TheHobbyist
@TheHobbyist@lemmy.zip
Just a stranger trying things.
- Comment on [question] Help me access my local homeserver using a public domain name 1 day ago:
Interesting setup. Funnily, I have one specific subdomain hosted on an actual cloud provider, publicly and all other subdomains are private and local. It works just fine :)
In the end, there’s like a tradeoff between enjoying your system as is and pouring I don’t know how many hours in setting it up when it’s a new idea haha
- Comment on [question] Help me access my local homeserver using a public domain name 1 day ago:
I’m not trying to expose it to the internet and there are indeed multiple solutions to get HTTPS. This one works with a real domain name is what works best for me :)
- Comment on [question] Help me access my local homeserver using a public domain name 1 day ago:
Yes it does. Are you using Firefox? And you can’t resolve local ip addresses, so that’s why you are setting this exception?
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Wouldn’t that require me to use tailscale even at home on my home network? It also does not provide HTTPS unless you maybe use magic DNS, but then we’re back to using a public domain I guess.
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Since it knows the DNS will always be public, it also knows that the 192.168.10.20 address is not routable on the internet where it found it.
That is in fact not it. I left the default firefox DNS setting. I simply enabled
network.trr.allow-rfc1918
from within theabout:config
which allows the resolution of local IP addresses. It now works. All my DNS are public, I make no use of any private, local DNS. - Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
This was not required in my case, but maybe it solves other issues?
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Works flawlessly with my tailscale setup :) Thanks for asking!
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Thanks for your response. Indeed, this is only for myself within my home network. No split DNS required, the public DNS record mentions my local private IP address which of course will only resolve to my homeserver from within my home network and will not lead anywhere for anyone else from any other network. That’s all what makes this great. Yes, I did the DNS challenge as I mentioned in my OP and retrieved a wildcard certificate for all my local needs :)
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Yes, I now managed to make it fully work on firefox too, needed to set
network.trr.allow-rfc1918
totrue
in theabout:config
settings! :) - Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
so some apps (like Firefox) with internal hard-coded DNS functions Thank you! This was the information I needed! It landed me on this page support.mozilla.org/…/firefox-dns-over-https which shows
When DoH is enabled, Firefox by default directs DoH queries to DNS servers that are operated by a trusted partner, which has the ability to see users’ queries
and lead me to this page wiki.mozilla.org/Trusted_Recursive_Resolver where I was able to read more about it. That explains why it does not work, I appreciate the insight! - Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
No, it is not fully working. Many have tried to explain to you that your setup only works for YOU on YOUR subnet.
That’s exactly what I want. I don’t know why you thought I wanted something else? I’m trying to expose reach services in my home network from home, using HTTPS, without requiring a local DNS or to load self-signed certificates.
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Yes, it was an attempt at doing on step at the time, but I realize I’ve been able to make it work in some browsers and on some DNS using HTTPS, as hoped. I’m now mostly trying to solve specific DNS issues, trying to understand why there are some cases where it’s not working (i.e. in Firefox regardless of DNS setting, when calling
dig
,curl
orhost
). - Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Opening up the network developer tools in Firefox, I’m seeing the following error:
NS_ERROR_UNKNOWN_HOST
, though I haven’t been able to determine how to solve this yet. It does make sense, because it would also explain why curl is unable to resolve it, if the nameserver is unreachable. I’m still confused though, because cloudflare, google and most other DNS’s I’ve tried work without issue. Even setting google’s dns in firefox does not resolve it. - Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
This was a good suggestion, indeed other browsers seem to work just fine, I updated my post with a new edit. I’m making progress, it seems I’m having some specific issue with Firefox, my default browser.
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
It does work. In my first edit I’m sharing multiple examples of others making it work, and I’ve made it work in some cases which I explain in my second edit. I’m not using an HTTP challenge, but a DNS challenge which is not specific to any IP address and does not require the IP address to be reachable from outside my network. I only care about accessing the endpoint from within my home network. The use of a real domain allows me to make use of the public chain of trust infrastructure and DNS allowing me to reach my homeserver using any device without having to setup any specific local DNS or installing any custom certificate on any of my devices.
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Would you mind explaining further what you mean by “setting it up on both sides of the route”? Much appreciated!
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
The A record was set on my registrar, so on a public DNS, so to speak.
- It allows me to use HTTPS on a private service without setting up any custom DNS locally and without me using any selfsigned certificates and with all my IP addresses being private. It’s a good solution for me to have the real certificates using the default public infrastructure while keeping everything private. What’s the danger of sharing that my private server is accessible at 192.168.10.20 for the external world? What could they do with that information?
- I use my tailscale network to which I expose my local network to allow remote access. Works great for me.
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
You sure can. You can see someone doing just that here successfully:
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
To have HTTPS without additional setup on all the devices which I use to access my services and without having to setup my own DNS server.
- Comment on [question] Help me access my local homeserver using a public domain name 2 days ago:
Good question. I’m only interested in accessing it from my home network and through my tailscale network.
- Submitted 2 days ago to selfhosted@lemmy.world | 60 comments
- Comment on Mommy, Why is There a Server in the House? 5 weeks ago:
It’s on the very first page, opposite to the office server page, and they acknowledge the Author does not exist and that it’s basically an ad for Windows server.
- Comment on LibreOffice is right about Microsoft, and it matters more than you think. 1 month ago:
I think this is an issue where you are talking about people coming from windlws trying to do windows things on linux like run windows software. Of course you can in some cases run windows software on Linux but it is not a fair comparison to blame Linux for not being able to run windows software. Linux has it’s own suite of software and that is often better suited.
- Comment on LibreOffice is right about Microsoft, and it matters more than you think. 1 month ago:
I didn’t say Linux just works. I’m just fighting back against the preconceived idea that it’s just a total mess. I have myself ran into issues with linux. But also, I’ve run into many issues with windows too.
The difference is that when people encounter issues with windows, it’s like well too bad, need to find someone who can fix it. But when they encounter an issue with Linux, it’s like linux sucks, let me get back to Windows as if it didn’t suck at least as much.
- Comment on LibreOffice is right about Microsoft, and it matters more than you think. 1 month ago:
I don’t buy the argument that windows just works or that it’s somehow better or more stable. The reality is we all have grown to learn about computers specifically using windows and it’s been a steep learning curve. We have gotten familiar with its specificities and its sporadic misbehavior and accepted that as the norm. And people prefer what they are used to even if it’s suboptimal because they would rather not learn something else from scratch, even if in the long run it could be better.
Put any person who has zero computer experience in front of a windows computer or Linux computer and I doubt they would say the windows computer just works and the Linux one doesn’t.
- Comment on Battlefield 6 players are crying out for a 'real' server browser, and it's about time we demanded the basic FPS feature that Call of Duty killed 1 month ago:
Having long played some old CS, there was so much sense of community from connecting to a personal server instance, regularly seeing the same people, familiarize with specific rules to that server, getting to know the admin etc. I’m sure you feel a sense of community from match making, but to say that it cannot exist without matchmaking is just wrong IMO.
And I’m not advertising for one over the other. But I’d be very happy to see the persistence of accessing personal servers for a game.
- Comment on Anubis is awesome! Stopping (AI)crawlbots 2 months ago:
@demigodrick@leppy.zip
Perhaps of interest? I don’t know how many bots you’re facing.
- Comment on Tailscale addressing concerns over potential enshittification of the platform 2 months ago:
I feel you are a bit out of touch when the topic is specifically enshittification and that it is based on the history of companies turning against their users, showing little good faith. It is also not something which is sparing open source projects (remember bitwarden’s attempt?). So sure, I’m not going to deny that I’m making assumptions and that I am concerned it may one day happen. But it is grounded in reality, not some tinfoil hat stuff.
- Comment on Tailscale addressing concerns over potential enshittification of the platform 2 months ago:
- Tailscale has an employee who is contributing to headscale. I think this is helpful and they could decide to stop this collaboration the moment they feel it is counter productive.
- they may decide to start adding undocumented/proprietary/“secure” elements which prevent headscale from working.
There is no guarantee headscale can keep working the way it does or that it is allowed to keep existing.
- Comment on Introducing reitti: a selfhosted alternative to Google Timeline 2 months ago:
Congrats! Amazing project, exciting interface and you went the extra mile on the integration side with third parties. Kudos!