this post was submitted on 04 Jul 2023
23 points (92.6% liked)

Selfhosted

39893 readers
469 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I got a homelab, at the moment I am only running some local stuff and tailscale to reach my stuff remotely.

I can use tailscales ddns, but I would like a real domain. Is there a domain registrator that works with dynamic ips? Or do I need to use a CNAME instead of A record?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 1 year ago (2 children)

It really depends on the company that you use to manage the domain's DNS. As long as they have an API to update DNS records..

For example, I can have my domain at Porkbun and have its DNS managed at Cloudflare. Cloudflare allows updating DNS records via API..so there's programs to update it. Some routers even support it.

Worst case, you can set up a service like duckdns and have your domain, via cname, point to the duck DNS subdomain.

There's options.

[–] [email protected] 5 points 1 year ago

Porkbun also has an api for updating records.

[–] [email protected] 2 points 1 year ago (1 children)

I think using the cloudflare API is the way to go. You could probably set up an internal service that translates your home router's dyndns request to a cloudflare API call.

[–] [email protected] 1 points 1 year ago (1 children)

Only if you had root access to your router. It’s a lot easier to write or find a very simple update script and schedule it to run every now and then via crontab.

[–] [email protected] 1 points 1 year ago

The daemon script is simpler, true. but usually you can just point your router at some dyndns URL and you could put an internal IP for that.

[–] [email protected] 5 points 1 year ago (4 children)

All domains works with Dynamic IPs - it all depends on what DNS-provider you use :) Provider like Cloudflare ( I do not recommend Cloudflare) and afraid.org both offer dynamic DNS.

[–] [email protected] 6 points 1 year ago (1 children)

Do you recommend afraid.org?

[–] [email protected] 4 points 1 year ago

Afraid.org is great :) I do recommend

[–] [email protected] 4 points 1 year ago (2 children)

Why don't you recommend Cloudflare?

[–] [email protected] 2 points 1 year ago (1 children)

It is a giant MITM proxy, and whoever who has access to their logs have the potential to gain a lot of control

[–] [email protected] 1 points 1 year ago

Don't have to use their proxy. My gateway router uses cloudflare to set the IP via the API and I just use self-signed certificates. A record resolves to my gateway, not some cloudflare server.

They also do a lot of work in the privacy space. Encrypted Client Hello to protect SNI came from them.

If you use any company for TLS termination they can MITM (e.g. AWS certificate manager).

[–] [email protected] 1 points 1 year ago

Its market share defeats the point of self-hosting.

load more comments (2 replies)
[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

There are many ways to update dns automatically, I have used this container in the past. You could probably even write a bash script/cron job that checks your IP and updates it with curl depending on your DNS provider.

If you are already running tailscale you may be interested in using a funnel, which lets you accept and route internet traffic to your tailnet. I don't use tailscale so can't comment on how good/bad/useful this is.

You could also run some sort of service like frp from some remote box (like a VPS in DO/Linode/etc). This or the funnel lets you not expose/advertise your home IP address if that is a consideration.

[–] [email protected] 1 points 1 year ago (2 children)

Oooh thanks for the tip about frp. Interesting.

[–] [email protected] 1 points 1 year ago (1 children)

I actually just migrated things to a setup that is pretty neat using FRP: I run frps on 2 Linodes in the same datacenter and have set up IP sharing for failover between them (which is a neat feature Linode, Vultr and probably a few others offer), and then I run 4 frpc's, two for each frps in case one of them breaks somehow. Lots of redundancy without all that much effort.

[–] [email protected] 1 points 1 year ago

It sounds pretty awesome. Just wondering if adding additional complexity to the setup is worth it to obfuscate my home IP. Easily setting up redundancy is a good feature in that regard though.

[–] [email protected] 1 points 1 year ago

I usually use autossh to establish a persistent port tunneling but sometimes got frustrated with the performance of the encrypted tunnel for some use case. Sometimes I don't need encryption, but need to saturate my nic. frp seems to fit this use case.

[–] [email protected] 3 points 1 year ago

Cloudflare, Porkbun, Namecheap and many other registrars offer dynamic DNS via API or a ddns client very easy to setup.

[–] [email protected] 2 points 1 year ago (3 children)

CloudFlare ZT tunnels coupled with an Azure AD. Work’s amazingly with their containers to keep the tunnel alive.

load more comments (3 replies)
[–] [email protected] 1 points 1 year ago (2 children)

Does your ISP support IPv6?

[–] [email protected] 3 points 1 year ago

Silly as it is, many ISPs hand out dynamic IPv6 prefixes that may change once in a while. Or "dynamic" prefixes that never seem to change (but are not guaranteed never to change).

The reason is of course that they like being able to charge extra for static IPv4 addresses, and they see no reason to get rid of that revenue source for IPv6.

[–] [email protected] 1 points 1 year ago (1 children)

I think I can ask them about it. Never really used ipv6. Maybe that's even better. Then I can maybe use more than one IP even. I don't know how the ISPs deal with it. Do I only get one for my router, or can I get a bunch of them.. hmm

[–] [email protected] 3 points 1 year ago (2 children)

with IPv6 you are able to address your internal network devices directly without port forwarding. Just make sure your router and other gear support it so you have everything you need.

[–] [email protected] 3 points 1 year ago

This is the way.

[–] [email protected] 2 points 1 year ago (1 children)

Yea, my stuff supports it. But I never checked out how the ISPs is dealing with it. I will check it out!

load more comments (1 replies)
[–] [email protected] 1 points 1 year ago

Do you want the host to be accessible fully from any host, or do you control all hosts you want to access it?

For mine, all the devices I want to access my personal host I have setup zerotier, and then pointed cloudflare at my zerotier address.

Any device I want to access my host (outside of my local network) requires zerotier.

I don’t want anything outside of my control accessing my host

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

I used No-IP for this very thing many years ago (using a domain on a server with a dynamic IP, anyway). I don't know how it is now, but a quick search shows it is still around.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

No-IP has been great for me for about a year now. No complaints.

[–] [email protected] 1 points 1 year ago

I use cloud flare DNS and it has support for dynamic IPs, my current setup is through a plug-in in my PFSense router

load more comments
view more: next ›