My .io domain works for www.domain.io, but not for the domain.io version. Below are each of the versions and revisions I have tried with ample time between each. I al
# 10800 IN A 174.129.212.2
# 10800 IN A 75.101.145.87
# 10800 IN A 75.101.163.44
blog 10800 IN CNAME blogs.vip.gandi.net.
imap 10800 IN CNAME access.mail.gandi.net.
pop 10800 IN CNAME access.mail.gandi.net.
smtp 10800 IN CNAME relay.mail.gandi.net.
webmail 10800 IN CNAME webmail.gandi.net.
www 10800 IN CNAME domain.herokuapp.com
# 10800 IN MX 50 fb.mail.gandi.net.
# 10800 IN MX 10 spool.mail.gandi.net.
# 10800 IN A 174.129.212.2
# 10800 IN A 75.101.145.87
# 10800 IN A 75.101.163.44
www 10800 IN CNAME domain.herokuapp.com
# 10800 IN A 174.129.212.2
# 10800 IN A 75.101.145.87
# 10800 IN A 75.101.163.44
www 10800 IN CNAME domain.herokuapp.com.
removed # lines because of Gandi and Heroku set up issue
www 10800 IN CNAME domain.herokuapp.com.
From reading other answers like How to setup DNS for an apex domain (no www) pointing to a Heroku app?, it seems that it best to redirect from the root domain to the one with www. Any other way?
Also are the lines for gandi.net are necessary?
it seems that it best to redirect from the root domain to the one with
www. Any other way?
As of right now, no. Unfortunately, ALIAS records are not used by Gandi, and A records are not available for use with Heroku because Heroku does not use fixed IP addresses.
The record type that both Heroku and Gandi recognize is the CNAME record, which can not be used for bare domains. Or, at least, shouldn't be used for bare domains. See https://superuser.com/questions/264913/cant-set-example-com-as-a-cname-record.
And for anyone lost, looking for how the heck to implement this, here's my cheat sheet for the work-around.
Step 1: In Gandi, set DNS zone file.
Name Type Value
# A 217.70.184.38 # Gandi's server
* CNAME my-app.herokuapp.com. # trailing . is required
www CNAME my-app.herokuapp.com. # trailing . is required
Step 2: In Gandi, set web forwarding for the domain.
The type of forwarding will be 'direct (permanent)', leave the subdomain blank, and set the forwarding address as www.my-custom-domain.com.
Step 3: In Heroku, set Heroku custom domains.
Domain Name DNS Target
*.my-custom-domain.com my-app.herokuapp.com
my-custom-domain.com my-app.herokuapp.com
www.my-custom-domain.com my-app.herokuapp.com
it seems that it best to redirect from the root domain to the one with www. Any other way?
Some DNS providers have an ALIAS record type which synthesizes the A records on the naked domain at request time. That and the URL record are the only options, since Heroku has essentially removed the use of fixed IP addresses with their current stack.
Also are the lines for gandi.net are necessary?
If you do not use Gandi for email or your blog, then you can remove all of the gandi lines. The MX records tell SMTP servers to use Gandi's mail exchanges to try to deliver mail, and the CNAME records are simply ways to access those Gandi services with your custom domain.
As someone already mentioned, gandi.net now supports ALIAS so it could be done simpler, like this:
# 10800 IN ALIAS stormy-squirrel-xe57il0fhyuauzta3noapg1h.herokudns.com.
And in the heroku, you must add only the bare domain and use the given dns
(such as:
stormy-squirrel-xe57il0fhyuauzta3noapg1h.herokudns.com.)
Related
Wanting to set hostname and domain name or wanting so take control of what dns server to use.
If I edit resolv.conf at reboot changes are reseted to what comes from dhcp
playing with /etc/cloud/cloud.cfg doesn't seem to change the problem.
It's because it's got nothing to do with cloud settings lol
the magie manly happens in /etc/dhcp/dhclient.conf
I commented out that line
send host-name = gethostname();
request subnet-mask, broadcast-address, time-offset, routers,
# domain-name, domain-name-servers, domain-search, host-name,
dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers,
netbios-name-servers, netbios-scope, interface-mtu,
rfc3442-classless-static-routes, ntp-servers;
Then in /etc/cloud/cloud.cfg I had to adjust a couple things
[...]
# preserve_hostname: false
preserve_hostname: true
[...]
# - timezone
[...]
# manage_etc_hosts: true
manage_etc_hosts: false
I also needed to add a line in /etc/hosts
127.0.1.1 myName.Mydomain.foo myName
127.0.1.1 xxxxx.your-cloud.etc xxxxx
127.0.0.1 localhost
Lost time on this... so I thought it might be nice to share the solution.
I'm having a weird issue whereby after I added the CNAME record with my domain registrar, and I run the "host" command in terminal, my domain lighttree.co.za, is added as a suffix at the end of the heroku domain, which I know (and according to heroku docs) should not be there.
$ host ispprov.lighttree.co.za
ispprov.lighttree.co.za is an alias for classical-apple-
j39juha3sy7h7wnzhso39572.herokudns.com.lighttree.co.za.
classical-apple-j39juha3sy7h7wnzhso39572.herokudns.com.lighttree.co.za
has address 197.242.146.244
What have I done wrong?
The way DNS work, the CNAME value will append your domain name by default.
You can resolve this by adding a dot (.) at the end of your CNAME value.
In your DNS provider configuration, replace the CNAME value to be:
classical-apple-j39juha3sy7h7wnzhso39572.herokudns.com.
Don't forget the dot at the end :-)
In reference to My orginial question, this will be used in my script.
Basically, I run commands to provision CNAME's for domains to validate the domains for TLS. When the command provision-cert test.com.json is run it will output the contents below. Doesn't store them, only prints them in the console.
Determining SubjectAlternateNames for domain test.com
SubjectAlternateNames for domain test.com are:
test.com
*.test.com
Requesting Certificate for domain test.com
Certificate for domain test.com has ARN: arn:tmp:tmp:ran-loc-
1:randomstring:certificate/randomstring
Settings tags on certificate for domain test.com
Retrieving DNS records required for validation for arn:tmp:tmp:ran-loc-
1:randomstring:certificate/randomstring
Please add these records to DNS to complete validation
_randomstring.test.com. IN CNAME _randomstring.validations.net.
Certificate needs to complete domain validation
I'm trying to grep the text Please add these records to DNS to complete validation and the line below it _randomstring.test.com. IN CNAME _randomstring.tmp-validations.net. into a .txt file multiples times but I don't want it to overwrite whats already been inserted into the .txt file from previous runs. It will run provision-cert 6 times so essentially I need to to grep each cname after it runs the command provision-cert.
I have tried provision-cert test.com | grep "Please add these records to DNS to complete validation" -A 1 > file.txt but it just freezes.
(I already have my statements in place, I just need to figure out the grep command, and then add it)
Is this possible?
Found that provision-cert test.com >> file.txt successfully sent the output to a .txt file.
Then adding the command grep "Please add these records to DNS to complete validation" -A 1 file.txt
Answer found here.
I have no clue how to set up the zones for Gandi.net and Heroku. Here is what I currently have in the Gandi.net zone file. It is now erroring and not going to any page:
# 10800 IN A 217.70.184.38
blog 10800 IN CNAME blogs.vip.gandi.net.
imap 10800 IN CNAME access.mail.gandi.net.
pop 10800 IN CNAME access.mail.gandi.net.
smtp 10800 IN CNAME relay.mail.gandi.net.
webmail 10800 IN CNAME webmail.gandi.net.
www 10800 IN CNAME app.herokuapp.com
# 10800 IN MX 50 fb.mail.gandi.net.
# 10800 IN MX 10 spool.mail.gandi.net.
You are missing the period at the end of app.herokuapp.com. to make it a FQDN, thus the DNS resolving mechanism will be appending your zone domain to the end of it and forwarding people to app.herokuapp.com.yourdomain.com instead.
I have private DNS servers and I want to write them to resolv.conf with resolvconf on Debian on AWS/EC2.
There is a problem in the order of nameserver entries.
In my resolv.conf, EC2's default nameserver is always written at first line like so:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.16.0.23
nameserver 10.0.1.185
nameserver 10.100.0.130
search ap-northeast-1.compute.internal
172.16.0.23 is EC2's default nameserver and others are mine.
How to remove EC2 entry? Or, how to move EC2 entry to third?
Here I have an interface file:
% ls -l /etc/resolvconf/run/interface/
-rw-r--r-- 1 root root 62 Jun 7 23:35 eth0
It seems that the file eth0 is automatically generated by dhcp so can't remove it permanently.
% cat /etc/resolvconf/run/interface/eth0
search ap-northeast-1.compute.internal
nameserver 172.16.0.23
My private DNS entry is here:
% cat /etc/resolvconf/resolv.conf.d/base
nameserver 10.0.1.185
nameserver 10.100.0.130
Please help.
I think I just solved a very similar problem. I was bothered by Amazon EC2's crappy internal DNS servers so I wanted to run a local caching dnsmasq daemon and use that in /etc/resolv.conf. At first I just did echo nameserver 127.0.0.1 > /etc/resolv.conf but then I realized that my change would eventually be overwritten by the DHCP client after a reboot or DHCP lease refresh.
What I've now done instead is to edit /etc/dhcp3/dhclient.conf and uncomment the line prepend domain-name-servers 127.0.0.1;. You should be able to use the prepend directive in a very similar way.
Update: These instructions are based on Ubuntu Linux but I imagine the general concept applies on other systems as well, even other DHCP clients must have similar configuration options.
I'm approaching this problem from the other direction (wanting the internal nameservers), much of what I've learned may be of interest.
There are several options to control name resolution in the VPC management console.
VPC -> DHCP option sets -> Create dhcp option set
You can specify your own name servers there.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html
Be sure to attach this dhcp option set to your VPC to get it to take effect.
Alternatively (I found this out by mistake) local dns servers are not set if the following settings are disabled in VPC settings:
DnsHostnames
and
DnsSupport
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-dns.html
Settings can also be overridden locally (which you'll notice if you move instances between vpcs). /etc/dhcp/dhclient.conf
The following line might be of interest:
prepend domain-name-servers
Changes, of course, take effect on dhclient start.
How do I assign a static DNS server to a private Amazon EC2 instance running Ubuntu, RHEL, or Amazon Linux?
Short Description
Default behavior for an EC2 instance associated with a virtual private cloud (VPC) is to request a DNS server address at startup using the Dynamic Host Configuration Protocol (DHCP). The VPC responds to DHCP requests with the address of an internal DNS server. The DNS server addresses returned in the DHCP response are written to the local /etc/resolv.conf file and are used for DNS name resolution requests. Any manual modifications to the resolv.conf file are overwritten when the instance is restarted.
Resolution
To configure an EC2 instance running Linux to use static DNS server entries, use a text editor such as vim to edit the file /etc/dhcp/dhclient.conf and add the following line to the end of the file:
supersede domain-name-servers xxx.xxx.xxx.xxx, xxx.xxx.xxx.xxx;
Ubuntu - dhclient.conf - DHCP client configuration file
The supersede statement
supersede [ option declaration ] ;
If for some option the client should always use a locally-configured value or values
rather than whatever is supplied by the server, these values can be defined in the
supersede statement.
The prepend statement
prepend [ option declaration ] ;
If for some set of options the client should use a value you supply, and then use the
values supplied by the server, if any, these values can be defined in the prepend
statement. The prepend statement can only be used for options which allow more than one
value to be given. This restriction is not enforced - if you ignore it, the behaviour
will be unpredictable.
The append statement
append [ option declaration ] ;
If for some set of options the client should first use the values supplied by the server,
if any, and then use values you supply, these values can be defined in the append
statement. The append statement can only be used for options which allow more than one
value to be given. This restriction is not enforced - if you ignore it, the behaviour
will be unpredictable.
In here someone come with solution that basically replaces the file on boot using rc.local
https://forums.aws.amazon.com/thread.jspa?threadID=74497
Edit /etc/sysconfig/network-scripts/ifcfg-eth0 to say PEERDNS=no
Create a file called /etc/resolv.backup with what you want
Add the following 2 lines to /etc/rc.local:
rm -f /etc/resolv.conf cp /etc/resolv.backup /etc/resolv.conf
This is what we are doing for our servers in the environment.
interface "eth0"
{
prepend domain-name-servers 10.x.x.x;
supersede host-name "{Hostname}";
append domain-search "domain";
supersede domain-name "DOMAIN";
}
Hope this helps.
The following worked in a Debian stretch on AWS EC2.
Just create /etc/dhcp/dhclient-enter-hooks.d/nodnsupdate:
#!/bin/sh
make_resolv_conf(){
:
}
Then you can modify /etc/resolv.conf and it will persist your changes across restarts.
Setup in crontab as
#reboot cp -r /home/.../resolv.conf /etc/resolv.conf