this post was submitted on 26 Nov 2023
3 points (100.0% liked)

Self-Hosted Main

21 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

I have read many posts in this subreddit and so many recommend using a domain (buying it) and then registering DNS.

Maybe I misunderstood because I'm new, but in theory isn't it enough to use a DNS in lan like pihole, and then from the client browser using Wireguard simply write the domain defined on pihole? (Maybe even configuring nginx to have all the ports pointing to the correct services)

Am I wrong?

top 10 comments
sorted by: hot top controversial new old
[–] ervwalter@alien.top 3 points 1 year ago

The point of purchasing a registered domain name and connecting it to a public DNS server is to make it findable from any Internet location. If you only ever want to use the domain name internally, you don't need to have a public domain name and you can make up your own internal domain name that is served by your local DNS. To avoid future conflicts with public domains, I'd probably use a TLD that doesn't exist (e.g. not .com or the like).

[–] lesigh@alien.top 2 points 1 year ago

A lot of people self host for themselves, family, friends, clients. It's easier to say "hey, login to x service at homelab.com"

If you do everything within the network, I guess you don't really need a domain

[–] user3872465@alien.top 2 points 1 year ago (1 children)

Yes, because how will you acces wireguard? Whats your endpoint?

I mean its all fine if you have a static IP which never changes but that usually is not the case anymore. So you need a domainname to update. Also vpn.youlab.tld is esier to remember than 131.234.142.83

[–] spanky_rockets@alien.top 1 points 1 year ago (1 children)

ddns also works and it’s free

[–] user3872465@alien.top 1 points 1 year ago

Well ddns is just dns which get auto updated via helper script which you can do yourself on your own domain aswell. So yes Point still stands. And a domain which is yours might still be nicer than a bottom of the barrle subdomain. Of which you often also don't get unlimited

[–] SillyLilBear@alien.top 2 points 1 year ago

SSL is the main reason, this way your traffic is encrypted from snoopers on your land, and you don't get the warning messages about it not being secure.

You can use a sub domain from desec for free to do this.

[–] LastTreestar@alien.top 2 points 1 year ago

Sheepism.

Correct; You don't need a domain name.

[–] DesolateWolf@alien.top 1 points 1 year ago

Can't get SSL certificates for an unregistered domain, my bitwarden instance is purely local (+VPN) but I still need SSL for it to work properly and I'm really not interested in managing my own CA and installing certificates on all my devices.

[–] EndlessHiway@alien.top 1 points 1 year ago
[–] Simon-RedditAccount@alien.top 1 points 1 year ago

Lack of time or interest (or both) in: managing local DNS, using .home.arpa and running own CA.

It's tricky (especially running your own CA in a proper way), and not everyone wants to do it. Also, running it in a proper way it requires knowledge, and some people don't have it...

Actually, distribution of your root CA certificate is not that difficult.

NOTE: this addresses strictly OP's question about LAN-only access. External access or varying devices used to access is a completely different story.