oneuptime icon indicating copy to clipboard operation
oneuptime copied to clipboard

Published 20 hours ago verified publisher icon OneUptime

Bug: Selfhosted status page custom domain cannot be verified

Open MFYDev opened this issue 1 year ago • 18 comments
trafficstars

Describe the bug I corrected set the status page domain, and the cname record already exits in my dns settings but in one uptime verification page it always tells me CNAME is not verified. Please make sure you have the correct record and please verify CNAME again. If you are sure that the record is correct, please wait for some time for the DNS to propagate.

To Reproduce Steps to reproduce the behavior:

  1. Go to Project settings add the basic domain for the status page
  2. go to the status page add the custom domain to it
  3. set the correct A and CNAME record
  4. See error

Expected behavior it should be verified

Screenshots did not include my own domain in the screenshot for security image

Desktop (please complete the following information):

  • OS: ubuntu
  • Browser edge
  • Version 22

Deployment Type docker compose

Additional context Add any other context about the problem here.

MFYDev avatar Jun 24 '24 06:06 MFYDev

https://github.com/OneUptime/oneuptime/blob/4f4d9946ffce7f36660e0f24049b8a259b298888/CommonServer/API/StatusPageDomainAPI.ts#L102

It might has something to do with this

MFYDev avatar Jun 24 '24 06:06 MFYDev

Need more info like domain name. Can you please let me know your domain and did you verify with other DNS record viewers that cname do infact exist?

simlarsen avatar Jun 24 '24 18:06 simlarsen

Need more info like domain name. Can you please let me know your domain and did you verify with other DNS record viewers that cname do infact exist?

@simlarsen Hi, here are my settings:

  1. set the status cname record in the config.envas oneuptimestatuspage.mydomain.com
  2. my onuptime is running on oneuptime.mydomian.com, working well
  3. in the oneuptime, add mydomain.com to the project settings domain list (this passed the check successfully)
  4. in the status page custom domain, set status.mydomain.com as the status page domain
  5. set DNS A record which is oneuptimestatuspage.mydomain.com to my webserver ip
  6. set DNS CNAME record point status.mydomain.com to oneuptimestatuspage.mydomain.com

Verify the cname is taking effect by using dig command, but when coming back to my own oneuptime, it is always showing this error

In a nutshell, it is this, they all use mydomain.com

Record Type domain Content
A oneuptime.mydomain.com myip
A oneuptimestatuspage.mydomain.com myip
CNAME status.mydomain.com oneuptimestatuspage.mydomain.com

MFYDev avatar Jun 24 '24 18:06 MFYDev

I let the DNS stayed there for one whole night who should have already been taking effect but this morning I still get this error

MFYDev avatar Jun 24 '24 19:06 MFYDev

Same thing happening to me, CNAME is definitely valid, I can resolve it from the server too (also other locations), DNS propagated, but it is still saying the error message stated.

Edit: Latest docker compose versions, fresh install

Is there something else we can provide to you @simlarsen to help with debugging? It has been days now, the DNS is surely propagated and should be correct.

0x111 avatar Jun 28 '24 08:06 0x111

hi @simlarsen it has been a while and I just noticed the new post you posted to the selfhosted subreddit and I want to give oneuptime another try. but I haven't heard from you about this issue yet. Every time deploy oneuptime is time consuming, I do not risk to install it and found this issue still has not been solved. could you please give us some updates? Thanks

MFYDev avatar Jul 17 '24 13:07 MFYDev

@MFYDev Apologies for the late reply. Can you please change the LOG_LEVEL to DEBUG and see what shows up when you try to verify domain?

simlarsen avatar Jul 24 '24 22:07 simlarsen

@simlarsen this is what it shows up when log is set to debug

image

DNS is resolving and when being accessed it returns 404.

Johncs2d avatar Aug 01 '24 13:08 Johncs2d

How did you set it to debug. I dont see any debug logs?

simlarsen avatar Aug 01 '24 14:08 simlarsen

@simlarsen I use the helm chart and the LOG_LEVEL is set to debug

image

Johncs2d avatar Aug 01 '24 15:08 Johncs2d

Okay I think this is the real error base on the logs that i just saw now, Screenshot 2024-08-02 at 2 25 08 AM

Johncs2d avatar Aug 01 '24 18:08 Johncs2d

Describe the bug I corrected set the status page domain, and the cname record already exits in my dns settings but in one uptime verification page it always tells me CNAME is not verified. Please make sure you have the correct record and please verify CNAME again. If you are sure that the record is correct, please wait for some time for the DNS to propagate.

To Reproduce Steps to reproduce the behavior:

  1. Go to Project settings add the basic domain for the status page
  2. go to the status page add the custom domain to it
  3. set the correct A and CNAME record
  4. See error

Expected behavior it should be verified

Screenshots did not include my own domain in the screenshot for security image

Desktop (please complete the following information):

  • OS: ubuntu
  • Browser edge
  • Version 22

Deployment Type docker compose

Additional context Add any other context about the problem here.

Yes i have a same problem. When a try to valid a custom domain name for status page, the single error in log (debug) is :+1:

app-1      | BadDataException [Error]: CNAME is not verified. Please make sure you have the correct record and please verify CNAME again. If you are sure that the record is correct, please wait for some time for the DNS to propagate.
app-1      |     at /usr/src/CommonServer/API/StatusPageDomainAPI.ts:110:15
app-1      |     at processTicksAndRejections (node:internal/process/task_queues:95:5) {
app-1      |   _code: 400
app-1      | }

btouchard avatar Aug 07 '24 20:08 btouchard

We are not seeing the right logs for this because we are not logging these api calls.

https://github.com/OneUptime/oneuptime/blob/dd5cb900ffbb3d4d3a69bd1db4e6e64985a42403/Common/Server/Services/StatusPageDomainService.ts#L237

I need this feature so I'll see what I can contribute to get this working, or maybe you already have information for us regarding this issue @simlarsen ?

Johncs2d avatar Aug 16 '24 13:08 Johncs2d

@Johncs2d Please feel free to add debug statements there and send a PR. That would make debugging a little easier.

simlarsen avatar Aug 16 '24 14:08 simlarsen

Looks like the cname-verification api is not being hit at all, we should be seeing additional debug log when we hit the /status-page-api/cname-verification/:token but its not showing, and the new debug log that was added is just saying 404.

https://github.com/OneUptime/oneuptime/blob/dd5cb900ffbb3d4d3a69bd1db4e6e64985a42403/Common/Server/API/StatusPageAPI.ts#L98

image

Johncs2d avatar Aug 30 '24 13:08 Johncs2d

Hi @simlarsen , can ask for any support/update with this? base on the logs that we are getting is this a config issue? Thanks!

Johncs2d avatar Sep 18 '24 14:09 Johncs2d

Okay i found the answer for this one, @MFYDev the cname that you're adding should be in the list of hosts in the oneuptimeIngress, but the oneuptimeIngress.hosts does not allow wildcard values so its troublesome. I'll try to see what i can do to create a pr for this so we wont define every single status page host https://github.com/OneUptime/oneuptime/issues/1717

Johncs2d avatar Sep 25 '24 18:09 Johncs2d

Hey, @Johncs2d.

Now I can create my wildcard domain, but the validation still isn’t working. I can access my status page normally, but I'm having trouble with the certificates on my Kubernetes cluster.

Let me know if you can help me get this sorted out. Thanks!

marciojpacheco avatar Sep 27 '24 19:09 marciojpacheco