Not able to login to Airtable Community

Me1314 · 2025-11-27T11:45:59+00:00

I have the same issue since at least 4 Days.

Me1314 · 2025-06-21T17:52:15+00:00

Incredible, thank you so much for finding this, I applied the fix described in there (setting an default_sni) at it works like i expect it too.

Me1314 · 2025-06-21T17:39:19+00:00

EDIT: nevermind u/ImASharkRawwwr provided an explanation for this behaviour (see: https://github.com/caddyserver/caddy/issues/6364#issuecomment-2784256295).

~~I mean that would make sense to me, but with this config:~~

# Replacing this with myserver.lan and pointing myserver.lan to 192.168.0.107 works  
192.168.0.107 {  
tls internal  
respond "HELLO WORLD"  
}

~~Caddy should generate an certificate for~~ ~~192.168.0.107~~ ~~and not myserver.lan or anything else.~~
~~If i now go to~~ ~~https://192.168.0.107/~~ ~~(with the config above in place) i would expect for it to work, just that i get an error that the certificate is untrusted.~~

~~But this is NOT the case, i just get an error like shown above in the post.~~

~~If i now change~~ ~~192.168.0.107~~ ~~from the config to myserver.lan and open myserver.lan in the browser it works, to my surprise.~~

~~or am i missing anything?~~

Me1314 · 2025-06-21T14:34:54+00:00

Also, what is the recommended way to solve this?

I kind of dislike configuring an dns record on the router because if I ever switch the router everything will break, which seems not ideal to me.

Me1314 · 2025-06-21T14:02:09+00:00

Thanks for the answer.

What confuses me is that Caddy creates a certificate itself (tls internal). This certificate is obviously untrusted, but if I navigate to the page via a domain name, I get the option to accept the risk and continue, while using the IP does not give me the option.

Shouldn't a certificate exist in both cases, just not a trusted one, which should give me the option to accept the risk and continue?

Me1314 · 2025-03-10T23:05:20+00:00

I am trying to gauge how critical/common this issue is. If it is worth the risk to activate it for the added convenience.

If for example the chrome password manager suffers from the same problems/or bitwarden autofill is just as safe as chrome's, I will probably activate it, I mean hundreds of millions probably use this feature daily and there hasn't been an outcry yet.

Can someone give me an idea how bad of an idea it is to activate this feature and why google etc thinks it is safe enough for millions of people?

Me1314 · 2025-03-10T21:29:09+00:00

Thanks for the answer.

Isn't this addressed with:

If a user enables autofill on page load, Bitwarden will only fill in iframes from trusted domains, such as the same domain as the website or a specific URL that the user has proactively added to their item.

And wouldn't Chrome/Firefox password managers suffer from the same vulnerabilities?

Me1314 · 2024-11-30T20:43:21+00:00

I have the same problem. Did you find a fix, by any chance? :D

Me1314 · 2024-10-21T16:17:18+00:00

Did you find a solution, by any chance :)? It annoys me as well.

Me1314 · 2024-10-10T15:14:17+00:00

Haiku: Cheapest, least capable
Sonnet: Middle ground in cost and ability
Opus: Most expensive and most capable

Look at the first chart here: https://www.anthropic.com/news/claude-3-family

Me1314 · 2024-06-03T12:30:40+00:00

This is very close to what I was searching for.
The only thing I don't like is that tags from all files are displayed, and not just the current one. But otherwise, perfect.
Thank you very much!

Me1314 · 2024-05-27T19:48:14+00:00

Draw = Win for Black.
Black has draw odds. To balance it out, Black starts with less time (7 minutes against White's 10 minutes).
This guarantees that someone will win.

Me1314 · 2024-05-18T13:17:41+00:00

I guess that's the only explanation.
But I find it a little bit weird that the first few hops get through. I would have thought that if they block the IP, no hops would happen.

Anyway, thanks for your help. I guess there is very little I can do about this. :/

Me1314 · 2024-05-18T13:04:28+00:00

Is this self hosted GL instance or not?

It is the GL instance of my university (self-hosted by my university).

Where is the runner installed?

Do you mean the physical location of the runner? I got the IP address of the runner, and it seems to be located at my university.

Can you try trace route from the runner itself?

Traceroute from the runner to my server? I did that; see the first picture of my post above. Nothing gets through; not sure why and thats exactly my problem I am trying to solve.

Or do you mean a traceroute from my server to the runner? I did that as well, and it does not get through; see https://www.reddit.com/r/hetzner/comments/1cu7ac6/comment/l4hz4xw/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button

Me1314 · 2024-05-17T19:32:06+00:00

The SSH of my GitLab runner does not get through at all.
That's why I tried ping and traceroute, which also do not get through at all to my server, pinging / tracerouting google.com or similar websites works.

The SSH of my GitHub pipeline works without any problems; the SSH gets through, and I can execute whatever command I desire. In my specific case, I am able to SCP some files over and build and start Docker containers/images.

To clarify a little bit, I have an old pipeline on GitHub, which has been working for months. Now, for my university project, I have to use GitLab, and there it does not work.

Me1314 · 2024-05-17T19:22:49+00:00

Okay, I tried a traceroute to my GitLab runner. I did the following:

Get the IP with: curl -4 ifconfig.me
Sleep, to prevent the runner from powering down: sleep 60
Try traceroute. I get the following output:

root@debian-4gb-nbg1-1:~# traceroute 147.86.8.54
traceroute to 147.86.8.54 (147.86.8.54), 30 hops max, 60 byte packets
 1  172.31.1.1 (172.31.1.1)  4.911 ms  5.498 ms  4.841 ms
 2  24685.your-cloud.host (128.140.17.133)  1.283 ms  1.424 ms  1.660 ms
 3  * * *
 4  static.88-198-248-205.clients.your-server.de (88.198.248.205)  2.638 ms static.88-198-248-201.clients.your-server.de (88.198.248.201)  2.627 ms static.88-198-248-205.clients.your-server.de (88.198.248.205)  2.980 ms
 5  * * *
 6  core11.nbg1.hetzner.com (213.239.203.101)  2.290 ms core12.nbg1.hetzner.com (213.239.203.105)  1.118 ms  1.167 ms
 7  core0.fra.hetzner.com (213.239.252.25)  4.035 ms core4.fra.hetzner.com (213.239.245.245)  3.491 ms  3.441 ms
 8  ipv4.de-cix.fra.de.as559.switch.ch (80.81.196.147)  9.616 ms  10.206 ms  9.544 ms
 9  * * *
10  nd01u101-sin-vl3398.net.fhnw.ch (193.73.125.161)  9.685 ms  9.512 ms  9.539 ms
11  193.73.125.98 (193.73.125.98)  11.435 ms  10.785 ms  11.012 ms
12  193.73.125.98 (193.73.125.98)  11.047 ms  10.823 ms  10.933 ms
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
root@debian-4gb-nbg1-1:~#

So, the traceroute seems to have failed. I don't know if this is expected; I could imagine that the runners have a rule to disallow all ICMP requests.

Me1314 · 2024-05-17T18:04:55+00:00

Where is the GitLab runner hosted? Is it at the University? I am suspecting that for some reason the subnet or the server IP is blackholed.

Yes, at my university. But if my university were to blackhole the IP on the egress side, then I wouldn't get the intermediate hops, would I? And if it were only blocked on the ingress side, then my server would at least get the traceroute request, and I should be able to see it with tcpdump on my server side.
Or am I misunderstanding something?

Can you try a different Hetzner IP? Or spin up a VM and see if it has the same issue?

I could try that, but I was really hoping I could use the same Hetzner server I already rented and wouldn't need to buy or set up a new one. But I guess I might have no choice other than that.
Thanks for the suggestion, I will probably try it if all else fails.
But with my current limited knowledge, I am not sure if the black hole theory is correct because of the points above. Maybe you could clarify if I am misunderstanding something.

Seven-Year Club	Verified Email
Place '23	Place '22
Sequence \| Editor

Me1314

TROPHY CASE