Comment on [question] Help me access my local homeserver using a public domain name
HelloRoot@lemy.lol 17 hours agoThen you don’t need to pay porkbun and can just selfhost a DNS with that entry like technitium.com/dns/
Comment on [question] Help me access my local homeserver using a public domain name
HelloRoot@lemy.lol 17 hours agoThen you don’t need to pay porkbun and can just selfhost a DNS with that entry like technitium.com/dns/
slazer2au@lemmy.world 17 hours ago
That’s true but then I would have to deal with PKI, cert chains, and DNS. When now all I need to do is get Traefik to grab a wildcard Let’s Encrypt cert and everything is peachy.
HelloRoot@lemy.lol 17 hours ago
That doesn’t make any sense
ShellMonkey@piefed.socdojo.com 16 hours ago
I think I can see where they're going with it, but it is a bit hard to write out
Say I set up my favorite service in house, and said service has a client app. If I create my own DNS at home and point the client to the entry, and the service is running an encrypted connection with a self signed cert it can give the client app fits for being untrusted.
Compare that to putting NPM in front of the app, using it to get a LetsEncrypt cert using the DNS record option (no need to have LE reach the service publicly) and now you have a trusted cert signed by a public CA for the client app to connect to.
I actually do the same for a couple internal things that I want the local traffic secured because I don't want creds to be sniffable on the wire, but they're not public facing. I already have a domain for other public things so it doesn't cost anything extra to do it this way.
frongt@lemmy.zip 14 hours ago
No, you’d just need to deal with running DNS locally, you can still use LE for internal certs.
But you still need to pass one of their challenges. Public DNS works for that. You don’t need to have any records in public DNS though.