Score:1

Server

Connecting GCP VM instance to Google Domain

Marky

7/24/23, 2:51 AM

I am trying to connect a domain name I got from Google Domains to a Google Cloud Platform VM instance. My domain is .dev and when I tried nslookup and dig trace, they are already pointing to the right IP address. Accessing the website using this IP works fine. I just cannot access the same website via the domain name.

The following is the configuration I did:

In my VM instance (Compute Engine API):

Enabled http and https traffic
Has network tags http-server and https-server

In VPC newtorks API:

Made my external IP static
Firewall at tcp:443 allows traffic (default-allow-https rule)
When I tried running "netstat -tulpn | grep LISTEN", port 443 is not shown in the list. Webserver may not be listening to port 443

In Network Services API:

Added record sets for A and CNAME matching the DNS from Google Domains and external IP from VM instance

In Google Domains:

Modified the name servers to be the same as those from Network Services API Registrar Setup values (added under the custom name server tab)

Screenshots: Firewall screenshot Network Zone screenshot VM setup concerning firewall

Please understand that I do not have a networking background. Thank you so much for helping!

0 + 0

domain-name-system

dns-zone

google-cloud-platform

google-domains

John Hanley

7/24/23, 4:21 AM

1) Did you enable HTTPS on the webserver? 2) Did you install an SSL certificate? 3) Domains ending in .dev can only be accessed using HTTPS using a web browser.

Marky

7/24/23, 6:59 AM

Yes, the https is enabled. I was supposed to create an SSL certificate next, but I cannot register my domain name because it refuses to connect to the IP of my server.

John Hanley

7/24/23, 7:10 AM

Everything in your screenshots is fine. That leaves an internal firewall (UFW) or the webserver. Edit your question and include details on them. Also, verify that your web server is listening on port 443 for the network interface: **netstat -tulpn | grep LISTEN**

Marky

7/25/23, 12:21 PM

I have checked if the web server is listening on port 443 and edit the question above accordingly. It looks like it doesn't. I'm not sure where to find the internal firewall in GCP. A little help? All i know is the firewall rules from VPC network API.

John Hanley

7/25/23, 5:07 PM

No listener for port 443 means the webserver is not configured to listen for requests on port 443.

Marky

7/25/23, 11:13 PM

Thanks. I configured my server conf file and have it listen to 443 instead of 80. Also, I added an SSL cert to it. After these, everything worked well! Thanks a lot for your help @John Hanley!

John Hanley

7/25/23, 11:28 PM

You still want the webserver to listen on port 80 as well. Redirect port 80 connections to port 443 (HTTPS Redirect).

Marky

7/26/23, 1:07 AM

Oh yes, I forgot to mention. I am still listening to port 80, I put it in a separate server clause in the conf file.

Score:1

Server

Marky

7/25/23, 11:23 PM

Answer based on the comments of @John Hanley:

A website with .dev domain name extension requires port443 to be open. Check that the web server is listening to this port by running netstat -tulpn | grep LISTEN.
Since (as stated in the question above) port443 does not appear in the list, configure your web server to listen to port 443. In my case, I am using nginx as my server so I edited the file in /etc/nginx/nginx.conf to make my server listen to port 443.
At this point, trying to access the website will return an error that you don't have an SSL certificate. So create one. I used certbot for this to generate the ssl certificate and key.
Go back to the nginx.conf file and switch ssl on, add the ssl cert and key. It should look something like this:


    ...
    server{
           server_name example.com www.example.com;
           listen 443;
           ssl on;
           ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
           ssl_certificate_key /etc/letsencrypt/live/bdcs.dev/privkey.pem;
           location / {
               ...
           }
           ...
     }
     ...

Restart the server (sudo systemctl restart nginx)

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Connecting GCP VM instance to Google Domain

TH: กำลังเชื่อมต่ออินสแตนซ์ GCP VM กับโดเมน Google

RO: Se conectează instanța VM GCP la Google Domain

RU: Подключение экземпляра виртуальной машины GCP к домену Google

VI: Đang kết nối phiên bản GCP VM với Google Domain

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.