I have deployed a self-hosted git server (using Charm’s soft-serve) and I am able to connect via the default domain fly provides. however when I set a custom domain, I am unable to establish a connection, leading to a timeout.
$ ssh git.adoublef.dev -v
OpenSSH_9.8p1, LibreSSL 3.3.6
debug1: Reading configuration data /Users/me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to git.adoublef.dev port 22.
ssh: connect to host git.adoublef.dev port 22: Operation timed out
I am using a cloudflare domain and wondering what could be the issue.
I think that with Cloudflare, having the proxy on (for all A,AAAA & CNAME) is actually causing a problem with connecting (I get timeouts due to this). If it defeats the purpose of cloudflare (I only use them for the domain when Google discontinued their services), then I am unsure where to look into for a proper solution.
Seems that using Full also yields issues when I have proxy set for A/AAAA (CNAME is not set). I wonder if it be best for me to cross-post onto the CF community site for additional support.
I was overlooking a previous solution you made to a similar post & when readding the certs from the cli I get this warning suggesting to remove the proxing feature if not needed. given this is a self-hosted git server do I need the proxy features?
You're using Cloudflare's proxying feature (orange cloud active) for this hostname.
If you do not need Cloudflare-specific features, it's best to turn off proxying.
The only way to create certificates for proxied hostnames is to use the DNS challenge.
You can validate your ownership of git.adoublef.dev by:
1: Adding an CNAME record to your DNS service which reads:
CNAME _acme-challenge.git.adoublef.dev => git.adoublef.dev.*.flydns.net.
If you've already set this up, your certificate should be issued soon.
For much more information, check our docs at: https://fly.io/docs/networking/custom-domain/