Question

Noob question - do I need to add a domain to my droplet for my site to show?

Posted November 16, 2020 105 views
ApacheDNS

So, to preface, I already have 6 or 7 other sites all working just fine on my droplet. The basic setup:

  1. Registrar points to Cloudflare
  2. Cloudflare points to Digitalocean (two a records with droplet ip address)
  3. On Digitalocean I have an ubuntu droplet with apache and multiple virtual hosts.
  4. I also have each of the domains set up with Digitalocean. Each one has 3 NS records (ns1.digitalocean.com etc) and 1 A record (to the same ip address as on Cloudflare).

So, I was setting up a new site today and I’m really curious if step 4 is necessary?! I mean, isn’t the whole point of my using Cloudlare having the a records set up there? So I decided to try without step 4 and my site is still not showing (about 4 hours later). Perhaps this is just a timing thing and it will show shortly, but I’m now obviously wondering if it is necessary after all. Or does it take some time for Digitalocean to be able to connect calls from Cloudflare to the right virtual host?

Or is part of it necessary - for example the NS (perhaps that is how Digitalocean knows where to link that call from Cloudflare?).

I’m clearly a noob here, and I can always go back to what has worked in the past, but I’d REALLY like to understand what is happening here and if I can cut out a call it seems like a good thing in the long run.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi, let’s see if we can help make sense of this.

So, I was setting up a new site today and I’m really curious if step 4 is necessary?! I mean, isn’t the whole point of my using Cloudlare having the a records set up there?

From what you’ve described, step 4 should not be required. If you perform a WHOIS search on your domain and the name servers listed there are Cloudflare’s, then it’s only Cloudflare’s DNS config that applies.

Perhaps this is just a timing thing and it will show shortly, but I’m now obviously wondering if it is necessary after all.

DNS query results can be cached in many places, with different TTLs for successful queries and unsuccessful queries (eg NXDOMAIN). A common suggestion is to wait up to 48 hours not only for the new information to propagate but also for any bad caches to expire.

Or does it take some time for Digitalocean to be able to connect calls from Cloudflare to the right virtual host?

In this case, your droplet has nothing to do with the DNS resolution path - when a client (a user) requests a domain name it is resolved to an IP address. The domain name is sent as a host header as part of the website request to your droplet and Apache then determines which virtual host config to use.

Or is part of it necessary - for example the NS (perhaps that is how Digitalocean knows where to link that call from Cloudflare?).

You only need to configure your domain in DigitalOcean’s Network > Domains service if you have pointed your domain to DO’s name servers at the registrar level (step 1, which is configured for Cloudflare as stated)

I suspect that your issue is a bad DNS result cached with the DNS servers your workstation is configured with but it’s always good to check with a 3rd party service, something that is not on your network.

Here’s DO’s tool, just plug your domain in and see if the first response comes back with the IP address of your droplet.

https://www.digitalocean.com/community/tools/dns

In this case, it might be good to double-check that result with a true 3rd party, like this handy tool to check on your domain’s propagation and configuration.

https://www.whatsmydns.net/

Hope this helps and good luck! Please let us know how it turns out or if you have any other feedback.

  • Wow - this is a great reply, and very clear. Thanks a lot! So, it’s as I suspected then that I do not have to add any domains to my droplet via the backend. I checked those sites you mentioned and both came back with Cloudflare’s IP, which is not really strange since that’s proxied. Turned off the proxy now for testing and the droplet IP comes back. So I guess then that means that is all set up correct in any case. The site is still not returning anything though, which is kind of weird, but perhaps that is due to some other cache. I’ll continue waiting :)

    • Gah - I had cloudflare set to full ssl/tls, whereas it should have been flexible. No wonder. Anyway, all working as expected now, and great to have a definitive answer here for the future.

Submit an Answer