Open johndturn opened 1 week ago
In case anyone else would like to try and get around this issue for the time being, I've created a small val (from val.town) that proxies through the API forcing HTTP instead. You can use the following endpoint to get a random quote that won't through DNS errors:
GET https://johndturn-quotableapiproxy.web.val.run/
Example Return value:
[
{
"_id": "r7qJ-YKIq2e",
"author": "Earl Monroe",
"content": "Just be patient. Let the game come to you. Don't rush. Be quick, but don't hurry.",
"tags": [
"Sports",
"Competition"
],
"authorSlug": "earl-monroe",
"length": 81,
"dateAdded": "2022-07-06",
"dateModified": "2023-04-14"
}
]
Overview
I love this API, and currently use it to populate quotes for my Obsidian-based journal and daily notes. Thank you so much for your work and support of it!
Unfortunately, about 3-4 months ago, I stopped being able to get responses from the API while on my local network. However, when on other networks I was able to receive data just fine. I investigated further and found that my PiHole / unbound setup was blocking the API due to a DNSSEC issue. I can't access the API without turning off DNSSEC protections entirely on my local setup, which I'm trying not to do.
For more information on the issue specifically for the
api.quotable.io
endpoint, see this link here.I know that this is likely an easy thing to classify as just a "me" problem. However, and I could be wrong on this, I believe that this is actually something that probably should be addressed at the DNS level. Further, I haven't changed / updated anything with my local setup, which leads me to believe that something might have changed or been invalidated at the DNS level for the API.
Reproduction
Visit the link above that shows DNSSEC settings for the endpoint
OR
Expected Response
Getting any data at all.
Actual Response
Final Thoughts
If I'm wrong here, and all DNSSEC settings are actually up-to-snuff, and this is just an issue with my PiHole/unbound setup, please let me know. I searched for a while to see if I could even just ignore / disable DNSSEC specifically for this one domain, but I haven't been able to find anything allowing me to do this.