mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

12K
active users

Any experts having a quite saturday and willing to help me get my journey underway?

I've got a domain and a box with some working apps on it but I can't get to recognise my DNS and am struggling to get the working.

There's a few too many moving parts for my little brain, I'd really value a helping hand to get me up and running, please.

@thechildofroth whats going wrong with certbot? i have this same stack running on my server so maybe we can compare notes

@xandris When I try to get a certificate (either using dietpi-letsencrypt or directly from the prompt (as per the jellyfin instruction)) it tells me I don't have an A or AAAA record.

But when I do:
curl --verbose http://my.domain

it comes straight back with:
trying ip.of.router.im.looking.for

so curl seems to be finding the dns record ok

@xandris I think this may be the key to unlocking this, as without the certificates the Jellyfin provided nginx conf fails, so unless I can clear this hurdle I'm going to stay stuck

@thechildofroth @xandris You can try ‘dig @9.9.9.9 my.domain’ to have more information about the DNS information.
If you’ve got no answer, it’s definitely a DNS problem.

@rds @xandris So dig returns a seemingly sensible response (I can see my domain and my IP in there). The only concern is that I can see:

Query1, Answer1, Authority0, Additional1

Should Authority (I'm guessing this might be related to 'SOA') be 1 too?

(for any other rookies playing along 'dig' is in bind9-dnsutils on - not installed by default in it seems)

@thechildofroth @rds i found this tool in the letsencrypt forum. what does it tell you?

letsdebug.net/

letsdebug.netLet's Debug

@thechildofroth @rds does the ip actually fall into one of those ranges in the wikipedia article?

@xandris @rds Ahh, yes. It's in the range described as:

Shared address space for communications between a service provider and its subscribers when using a carrier-grade NAT

Hmm, is there a way around that (I knew didn't have a fixed IP but I was going to use my domain providers DNS API to dynamically update the IP as required.

@thechildofroth @rds oh wait hold up

you have cg-nat which means you don't have a unique external address at all from what i understand. if you go to ip.me or similar, the address it shows you is shared with other customers. the gateway would have no way to know which customer an incoming connection should go to

all that to say...more research needed on how to receive connections when behind cg-nat. i think cloudflare offers something for this for free...

Roth Child

@xandris @rds One potentially interesting aside is that when I opened the port for Jellyfin directly, on the router, I could access jellyfin via my domain, so it does seem that the IP does lead back to me at least. But if I just have 80 and 443 open, no dice.

@thechildofroth @rds on premises it would, but does it still work if you try from outside your house? like switch your phone to mobile data and try it