this post was submitted on 18 Nov 2024

15 points (94.1% liked)

Selfhosted

40246 readers

752 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

ruud@lemmy.world

Loki@lemmy.world

CannaVet@lemmy.world

HybridSarcasm@lemmy.world

devve@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Local domains constantly time out according to Uptime-Kuma (lemmy.dbzer0.com)

submitted 1 day ago by dataprolet@lemmy.dbzer0.com to c/selfhosted@lemmy.world

17 comments fedilink hide all child comments

I followed this tutorial to set up local domain names with SSL-certificates using DuckDNS: https://notthebe.ee/blog/easy-ssl-in-homelab-dns01/

I have three local domains for my Nginx Proxy Manager running on a VPS, for my self-hosted Nextcloud and my Proxmox-WebGUI both running on my local Homeserver. They follow the scheme service.dataprolet.duckdns.org.

Now I use Uptime-Kuma to monitor my services including the three domains and for some reason those three domains constantly time out after 48 seconds. I already set up the retries to 3, but to no avail.

I also use Pi-hole and Unbound and thought, that might be an issue, but testing my DNS using dig, mtr, traceroute, nslookup and host all returned normal values and no errors.

Does anybody have any idea what could cause this? I'm kind of clueless at this point. Thanks in advance!

you are viewing a single comment's thread
view the rest of the comments

[–] dataprolet@lemmy.dbzer0.com 1 points 20 hours ago (2 children)

Yep

[–] rearview@lemmy.zip 1 points 18 hours ago* (last edited 17 hours ago) (1 children)

seems like your DNS works fine but your certs doesn't. Are you able to connect to your services on your browser normally, with SSL?

Edit: please also try curl -4 and curl -6 to your services from within the uptime kuma container to see if theres an ipv4/v6 issue

Another edit: seems like there is a dataprolet URL in your post and a datenprolet URL in your comments. It might just be a typo so also check that too.

[–] dataprolet@lemmy.dbzer0.com 1 points 3 hours ago (1 children)

Yeah, it works fine through my browser. Sometimes the websites load a little longer. I feel like it's an issue with DuckDNS as it's seemingly random when it works and when not.

IPv6 doesn't work:

docker exec -it Uptime-Kuma curl -6 proxmox.datenprolet.duckdns.org
curl: (6) Could not resolve host: proxmox.datenprolet.duckdns.org

Besides that the issue has disappeares since last night. I automatically restart all containers at night and moved from uptime-kuma:1 to uptime-kuma:latest. That shouldn't make a difference, but maybe it did?

And it's not a typo in my config, but in my post. But good catch. ;)

[–] rearview@lemmy.zip 1 points 26 minutes ago

Could not resolve host

Then I guess you only define an A record in the DuckDNS panel. That's fine.

A while back I ran a somewhat similar Wireguard tunnel and can't connect. Turns out some MTU settings were lower than the docker's MTU and that breaks big packets like SSL handshakes. Restarting makes it work fine until things start congesting again.

Suffice to say this would be something I'll look at if the SSL errors reoccurs

[–] alwayssitting@infosec.pub 1 points 19 hours ago (1 children)

Sorry I'm a bit confused. What kind of tracker are you using in uptime-kuma and what address is it pointing to?

[–] dataprolet@lemmy.dbzer0.com 1 points 18 hours ago (1 children)

What do you mean by tracker? I'm monitoring local domains, that point to local services and their respective web interfaces like Proxmox or Nextcloud. The local domains have a wildcard SSL certificate via DuckDNS.

[–] alwayssitting@infosec.pub 1 points 18 hours ago* (last edited 18 hours ago) (1 children)

Which one of those. You pick one when adding something new to monitor. Actually just send a screenshot of the uptime-kuma settings of one of the services that are giving you problems.

[–] dataprolet@lemmy.dbzer0.com 0 points 18 hours ago (1 children)

It's HTTPS, what else should it be, when I monitor a domain?

[–] alwayssitting@infosec.pub 1 points 18 hours ago* (last edited 18 hours ago) (1 children)

Well you keep saying monitor a domain, in that case a DNS monitor would make more sense than HTTP(s) since that's for monitoring a service. That's why I was a bit confused. But yeah try to enable the ignore SSL option and see if that changes anything. You didn't include a screenshot of the settings which makes a bit difficult to diagnose the problem so I will leave it here.

[–] dataprolet@lemmy.dbzer0.com 1 points 14 minutes ago* (last edited 14 minutes ago)

Not sure how this helps, but here you go.