I’m having a bizarre issue setting up a new install. We’re moving from hosted to self-hosting our installation, and are using the domain www.pidforum.org. I have spun up an Ubuntu server, and am using the standard install. Domain is currently pointing at the IP of the server with @, *, and www. all set as A names.
installation appears to go without a hitch…everything looks like it’s working. Initial domain check says it’s ok, installation proceeds and completes. But it doesn’t work. Server isn’t listening on 443 or 80, and when i discourse doctor it says:
Discourse version at www.pidforum.org: NOT FOUND
Discourse version at localhost: NOT FOUND
Now here’s the weird thing…if i redo discourse-setup, and change ONLY the domain name to another domain i control (discourse.xxxxxxx.yyy) it works fine. Everything else is the same…same server, same everything, ONLY changing the domain name.
What could cause this? Help, I’m going insane trying to sort this out.
I’ve been futzing with this since Thursday of last week…i’m increasingly thinking it’s something with the Domain name specifically, but that makes NO sense at all (and also has no effective troubleshooting steps).
Is there anything I can test/try to narrow my problem scope? I’m comfortable as a sysadmin, but this has me questioning my life.
Did you recently change your nameserver to Digital Ocean? It looks like you have DNSSEC enabled for pidforum.org, but the Digital Ocean nameservers are not returning any signatures. Therefore, DNS servers like 8.8.8.8 are detecting the broken chain of trust, and refusing to return the records.
You can see more information using tools like this:
Ok, so the DNSSEC thing is weird, and not something I’d ever dealt with either, so thanks for the pointer.
I’ve tried to uncomplicate things by removing the digital ocean nameserver jump from the equation, and am now just using network solutions as both registrar and nameserver to try and eliminate possible errors/issues. That is propagating now (but i have tested this setup, and it doesn’t work either for reasons i don’t understand).
I’ll check the DNSSEC stuff after the nameserver change has some time to happen. But I am betting there’s something else going on as well.
…Network solutions has assured me that DNSSEC is off, and there is no interface for adding or removing a DS record in the admin interface for my domain.
Thanks for tracking this down, but i have no freaking clue where it’s living.