this post was submitted on 05 Oct 2024
24 points (100.0% liked)

homelab

171 readers
1 users here now

founded 4 years ago
MODERATORS
CMonster@lemmy.ml
24
What do you use for DNS in your Homelab? (discuss.tchncs.de)
submitted 4 months ago by Kage@discuss.tchncs.de to c/homelab@lemmy.ml
24 comments fedilink hide all child comments
 

Hey there, im looking into setting up a DNS Server in my Homelab, i would like something like this:

  1. Server in Docker on my Proxmox Server
  2. Server in Docker on my NAS and
  3. Server in my "Cloud" Network

Do you guys have any recommendations on how i could accomplish this? Otherwise i will just use PiHole with sync again or something like it :)

top 24 comments
sorted by: hot top controversial new old
[–] OR3X@lemm.ee 6 points 4 months ago (1 children)

Two PiHole servers. One is hosted via docker on my primary file server and the other is hosted in a Hyper-V VM on my sole windows box. The VM one is also my DHCP server.

[–] Kage@discuss.tchncs.de 1 points 4 months ago

I had this setup a couple of months ago, worked great with gravity-sync :)

[–] ReversalHatchery 5 points 4 months ago (2 children)

I use pihole for its good filtering, selective filtering, statistics and logging capabilities, and technitium dns as its upstream for it's superior capability in defining dns records, and because I can use a DoH dns provider with it

load more comments (2 replies)
[–] leverage@lemdro.id 5 points 4 months ago (1 children)

Unbound on my OPNsense firewall. I don't have advice for you, do you have some specific goals besides just having a DNS?

[–] Kage@discuss.tchncs.de 1 points 4 months ago (1 children)

Not really, just fed up with remembering IP-Adresses :)

[–] leverage@lemdro.id 2 points 4 months ago

Look at reverse proxy instead. While you can do what you're after with DNS, a bunch of the reverse proxy systems will automatically deal with SSL certificate, and there are even a couple that eliminate essentially all configuration outside of your docker file. Like, add a new docker and it automatically configures appName.domain.tld with SSL assigned. And if you ever decide to expose that address to the Internet, reverse proxy makes that simple and provides some security options as well.

I use Caddy for my reverse proxy running from my OPNsense firewall, but if you want the automation with docker there are better options.

[–] Penguincoder 5 points 4 months ago (1 children)

Technitium

[–] Kage@discuss.tchncs.de 3 points 4 months ago (1 children)

I will give this one a try, had a eye on it before asking already :D

[–] arcayne@lemmy.today 3 points 4 months ago

Solid choice. It's been my go-to DNS+DHCP solution for over 5 years and has never let me down. Also a fan of DNSDist+PowerDNS, but for most environments (especially home/lab), Technitium wins by a mile.

[–] AlternateRoute@lemmy.ca 4 points 4 months ago (1 children)

I run Unbound on my opnsense firewall.

[–] Kage@discuss.tchncs.de 1 points 4 months ago

I think i will try unbound too :) Thank you!

[–] dotslashme@infosec.pub 3 points 4 months ago

I use Blocky as my DNS server.

[–] biscuitswalrus@aussie.zone 3 points 4 months ago (1 children)

Two pihole servers, one n VM vlan, one on device VLAN with OpnSense delivering them both via DHCP options. I sometimes update lists, like yearly... At best. They've been there over 7 years. Calling them robust is correct. The hypervisors are 3 proxmox servers in cluster using ceph. Intrl NUC 3rd Gen. Less than 80w combined with all vms. Also 8 years old no failures but tolerant for it.

[–] ReversalHatchery 3 points 4 months ago* (last edited 4 months ago) (2 children)

I sometimes update lists, like yearly... At best

Don't they get updated automatically?

[–] Kage@discuss.tchncs.de 1 points 4 months ago

I think you can configure them to do so :)

[–] biscuitswalrus@aussie.zone 1 points 4 months ago

Iirc I seem to find whatever was configured dead or no longer the cool choice when I check online.

Whatever it is, I barely touch it and it works great. Very happy.

[–] con_fig@programming.dev 2 points 4 months ago

My home lab is small so I just run BIND ony server

[–] LeTak@lemm.ee 2 points 4 months ago

Two Pi-Hole docker container on two different servers. OpnSense DNS Plugin. Fallback, NextDNS Alternative, AdGuard is also a good DNS.

[–] MangoPenguin@lemmy.blahaj.zone 2 points 4 months ago

The default Unbound server on Opnsense.

[–] BlueEther@no.lastname.nz 2 points 4 months ago

I use AdGuard in my OpnSense firewall.

Why do you want a server on proxmox and NAS? or have I read this wrong?

[–] Coelacanthus@lemmy.kde.social 2 points 4 months ago

Just run it as systemd service on my server.

[–] oh_gosh_its_osh@lemmy.ml 2 points 4 months ago

CoreDNS in Docker to mix things up here a little.

[–] apt_install_coffee@lemmy.ml 2 points 4 months ago* (last edited 4 months ago)

I use PiHole+Unbound in a podman quadlet, and give it its own macvlan. Works great for me.