So, by adding an entry to /etc/hosts for my FQDN, I was able to make hostname -f return the FQDN, and cert generation worked. So this issue, as such, is solved. I’d consider it poor design that cert issuance depends on an automatically-generated email address that can’t be edited, but it’s at least working.
But there’s a broader issue that isn’t resolved, and it affects Rocky, Alma, and Oracle. If you run through the installer for any of them, and set the hostname there to your desired FQDN, NS8 picks up that hostname just fine, at least for when you go to create a cluster. But if you don’t set the desired FQDN during installation (either because you forget to, or because it’s installed for you by a VPS provider), the steps described above (hostnamectl set-hostname sub.domain.tld and editing /etc/hosts) are inadequate–the system still thinks it’s called localhost.localdomain when you go to create a cluster, and Prometheus also thinks the system’s called that (its autogenerated URL is http://localhost.localdomain/foo). I don’t know what else is affected, if anything. But two things appear to be the case:
The Rocky/Alma/Oracle installer is doing something different to set the system hostname than any method I’ve been able to find on Google, and
NS8 is doing something different to read the system hostname than anything I’ve been able to find.
Hopefully this topic will result in more light being shed:
If there isn’t a general answer for NS8 as a whole, perhaps we can start with the “create cluster” page. It does something to try to determine what the VPN endpoint address should be–what is it?
root@D1:~# cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 D1.deb11-pve.org D1
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.0.1 cluster-leader
10.5.4.1 cluster-localnode
I recall that on rocky I need to manually modify the /etc/hosts to add the domain name first before the localhost else I have some issues. I did first the attempt to modify the domain name by the command hostnamectl hostname domain.com
[root@droplet1 ~]# cat /etc/hosts
# Your system has configured 'manage_etc_hosts' as True.
# As a result, if you wish for changes to this file to persist
# then you will need to either
# a.) make changes to the master file in /etc/cloud/templates/hosts.redhat.tmpl
# b.) change or remove the value of 'manage_etc_hosts' in
# /etc/cloud/cloud.cfg or cloud-config from user-data
#
# The following lines are desirable for IPv4 capable hosts
127.0.0.1 droplet1.nethserver.eu droplet1
127.0.0.1 localhost.localdomain localhost
127.0.0.1 localhost4.localdomain4 localhost4
# The following lines are desirable for IPv6 capable hosts
::1 droplet1.nethserver.eu droplet1
::1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
I think we might have an issue to document or a bug
Ding ding ding! That does seem to have addressed the issue, at least with my local installation of Rocky 9. Starting from a clean installation where I did not set the hostname in the installer, I did hostnamectl set-hostname <fqdn>, followed by systemctl restart systemd-hostnamed, and then edited /etc/hosts. The first line there read 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4; I edited it to read 127.0.0.1 <fqdn> localhost localhost.localdomain localhost4 localhost4.localdomain4. Then rebooted for good measure.
After rebooting, ran the NS8 installer, logged in to the GUI, selected Create Cluster, and the specified FQDN was filled in as the default. Continued and installed Prometheus, and the Public URL was generated with that FQDN as well. That’s as far as I’d pursued the issue previously, but it appears to be fixed.
I’ll test it on Alma 9 as I have time; if it works there, I’ll try on the Contabo VPS.
I think so. If hostname, hostname -f, and hostnamectl all think the hostname is sub.domain.tld, and NS8 thinks it’s something else, that sounds like NS8 is doing something wrong.
This notified me that the hostname wasn’t in /etc/hosts, and I needed to run echo '127.0.0.1 rockyjones.local' >> /etc/hosts. So I did, and ran the installer again.
The installer completed at this point, so I logged into the /cluster-admin/ page and went to Create Cluster. And the VPN endpoint address defaulted, not to the system’s hostname, but to localhost (not, as it had previously been, localhost.localdomain).
After correcting that, I continued, went to the software center, and installed Prometheus. Its “public URL” continues to be formed as https://localhost.localdomain/blahblahblah.
