A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
It really depends on the company that you use to manage the domain's DNS. As long as they have an API to update DNS records..
For example, I can have my domain at Porkbun and have its DNS managed at Cloudflare. Cloudflare allows updating DNS records via API..so there's programs to update it. Some routers even support it.
Worst case, you can set up a service like duckdns and have your domain, via cname, point to the duck DNS subdomain.
There's options.
Porkbun also has an api for updating records.
I think using the cloudflare API is the way to go. You could probably set up an internal service that translates your home router's dyndns request to a cloudflare API call.
Only if you had root access to your router. It’s a lot easier to write or find a very simple update script and schedule it to run every now and then via crontab.
The daemon script is simpler, true. but usually you can just point your router at some dyndns URL and you could put an internal IP for that.
All domains works with Dynamic IPs - it all depends on what DNS-provider you use :) Provider like Cloudflare ( I do not recommend Cloudflare) and afraid.org both offer dynamic DNS.
Do you recommend afraid.org?
Afraid.org is great :) I do recommend
Why don't you recommend Cloudflare?
It is a giant MITM proxy, and whoever who has access to their logs have the potential to gain a lot of control
Don't have to use their proxy. My gateway router uses cloudflare to set the IP via the API and I just use self-signed certificates. A record resolves to my gateway, not some cloudflare server.
They also do a lot of work in the privacy space. Encrypted Client Hello to protect SNI came from them.
If you use any company for TLS termination they can MITM (e.g. AWS certificate manager).
Its market share defeats the point of self-hosting.
There are many ways to update dns automatically, I have used this container in the past. You could probably even write a bash script/cron job that checks your IP and updates it with curl depending on your DNS provider.
If you are already running tailscale you may be interested in using a funnel, which lets you accept and route internet traffic to your tailnet. I don't use tailscale so can't comment on how good/bad/useful this is.
You could also run some sort of service like frp from some remote box (like a VPS in DO/Linode/etc). This or the funnel lets you not expose/advertise your home IP address if that is a consideration.
Oooh thanks for the tip about frp. Interesting.
I actually just migrated things to a setup that is pretty neat using FRP: I run frps on 2 Linodes in the same datacenter and have set up IP sharing for failover between them (which is a neat feature Linode, Vultr and probably a few others offer), and then I run 4 frpc's, two for each frps in case one of them breaks somehow. Lots of redundancy without all that much effort.
It sounds pretty awesome. Just wondering if adding additional complexity to the setup is worth it to obfuscate my home IP. Easily setting up redundancy is a good feature in that regard though.
Cloudflare, Porkbun, Namecheap and many other registrars offer dynamic DNS via API or a ddns client very easy to setup.
CloudFlare ZT tunnels coupled with an Azure AD. Work’s amazingly with their containers to keep the tunnel alive.
Does your ISP support IPv6?
Silly as it is, many ISPs hand out dynamic IPv6 prefixes that may change once in a while. Or "dynamic" prefixes that never seem to change (but are not guaranteed never to change).
The reason is of course that they like being able to charge extra for static IPv4 addresses, and they see no reason to get rid of that revenue source for IPv6.
I think I can ask them about it. Never really used ipv6. Maybe that's even better. Then I can maybe use more than one IP even. I don't know how the ISPs deal with it. Do I only get one for my router, or can I get a bunch of them.. hmm
with IPv6 you are able to address your internal network devices directly without port forwarding. Just make sure your router and other gear support it so you have everything you need.
This is the way.
Yea, my stuff supports it. But I never checked out how the ISPs is dealing with it. I will check it out!
If you have a static IPv6 address you can host your own authoritative DNS locally and use it for IPv4.
ZoneEdit.com has a free plan with dynamic DNS for at least one „real“ domain (domain registration not included). It‘s not the most user friendly UI but super powerful. You can pretty much add any DNS record you like.
I used No-IP for this very thing many years ago (using a domain on a server with a dynamic IP, anyway). I don't know how it is now, but a quick search shows it is still around.
No-IP has been great for me for about a year now. No complaints.
Do you want the host to be accessible fully from any host, or do you control all hosts you want to access it?
For mine, all the devices I want to access my personal host I have setup zerotier, and then pointed cloudflare at my zerotier address.
Any device I want to access my host (outside of my local network) requires zerotier.
I don’t want anything outside of my control accessing my host