Cant get domain name to resolve on fresh install

hi

Ive made a fresh install of 22.04, installed MIAB, and I can log in. But for some reason the domain name for the box doesnt resolve. I can use its IP, but not its fqdn.

I know things like DNS and glue records, external to the server, are all ok because Ive reimaged a server with the same ip and nothing else changed. Ive been using MIAB for years.

Ive managed to install my backup too, so all my emails and domains are listed in the admin area.

In the SSL page in Admin, all domains are listed as ā€œThe domain name does not resolve to this machine [not set] (A)ā€

and the box name itself is ā€œSelf-signed. Get a signed certificate to stop warnings. The domain name does not resolve to this machine: [Not Set] (A).|ā€

Ive been doing this now for 8 hours - and Im stumped! Any help gratefully received!

service nsd restart from the command line will fix your issue.

1 Like

Wow. Ok, Im going to try that now! Thanks in advance

Sounds like the same problem I had. Try ā€œservice nsd restartā€ at the shell (with ā€˜sudoā€™ if requiredā€™).
N.

1 Like

Yeah, I and someone else had our 8 hours yesterday until @davness saved the day! We just figured it out about an hour ago.

2 Likes

You, @davness, and @nab are my superheros!

I can go to sleep now!

2 Likes

It absolutely has fixed the issue, with one small problem - the actual box name (in my case box.thetail.co) wont provision a certificate. All the rest have. but not the main oneā€¦

I wondered if anything springs to mind about why?

Should I provision a cert for the box outside of MIAB?

You should be receiving some kind of feed back or error message on the SSL certificates page when you hit Provision ---- what message(s) are you receiving?

Thanks for your reply - oddly, the second time I did it, it just workedā€¦
Unsatisfying - ill look through the logs, perhaps to find something to help others.

Thank you again for your help!

Again, Iā€™ve had this - sometimes you have to click provision more than once. When adding a lot of new domains, it seemed to do maybe 6 certs at a time.

I can confirm this @greyworld as I helped two people yesterday facing this issue. In both cases, it took using the ā€œProvisionā€ button more than once.

Hi Josh, Just an FYI ā€¦ I just had a similar problem, moving to v60. Followed your instructions, fresh backups taken, fresh install of Ubuntu, install MIAB, all without any problems. Restored user-data from backups, all was looking good :slight_smile:. But in Admin / TLS (SSL) Certificates the primary domain was showing as expired with only an ā€œInstallā€ button (which wanted to install an externally provided certificate), no Replace or Provision button. (The other domains were fine!) Did the usual sudo mailinabox but no joy.

I found under /home/user-data/ssl/ the link ssl_certificate.pem was pointing to an old certificate. (The current cert was there, from the restore, only the link was wrong.) I pointed the link to the current .pem and it seems to have come good. Iā€™ve no idea how the link got broken :frowning:. Touch wood, it updates correctly when the certs are renewed.

Other than that, the upgrade seems to have gone well. Thanks :+1:

1 Like

Get to fresh install v60 on an Oracle Cloud instance. Thus rDNS is hopeless to configure correctly, which counts a known defect.

Ran into the nsd issue. Resolved it by following the solution to the service restart trick.

And there comes the domain certificate provision issue. Still struggling with it.

Besides that it reads two strange lines in System Status Checks page.

  1. Public DNS (nsd4) is not running (port 53). Itā€™s running.
  2. Incoming Mail (SMTP/postfix) is running but is not publicly accessible at 138.2.125.110:25. Itā€™s accessible.

Without this feature the service is not suitable to run a mail server. Most mail servers will reject your mails or mark them as spam if DNS reverse lookups are failing.

This could be because the Ubuntu OCI images are using a custom firewall configurationā€¦ https://blogs.oracle.com/developers/post/enabling-network-traffic-to-ubuntu-images-in-oracle-cloud-infrastructure

Ubuntu images in OCI donā€™t rely on UFW for changing the host firewall configuration. Opening ports requires changing the iptables configuration by editing /etc/iptables/rules.v{4,6}. It is important not to add the new iptables rule at the end of the file or else it will be ignored due to the earlier REJECT ruleā€™s higher precendence. The error message returned to the caller (ā€œno route to hostā€) can be misleading.

I would look for a VPS provider that uses the default Ubuntu cloud images, and most importantly, one where you can set up rDNS records.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.