Cloudflared routes tunnel to irrelevant domain: pre-http.cc -> pre-http.cc.*be-political.org*

This behavior makes absolutely no sense for it to resolve as a subdomain of something not mentioned in the parameters
61 Replies
math.rad
math.radOPā€¢4mo ago
cloudflared tunnel route dns main pre-http.cc

2024-08-28T03:10:20Z INF Added CNAME pre-http.cc.be-political.org which will route to this tunnel tunnelID=afa25c50-1ec5-4711-abda-3ab17cb098e5
cloudflared tunnel route dns main pre-http.cc

2024-08-28T03:10:20Z INF Added CNAME pre-http.cc.be-political.org which will route to this tunnel tunnelID=afa25c50-1ec5-4711-abda-3ab17cb098e5
Erisa
Erisaā€¢4mo ago
When you authorised cloudflared originally it made you select a zone, this one command for whatever reason will only work on that selected zone. I would honestly just create dns records manually rather than use that command since it doesn't make a whole lot of sense
math.rad
math.radOPā€¢4mo ago
Oh I attempted to manually set the DNS record for my domain with a CNAME that lead to the same place, but it failed to reach the origin resource so I suspected this failure to create the correct dns record may have been related My application was on port 3003 and I was able to successfully get a response from curl on localhost:3003 yet both using the cli and installing a tunnel to interface via the web failed
Erisa
Erisaā€¢4mo ago
It should be a proxied record leading to tunnelid.cfargotunnel.com where tunnelid is that long id
math.rad
math.radOPā€¢4mo ago
one moment, I deleted the records but I'm pretty sure I followed that procedure to manually set the record
Erisa
Erisaā€¢4mo ago
what's the exact error you get? failed to reach origin resource sounds unrelated to dns
math.rad
math.radOPā€¢4mo ago
2024-08-28T02:51:09Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp 127.0.0.1:3003: connect: connection refused" connIndex=1 event=1 ingressRule=0 originService=http://localhost:3003 since it's little work to set up, I'm going to recreate the tunnel(as I've done multiple times) would you rather it be via the client or the website interface for the tunnels Also the only reason for why I posted it under this error is because I belieived these were related as the initial problem made no sense at all I can confirm the service is accessible via netstat as well as just making a simple curl request
Erisa
Erisaā€¢4mo ago
it doesnt matter which, and recreating likely won't help with that error. that error means that the traffic reaches the tunnel successfully (so dns is fine and the tunnel works) but the cloudflared process can't reach the origin. are you running it in something funky like docker?
math.rad
math.radOPā€¢4mo ago
it's just a simple express application. I've reduced it to this for debugging purposes and simplicity
const app = require("express")();

app.get("/*", (request, response) => {
response.send(request.url)
})

app.listen(3003)
const app = require("express")();

app.get("/*", (request, response) => {
response.send(request.url)
})

app.listen(3003)
I'm not sure why its not picking up anything
Erisa
Erisaā€¢4mo ago
and you didn't use docker, just the regular install commands?
math.rad
math.radOPā€¢4mo ago
I have little experience with docker, but I will say that I initialized the application with solely npm I did use docker to install cloudflared
Erisa
Erisaā€¢4mo ago
using docker for any part of this adds a load of extra considerations that complicate things, this is why I'm asking that will be it then docker has network isolation, so it can't access the same localhost as on your host machine
math.rad
math.radOPā€¢4mo ago
I see How can I install it without docker? The only option for both the cli and the individual tunnel set up uses docker - when documented I am using ubuntu
Erisa
Erisaā€¢4mo ago
the quick and easy fix is to either not use docker, or throw --network host on the docker run command to use the host network the proper/smarter fix is to properly implement docker networks but thats a whole other thing im not getting into uh where are you seeing that as the only option? there should be manual install options for both for web setups there's even a copy and paste command that installs the Ubuntu package
math.rad
math.radOPā€¢4mo ago
No description
math.rad
math.radOPā€¢4mo ago
Interesting though My mistake, I did not use docker for this:
math.rad
math.radOPā€¢4mo ago
No description
Erisa
Erisaā€¢4mo ago
oh just click debian lol, ubuntu is based on it it works just the same, you can also use those commands there if you want. either is fine
math.rad
math.radOPā€¢4mo ago
is the cli known to be glitchy(referring to the initial problem)? would you recommend using the website or the client I've noticed it has had strange and misleading behavior before Unintuitive, at least
Erisa
Erisaā€¢4mo ago
the route dns command is the only thing that stands out as glitchy, the rest of the cli is just difficult to understand but does give you a bit more flexibility once you've worked it out. the web setup is easier, you just run one command and click some buttons which one to choose is entirely up to you
math.rad
math.radOPā€¢4mo ago
I'll try with the client again if you were refering to the cloudflared repo, which Debian distribution this: https://pkg.cloudflare.com/index.html#ubuntu-focal im guessing you were most likely talking about the website though
Erisa
Erisaā€¢4mo ago
the website install is where i said just use the debian link for the pkg. site, use the instructions for the Ubuntu version you have
math.rad
math.radOPā€¢4mo ago
Okay, I might run into the same problem again because I'm pretty sure that never used docker
Erisa
Erisaā€¢4mo ago
i think 24.04 isn't on there but from memory the 22.04 one should work fine
math.rad
math.radOPā€¢4mo ago
yeah i have .03 or did at least
Erisa
Erisaā€¢4mo ago
i dont think any ubuntu version ends in .03
math.rad
math.radOPā€¢4mo ago
sorry I meant the client
Erisa
Erisaā€¢4mo ago
you may be thinking of cloudflared version yeah in which case the latest is apparently 2024.8.3
math.rad
math.radOPā€¢4mo ago
it kept telling me mine was not up to date are you sure šŸ˜­
Erisa
Erisaā€¢4mo ago
GitHub
Releases Ā· cloudflare/cloudflared
Cloudflare Tunnel client (formerly Argo Tunnel). Contribute to cloudflare/cloudflared development by creating an account on GitHub.
math.rad
math.radOPā€¢4mo ago
hm, i dont know what I was remembering then im going to configure a tunnel and test it out again, it should work but I'm conerned it wont as Im pretty sure this would have been the same process I used last time
Erisa
Erisaā€¢4mo ago
thats okay, best to try it and see what happens, maybe the error is different make sure to delete the old stuff like the docker container so they don't get in the way
math.rad
math.radOPā€¢4mo ago
yeah I encountered an error. I used the cleanup command which allowed me to delete the tunnel strange it wont even error anymore i visit the page and no error happens in the terminal
math.rad
math.radOPā€¢4mo ago
No description
math.rad
math.radOPā€¢4mo ago
šŸ˜­
Erisa
Erisaā€¢4mo ago
the ping thing is meaningless, that looks like a healthy connection. no logs means traffic isn't routing so check dns records and ingress rules
math.rad
math.radOPā€¢4mo ago
i think something got mixed up when i removed docker. I cleaned up a tunnel and deleted it forgetting i had it open in another session. I killed the process( ctrl c x2, the 1st attempted to "peacefully" stop it with no response)
tunnel: 77207f31-145e-478f-82f5-e9841b3a98cc
credentials-file: /home/gwen/.cloudflared/77207f31-145e-478f-82f5-e9841b3a98cc.json

ingress:
- hostname: pre-http.cc
service: http://localhost:3003
- service: http_status:404
tunnel: 77207f31-145e-478f-82f5-e9841b3a98cc
credentials-file: /home/gwen/.cloudflared/77207f31-145e-478f-82f5-e9841b3a98cc.json

ingress:
- hostname: pre-http.cc
service: http://localhost:3003
- service: http_status:404
im new to this format but that seems like it should work
Erisa
Erisaā€¢4mo ago
and pre-http.cc dns record points to that tunnel id?
math.rad
math.radOPā€¢4mo ago
im pretty sure it has in the past too
math.rad
math.radOPā€¢4mo ago
No description
math.rad
math.radOPā€¢4mo ago
77207f31-145e-478f-82f5-e9841b3a98cc.cfargotunnel.com omg. it works randomly? wtf?
Erisa
Erisaā€¢4mo ago
it returns a 200 code from express when I curl it
math.rad
math.radOPā€¢4mo ago
šŸ˜­
Erisa
Erisaā€¢4mo ago
probably dns delay
math.rad
math.radOPā€¢4mo ago
I see thank you šŸ˜­
Erisa
Erisaā€¢4mo ago
happens, dns plagues us all no problem that setup should keep working if you add more ingress rules, make sure to restart cloudflared to apply them (sudo systemctl restart cloudflared) and make the dns records if you get errors you probably screwed up one of those steps or just need to wait for dns again
math.rad
math.radOPā€¢4mo ago
I'll keep this in mind I have multiple domains, including a two tld suite of be-political: com & org, as well as be-educated.org in the yaml i just do tunnels: tunnelId: right?
Erisa
Erisaā€¢4mo ago
if the services are on the same server you can reuse the one tunnel by making more ingress rules pointing to different services you dont need more than one tunnel per server unless youre using multiple cloudflare accounts
math.rad
math.radOPā€¢4mo ago
okay thanks again šŸ˜­
Erisa
Erisaā€¢4mo ago
no problem nah you keep the top bit all the same and just add more entries to the ingress: list
math.rad
math.radOPā€¢4mo ago
oh i see you just use the same cname for each domain
Erisa
Erisaā€¢4mo ago
like
ingress:
- hostname: pre-http.cc
service: http://localhost:3003
- hostname: domain2.com
service: http://localhost:3004
- service: http_status:404
ingress:
- hostname: pre-http.cc
service: http://localhost:3003
- hostname: domain2.com
service: http://localhost:3004
- service: http_status:404
where domain2.com is a new service on port 3004
math.rad
math.radOPā€¢4mo ago
thanks thrice šŸ˜­
Erisa
Erisaā€¢4mo ago
and then yeah cname goes to the same place
math.rad
math.radOPā€¢4mo ago
you're so helpful, I really appreciate all the advice
Erisa
Erisaā€¢4mo ago
no problem, ive been there so happy to pass on the knowledge
math.rad
math.radOPā€¢4mo ago
other than developer trust, is the purpose of my app viable? my domain is so you can set up predefined response structures including headers so developers can allow clients to get access to information which requries sensitive information they wouldnt want to expose in their software, my current application being with discord presence chrome extensions. is there a service already like this or should i continue. i know myself would use it but who knows basically curl -> pre-http/define/:action where the body defines the preset and the action is used if there are multiple "actions" this may not be the question for here I realize but you might possibly have some input; not asking for help on the project specifically, just your perspective as a developer who utilizes endpoints such as these essentially a proxy with extra steps
Erisa
Erisaā€¢4mo ago
i think it makes sense and could be a worthwhile service especially if the experience is easy to use. and if its something you need yourself then that should be motivation enough to spend some time working on it, even if just for you (then if others need it, even better!). some of the best projects were born from wanting something done a particular way and just doing it
math.rad
math.radOPā€¢4mo ago
okay šŸ˜­ thank you. I see a lot of rich presence extension for discord end up either having the user to install software on their device or have a service running to make a single http request for an auth token, and its like, this could totally be autotomized so the developer only needs minimal setup themselves trust is definitely something to consider but really you kind of need trust for applications like these. i feel like the most i can do is make it open source but even then they cant know for sure thats what im using
Erisa
Erisaā€¢4mo ago
open source is great cos its like, if you really care you can always run it yourself
math.rad
math.radOPā€¢4mo ago
true true thanks xIlostcount šŸ˜­
Want results from more Discord servers?
Add your server