this post was submitted on 15 Jun 2023
9 points (100.0% liked)

Selfhosted

40018 readers
736 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

EDIT: Thanks for the info guys! Very excited to get this all set up

At the moment I have a bunch of self-hosting services hosted in the cloud. I plan to get rid of my cloud resources entirely and run stuff on some server hardware I acquired recently but my ISP doesn't give me a static IP and I'm behind a NAT or whatever it's called (the thing that makes multiple people's home connections be behind a single public IP) so I don't think I can even expose directly to the internet. So my plan is to have a very small and cheap server at a data center and proxy my actual server behind that.

My question is, is there a way that I can set things up so that the same domain can connect directly to the server when I'm at home, and to the proxy when I'm not? The difference would be what connection I'm connected to (my home WiFi vs 5G/others' WiFi). I'm thinking I could maybe run DNS on the server and configure my router to use that as a DNS server, but wouldn't my phone/laptop cache DNS entries? So it'd still try to connect to the local IP even when I'm out.

top 12 comments
sorted by: hot top controversial new old
[–] mwlczk@lemmy.world 13 points 1 year ago

Use a dedicated DNS-service on your local network which has the local IPs in it's DB. Use that DNS-service as your first/primary DNS on your local network (settings).

[–] pete@lemmy.world 10 points 1 year ago

Yes, this is called split horizon dns, basically, you have to control the DNS servers.

First, make a forwarding/resolver/cache, tell it to forward all requests for your_domain to your internal authoritative DNS server, it will return your internal IPs, externally though, when that domain is looked up, it will return the public ips of that host.

[–] ItsMyFirstDay@lemmy.world 4 points 1 year ago

Depending on your wifi/router you could add a static DNS record for your domain while on the hi home network. The cached DNS will only matter while connected to the home wifi network. While on 5g you'll pick up the public DNS record. If it does some how cache the local DNS while public then shorten the ttl in the local DNS record

[–] r0ckr@lemmy.world 3 points 1 year ago (1 children)

This is the perfect opportunity to set up a pihole. Its primary purpose is to block ads network wide but since it is essentially a DNS with a block list you can also set custom dns-entries.

[–] jcg@halubilo.social 1 points 1 year ago (1 children)

Way ahead of you, was looking at dnsmasq earlier then pi-hole, then turns out pi-hole has dnsmasq rolled into it now so I don't even have to configure separate services!

[–] r0ckr@lemmy.world 1 points 1 year ago

Very good, that makes things much easier. Has been a while since I used pihole but when I did I used pihole to serve the internal IPs.

[–] Osayidan@social.vmdk.ca 3 points 1 year ago

Very possible and done all the time.

At home you run a local DNS server, plenty of options out there especially as a self-hoster: bind, power dns, microsoft DNS if you're into windows. you can also combine this with something like pihole to block ads and junk at the dns level.

You create the dns zone on your dns server, internal devices use that dns server. You create the same zone on a public DNS provider like cloudflare or whoever (or host your own if you feel like it, on your vps), with public IPs.

Any of your devices coming/going from your home should be using DHCP to obtain an IP. At home your DHCP settings would hand out the local DNS server, anywhere else you go you'll be using other DNS servers that will resolve the public IP. It should all be pretty seamless and transparent once set up.

[–] Atemu@lemmy.ml 2 points 1 year ago

Not exactly the solution you're describing but Tailscale or ZeroTier could be the solution to your problem.

They're P2P VPNs which don't require static IPs or even open ports.

I set up Tailscale to forward my home subnet via my NAS. That allows transparent access of the NAS itself and any other device on the home network no matter where I am (as long as there's internet).

[–] witten@lemmy.world 1 points 1 year ago (1 children)

There's some great advice here on how to accomplish this, but a note of caution: If you're doing this split DNS on a device that you expect to be able to walk out the door with and continue working properly.. Some apps will cache DNS lookups even beyond the configured TTL. Meaning that a running app that thinks your server has a particular IP might stop working as soon as you walk outside of WiFi range and that IP is no longer reachable. And it might stay not working for quite a while. Ask me how I know this. :D

[–] jcg@halubilo.social 1 points 1 year ago (1 children)

I feel like I know the answer already but how do you know this?

[–] witten@lemmy.world 1 points 1 year ago

Because I tried this exact scenario with the Home Assistant app. Local IP for my HA server's hostname configured on my home router, public IP for the hostname elsewhere. I walk out my front door with the HA android app running on my phone, boom, loses connectivity to the HA server as soon as I'm out of wifi range and never recovers.. The local IP is no longer reachable and the app isn't smart enough to look up the new one.

[–] root@u.fail 1 points 1 year ago

for PCs you can just add a hosts file entry, but that's probably not possible/too much work on phones. split horizon DNS is what you want.