TheHobbyist

@TheHobbyist@lemmy.zip

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:

  Interesting setup. Funnily, I have one specific subdomain hosted on an actual cloud provider, publicly and all other subdomains are private and local. It works just fine :)

  In the end, there’s like a tradeoff between enjoying your system as is and pouring I don’t know how many hours in setting it up when it’s a new idea haha

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:

  I’m not trying to expose it to the internet and there are indeed multiple solutions to get HTTPS. This one works with a real domain name is what works best for me :)

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:

  Yes it does. Are you using Firefox? And you can’t resolve local ip addresses, so that’s why you are setting this exception?

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Wouldn’t that require me to use tailscale even at home on my home network? It also does not provide HTTPS unless you maybe use magic DNS, but then we’re back to using a public domain I guess.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Since it knows the DNS will always be public, it also knows that the 192.168.10.20 address is not routable on the internet where it found it.

  That is in fact not it. I left the default firefox DNS setting. I simply enabled network.trr.allow-rfc1918 from within the about:config which allows the resolution of local IP addresses. It now works. All my DNS are public, I make no use of any private, local DNS.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  This was not required in my case, but maybe it solves other issues?

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Works flawlessly with my tailscale setup :) Thanks for asking!

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Thanks for your response. Indeed, this is only for myself within my home network. No split DNS required, the public DNS record mentions my local private IP address which of course will only resolve to my homeserver from within my home network and will not lead anywhere for anyone else from any other network. That’s all what makes this great. Yes, I did the DNS challenge as I mentioned in my OP and retrieved a wildcard certificate for all my local needs :)

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Yes, I now managed to make it fully work on firefox too, needed to set network.trr.allow-rfc1918 to true in the about:config settings! :)

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  so some apps (like Firefox) with internal hard-coded DNS functions Thank you! This was the information I needed! It landed me on this page support.mozilla.org/…/firefox-dns-over-https which shows When DoH is enabled, Firefox by default directs DoH queries to DNS servers that are operated by a trusted partner, which has the ability to see users’ queries and lead me to this page wiki.mozilla.org/Trusted_Recursive_Resolver where I was able to read more about it. That explains why it does not work, I appreciate the insight!

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  No, it is not fully working. Many have tried to explain to you that your setup only works for YOU on YOUR subnet.

  That’s exactly what I want. I don’t know why you thought I wanted something else? I’m trying to expose reach services in my home network from home, using HTTPS, without requiring a local DNS or to load self-signed certificates.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Yes, it was an attempt at doing on step at the time, but I realize I’ve been able to make it work in some browsers and on some DNS using HTTPS, as hoped. I’m now mostly trying to solve specific DNS issues, trying to understand why there are some cases where it’s not working (i.e. in Firefox regardless of DNS setting, when calling dig, curl or host).

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Opening up the network developer tools in Firefox, I’m seeing the following error: NS_ERROR_UNKNOWN_HOST, though I haven’t been able to determine how to solve this yet. It does make sense, because it would also explain why curl is unable to resolve it, if the nameserver is unreachable. I’m still confused though, because cloudflare, google and most other DNS’s I’ve tried work without issue. Even setting google’s dns in firefox does not resolve it.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  This was a good suggestion, indeed other browsers seem to work just fine, I updated my post with a new edit. I’m making progress, it seems I’m having some specific issue with Firefox, my default browser.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  It does work. In my first edit I’m sharing multiple examples of others making it work, and I’ve made it work in some cases which I explain in my second edit. I’m not using an HTTP challenge, but a DNS challenge which is not specific to any IP address and does not require the IP address to be reachable from outside my network. I only care about accessing the endpoint from within my home network. The use of a real domain allows me to make use of the public chain of trust infrastructure and DNS allowing me to reach my homeserver using any device without having to setup any specific local DNS or installing any custom certificate on any of my devices.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Would you mind explaining further what you mean by “setting it up on both sides of the route”? Much appreciated!

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  The A record was set on my registrar, so on a public DNS, so to speak.

  1. It allows me to use HTTPS on a private service without setting up any custom DNS locally and without me using any selfsigned certificates and with all my IP addresses being private. It’s a good solution for me to have the real certificates using the default public infrastructure while keeping everything private. What’s the danger of sharing that my private server is accessible at 192.168.10.20 for the external world? What could they do with that information?
  2. I use my tailscale network to which I expose my local network to allow remote access. Works great for me.
• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  You sure can. You can see someone doing just that here successfully:

  www.yewtu.be/watch?v=qlcVx-k-02E

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  To have HTTPS without additional setup on all the devices which I use to access my services and without having to setup my own DNS server.

• ⁨Comment⁩ on ⁨[question] Help me access my local homeserver using a public domain name⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  Good question. I’m only interested in accessing it from my home network and through my tailscale network.

• [question] Help me access my local homeserver using a public domain name
  Submitted ⁨⁨2⁩ ⁨days⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨60⁩ ⁨comments⁩
• ⁨Comment⁩ on ⁨Mommy, Why is There a Server in the House?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  It’s on the very first page, opposite to the office server page, and they acknowledge the Author does not exist and that it’s basically an ad for Windows server.

• ⁨Comment⁩ on ⁨LibreOffice is right about Microsoft, and it matters more than you think.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I think this is an issue where you are talking about people coming from windlws trying to do windows things on linux like run windows software. Of course you can in some cases run windows software on Linux but it is not a fair comparison to blame Linux for not being able to run windows software. Linux has it’s own suite of software and that is often better suited.

• ⁨Comment⁩ on ⁨LibreOffice is right about Microsoft, and it matters more than you think.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I didn’t say Linux just works. I’m just fighting back against the preconceived idea that it’s just a total mess. I have myself ran into issues with linux. But also, I’ve run into many issues with windows too.

  The difference is that when people encounter issues with windows, it’s like well too bad, need to find someone who can fix it. But when they encounter an issue with Linux, it’s like linux sucks, let me get back to Windows as if it didn’t suck at least as much.

• ⁨Comment⁩ on ⁨LibreOffice is right about Microsoft, and it matters more than you think.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I don’t buy the argument that windows just works or that it’s somehow better or more stable. The reality is we all have grown to learn about computers specifically using windows and it’s been a steep learning curve. We have gotten familiar with its specificities and its sporadic misbehavior and accepted that as the norm. And people prefer what they are used to even if it’s suboptimal because they would rather not learn something else from scratch, even if in the long run it could be better.

  Put any person who has zero computer experience in front of a windows computer or Linux computer and I doubt they would say the windows computer just works and the Linux one doesn’t.

• ⁨Comment⁩ on ⁨Battlefield 6 players are crying out for a 'real' server browser, and it's about time we demanded the basic FPS feature that Call of Duty killed⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  Having long played some old CS, there was so much sense of community from connecting to a personal server instance, regularly seeing the same people, familiarize with specific rules to that server, getting to know the admin etc. I’m sure you feel a sense of community from match making, but to say that it cannot exist without matchmaking is just wrong IMO.

  And I’m not advertising for one over the other. But I’d be very happy to see the persistence of accessing personal servers for a game.

• ⁨Comment⁩ on ⁨Anubis is awesome! Stopping (AI)crawlbots⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  @demigodrick@leppy.zip

  Perhaps of interest? I don’t know how many bots you’re facing.

• ⁨Comment⁩ on ⁨Tailscale addressing concerns over potential enshittification of the platform⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  I feel you are a bit out of touch when the topic is specifically enshittification and that it is based on the history of companies turning against their users, showing little good faith. It is also not something which is sparing open source projects (remember bitwarden’s attempt?). So sure, I’m not going to deny that I’m making assumptions and that I am concerned it may one day happen. But it is grounded in reality, not some tinfoil hat stuff.

• ⁨Comment⁩ on ⁨Tailscale addressing concerns over potential enshittification of the platform⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
  1. Tailscale has an employee who is contributing to headscale. I think this is helpful and they could decide to stop this collaboration the moment they feel it is counter productive.
  2. they may decide to start adding undocumented/proprietary/“secure” elements which prevent headscale from working.

  There is no guarantee headscale can keep working the way it does or that it is allowed to keep existing.

• ⁨Comment⁩ on ⁨Introducing reitti: a selfhosted alternative to Google Timeline⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Congrats! Amazing project, exciting interface and you went the extra mile on the integration side with third parties. Kudos!