

Completed Parallel DNS resolution of 1 host. at 23:16, 0.02s elapsed

Initiating SYN Stealth Scan at 23:16

Scanning 024-241-008-061.res.spectrum.com (24.241.8.61) [1000 ports]

Discovered open port 80/tcp on 24.241.8.61

Discovered open port 443/tcp on 24.241.8.61

Completed SYN Stealth Scan at 23:16, 14.17s elapsed (1000 total ports)

Initiating Service scan at 23:16

Scanning 2 services on 024-241-008-061.res.spectrum.com (24.241.8.61)

Completed Service scan at 23:17, 12.92s elapsed (2 services on 1 host)

Initiating OS detection (try #1) against 024-241-008-061.res.spectrum.com (24.241.8.61)

Retrying OS detection (try #2) against 024-241-008-061.res.spectrum.com (24.241.8.61)

Initiating Traceroute at 23:17

Completed Traceroute at 23:17, 3.03s elapsed

Initiating Parallel DNS resolution of 2 hosts. at 23:17

Completed Parallel DNS resolution of 2 hosts. at 23:17, 11.04s elapsed

NSE: Script scanning 24.241.8.61.

Initiating NSE at 23:17

Completed NSE at 23:17, 7.22s elapsed

Initiating NSE at 23:17

Completed NSE at 23:17, 1.61s elapsed

Initiating NSE at 23:17

Completed NSE at 23:17, 0.00s elapsed

Nmap scan report for 024-241-008-061.res.spectrum.com (24.241.8.61)

Host is up (0.092s latency).

Not shown: 998 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http nginx

| http-methods:

|_ Supported Methods: GET HEAD POST OPTIONS

|_http-title: Did not follow redirect to https://024-241-008-061.res.spectrum.com/yunohost/admin

443/tcp open ssl/http nginx

|_http-favicon: Unknown favicon MD5: 9E707D7532FE57F2310D703219D51917

| http-methods:

|_ Supported Methods: GET HEAD POST OPTIONS

| http-title: YunoHost Admin

|_Requested resource was https://024-241-008-061.res.spectrum.com/yunohost/admin/

|_http-trane-info: Problem with XML parsing of /evox/about

| ssl-cert: Subject: commonName=yunohost.org

| Subject Alternative Name: DNS:yunohost.org, DNS:www.yunohost.org, DNS:ns.yunohost.org, DNS:xmpp-upload.yunohost.org

| Issuer: commonName=yunohost.org

| Public Key type: rsa

| Public Key bits: 2048

| Signature Algorithm: sha256WithRSAEncryption

| Not valid before: 2021-04-28T19:31:28

| Not valid after: 2023-04-28T19:31:28

| MD5: 6a30 ee64 31d0 f9a2 77ab 2684 d64c 8955

|_SHA-1: 6ab6 fe0e 8a09 0bb8 3256 9998 df92 87c5 9d27 f9ac

Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

Device type: general purpose

Running (JUST GUESSING): Linux 4.X|5.X|2.6.X (88%)

OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5 cpe:/o:linux:linux_kernel:2.6.32

Aggressive OS guesses: Linux 4.15 - 5.6 (88%), Linux 5.0 (88%), Linux 5.0 - 5.4 (87%), Linux 5.3 - 5.4 (87%), Linux 2.6.32 (87%), Linux 5.0 - 5.3 (87%), Linux 5.4 (85%)

No exact OS matches for host (test conditions non-ideal).

Uptime guess: 8.654 days (since Wed Dec 28 07:36:22 2022)

Network Distance: 6 hops

TCP Sequence Prediction: Difficulty=262 (Good luck!)

IP ID Sequence Generation: All zeros

TRACEROUTE (using port 80/tcp)

HOP RTT ADDRESS

1 1.00 ms 192.168.1.1

2 21.00 ms bzq-179-37-1.cust.bezeqint.net (212.179.37.1)

3 … 5

6 15.00 ms 024-241-008-061.res.spectrum.com (24.241.8.61)

NSE: Script Post-scanning.

Initiating NSE at 23:17

Completed NSE at 23:17, 0.00s elapsed

Initiating NSE at 23:17

Completed NSE at 23:17, 0.00s elapsed

Initiating NSE at 23:17

Completed NSE at 23:17, 0.00s elapsed
Nmap done: 1 IP address (1 host up) scanned in 59.98 seconds

       Raw packets sent: 3094 (139.624KB) | Rcvd: 134 (12.524KB)

@anbu
**Okay as you see everything is healthy with your router, i can reach your server by the ip and by your ISP server, and you can as well, **
**there is no issue with your router officially, there is a problem with your domain, **
**might @aleks can help, cause i have nothing to suggest at this point anymore **

sorry, at least we did check that everything is okay with your router,

@izakis Thank you so much for taking the time to help me out! I have to leave for work, so won’t have access to the server until I get back, but hopefully can figure some things out. I’ve been tempted to register a second domain and point the server at that.

sure

just allow some time to @Aleks
or anyone else from the team to help you cause its related now only to the server itself nothing with your network,

have a good time there,

Update: I think the problem might be that the DNS server is not properly updating my domain’s IP to that of my server’s public IP (apologies if this is backwards, not super familiar with dns).

Public IP for the server is 24.241.8.61, which can give access to admin login page off of my local network (but does not allow access to userinterface/SSO).

However when you ping my domain or use a dnschecker, you get a different IP address, which is 159.235.5.39.

Of course my diagnostic logs agree with this discrepancy, but the question is how do I fix it?

When I force a dyndns update (yunohost dyndns update --force --debug), it says it has successfully updated my IP on DynDNS, but the domain IP never changes. So I’m guessing the dyndns site is having problems updating my domain IP? Is there a way for my to manually change my server’s public IP address to that of the domain until this can be fixed? I have been unable to access my services for over a week now.

description: Update the IP associated with your YunoHost subdomain ‘marchek.nohost.me’
log_path: /var/log/yunohost/categories/operation/20230107-183447-dyndns_update-marchek.nohost.me.log
logs:

• 2023-01-07 13:34:47,077: INFO - Updated needed, going on…
• 2023-01-07 13:34:47,078: DEBUG - Reusing IPv4 from cache: 24.241.8.61
• 2023-01-07 13:34:47,078: DEBUG - Reusing IPv6 from cache: None
• 2023-01-07 13:34:47,247: DEBUG - initializing ldap interface
• 2023-01-07 13:34:47,248: DEBUG - Formating result in ‘export’ mode
• 2023-01-07 13:34:47,250: DEBUG - Now pushing new conf to DynDNS host…
• 2023-01-07 13:34:47,250: DEBUG - id 7567
• opcode UPDATE
• rcode NOERROR
• flags
• ;ZONE
• nohost.me. IN SOA
• ;PREREQ
• ;UPDATE
• marchek.nohost.me. ANY ANY
• marchek.nohost.me. ANY ANY
• marchek.nohost.me. ANY ANY
• mail._domainkey.marchek.nohost.me. ANY ANY
• _dmarc.marchek.nohost.me. ANY ANY
• *.marchek.nohost.me. ANY ANY
• marchek.nohost.me. ANY ANY
• marchek.nohost.me. 3600 IN A 24.241.8.61
• marchek.nohost.me. 3600 IN MX 10 marchek
• marchek.nohost.me. 3600 IN TXT “v=spf1 a mx -all”
• mail._domainkey.marchek.nohost.me. 3600 IN TXT “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzA4Ib7zvq4zLV1OW8yKh2WCGF7qZybHuoCL+vOa17F7B+JGAXEiVCaB4Vex4iG0fiksBkOpT7kd6wI3xkn23NrLGdMt1RmR9QEngk1q6gkk2x4eoS9+qlAvt2nkYVysmPhbqe6SNQMy4OGZW1BI0+Kc4k+6lI20VCs48cVeA/AQIDAQAB”
• _dmarc.marchek.nohost.me. 3600 IN TXT “v=DMARC1; p=none”
• *.marchek.nohost.me. 3600 IN A 24.241.8.61
• marchek.nohost.me. 3600 IN CAA 128 issue “letsencrypt.org”
• ;ADDITIONAL
• 2023-01-07 13:34:47,722: SUCCESS - Updated your IP on DynDNS
  metadata:
  args:
  domain: None
  dry_run: False
  force: True
  ended_at: 2023-01-07 13:34:47
  error: None
  interface: cli
  operation: dyndns_update
  parent: None
  related_to:
  • domain
  • marchek.nohost.me
    started_at: 2023-01-07 13:34:47
    success: True
    yunohost_version: 11.0.10.2
    metadata_path: /var/log/yunohost/categories/operation/20230107-183447-dyndns_update-marchek.nohost.me.yml
    name: 20230107-183447-dyndns_update-marchek.nohost.me

@anbu
please reboot your server, you didnt do so since Wednesday dec 25 according to your previous log, i just ignored it, but my advice is reboot your server first and then run any command necessary,

if you still don’t get the DNS server to update your ip, please Tag and ask aleks straight so he will know about your issue in progress,

@anbu
oh sorry, not according to your log, according to my log, , nmap indicate you your uptime was since then,

@anbu
your domain is already reachable …
fix your certificate its a self singed

@izakis
Rebooted and reran dyndns update successfully again.
Admin panel said I had a letsencrypt certificate, so I tried reverting to self-signed and then re-certifying with letsencrypt.

Unfortunately the server fails on self signing: https://paste.yunohost.org/raw/giniwolobe, and then when I try to reinstall letsencrypt by running sudo yunohost domain cert-install marchek.noho.st --force:

Warning: ‘yunohost domain cert-install’ is deprecated and will be removed in the future
Warning: ‘yunohost domain cert-install’ is deprecated and will be removed in the future
Error: The DNS records for domain ‘marchek.noho.st’ are different to this server’s IP. Please check the ‘DNS records’ (basic) category in the diagnosis for more info. If you recently modified your A record, please wait for it to propagate (some DNS propagation checkers are available online). (If you know what you are doing, use ‘–no-checks’ to turn off these checks.)

yunohost domain cert-status give me the following now:

certificates:
books.marchek.noho.st:
CA_type: Other / Unknown
summary: Good
validity: 3648
marchek.noho.st:
CA_type: Other / Unknown
summary: Good
validity: 3649

I ran all this right after the successful dyndns update. Very strange.

@Aleks Sorry for all the long logs. Any ideas here?

@anbu
your domain is unreachable again,

@Aleks
aleks can you please advice anything something wrong with the dns configurations, @anbu network have no issues, the domain was reachable short time ago and its not again after a trial to issue a certificate,

I had my domain removed and then did a fresh install. I was able to successfully install a letsencrypt certificate.

After the install I was unable to access my domain on my local network, but was able to access it when not on my local network. I added the public IP to my /etc/hosts file like this thread Pi-Hole edits /etc/hosts? and everything works.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.