Custom Local Domains

Selfhosted@lemmy.world – 19 points – 1 years ago

How do you guys set internal domains?

Say i dont want to type 192.168.1.100:8096 and want a url instead, say jellyfin.servername - how would I go about that? I don't want it exposed online via reverse proxy. I don't need certs. No port forwarding on the router.

How do I type 'jellyfin.servername' into a browser and being up the jellyfin dashboard?

If you have your own DNS server you can set a hostname there like 'jellyfin.myserver' and have that accessible from your internal network. If you want to do so on your PC you can edit your hosts file to add a custom entry. https://www.hostinger.com/tutorials/how-to-edit-hosts-file

Keep in mind you still need to specify the port with this method.

Yeah, how and where? In the docker compose? I have a dozem containers and is love if they were all a.server. b.server, c.server. How can I do this? Pihole DNS records don't do anything at the port level.

Sorry I meant in your browser. Yes dns does not point to ports.

You would have to use some sort of reverse proxy that is only accessible from internal networks

Just to clarify a bit further. You browser doesn't specify ports in the URL because HTTP and HTTPS have basically coopted the 80/443 ports. You could have a website running an HTTP server on another port like 3000. But then you'd need to specify the port in the URL since the browser - by default - is looking at 80/443 and not 3000.

You should be able to configure the port for your Jellyfin server. I'm not a Jellyfin user, but most applications allow you to pick a port to run it on. So you'll have to change the port to port 80 and then expose that port on your docker container in the docker-compose file.

Edit: actually now that I think about it... You could just point your local port 80 to the docker container port. I forget the port mapping schema but it's something like

ports:
  - 80:1234

You might have to flip the order of the ports. But basically that example above is trying to map port 80 to port 1234. If that fails, you might have port 80 being used by another application on your computer and you'd either have to shut that app down, pick a different port for that app or you're back to picking a different port for Jellyfin

It's the port that's tripping me. How do I point jellyfin to that domain? It's on docker on port 8096 - the hostname isn't the problem, it's the container.

Ah okay. You need some sort of reverse proxy.
I really like caddy. Using it with caddy-docker-proxy in docker-compose makes it quite nifty:

`version: '3.7'
services:
whoami:
image: containous/whoami
networks:
- caddy
labels:
caddy: http://whoami.mylab.home
caddy.reverse_proxy: "{{upstreams 80}}"

networks:
caddy:
external: true`

Just make sure to explicitly use 'http' instead of 'https'. That way it won't try to create certificates.

I use a pi hole instance for this. I just point all the subdomains at my ngnix server and reverse proxy everything through that

I use pihole running on an esxi server for dns. In pihole you can create local dns records which is exactly what you’re trying to do. It’s very lightweight, you can run it on about anything.

You can also do something like this

You don't need to expose it to the web to use a reverse proxy. You can use traefik, caddy, nginx, or any other reverse proxy to serve IP:PORT on domain.tld. You can use 80 or 443 as you'd like.

If you're using docker, it's even easier. How are you hosting your jellyfin?

PiHole as your DNS resolver. LocalDNS mapping whatever hostname you want to whatever IP you want.
Because I use Nginx Proxy Manager internally - then most of my hostname point to the Nginx IP address

Wolfangs Channel had a video about that a few weeks ago: https://www.youtube.com/watch?v=qlcVx-k-02E

I didn't try it myself yet, but judging from his other videos, he's not a complete idiot, so I assume it's solid advice.

You need to set up a local DNS server with a .servername zone and point your machines to it. You'd add an external DNS server like 1.1.1.1 as forwarder to allow internet traffic to still resolve.

You'll need a reverse proxy.

Running a reverse proxy then adding your IP to your router/other-DNS-server will make it easy ish. Just don’t pick a domain that is used by other people. If you have a(ny) domain you own then a subdomain you set in your router is fine/safe.

I have *.[house domain] point to a static IP set in my router. The IP is announced via BGP to point to running Traefik instances as a reverse proxy that points to the appropriate container. This also gives certs, but isn’t required.

Reverse proxy and local DNS. Just add the domains you want to your DNS and point them at the reverse proxy.

You'll need certs if you want to use a Chromecast in certain circumstances, btw.

You should be able to use mDNS pretty easily. Some services (like Home Assistant) support it out-of-the-box. mDNS is what powers the .local domains (eg homeassistant.local).

You can add an entry to your /etc/hosts file for the IP part, but this cannot remove the need to specify the port number as it is unrelated to the domain/IP

You can configure a local only DNS

If externally available - i use domain. If local - by ip:port. I find it easier to rely on firefox bookmarks and their folders lol.

After much suffering with local zones (mainly due to stubborn devices ignoring dns servers coming via dhcp and retarded corporate vpn messing with resolv.conf) I just use xxx.local.mydomain.tld with a small script that parses the leases files and updates the data via cloud flare api.

Using a real domain also lets you get Let's Encrypt TLS certificates for the subdomains, by using DNS challenges.

I do the same thing - I use xxx.int.example.com and xxx.vpn.example.com for internal IPs and VPN IPs respectively.

I ended up doing a similar thing for the same reasons, too many things ignoring my local dns. I ended up creating a subdomain for my house where all the A records had internal ips. I gave out fixed leases to the things with names though instead of dynamic dns updates.

I have static ips for the server-ish things and few important devices too, but for the rest (swarm of shellys, esp32, etc.) I'm too lazy to maintain the list =)

I currently use a custom filter/rewrite in AdGuard Home (similar to pihole).

An alternative to running a central dns server is to use mDNS. You can install a daemon on each server that you want to access via hostname, and then clients know that ServerName.local domains should be resolved using mdns. They send out a dns query to a local multicast IP, the daemon on the servers receives the query and the appropriate one responds. By design it’s local only.

Theres a few ways to do that but this is the easiest way it to use a caddy reverse proxy & a local dns server (like pihole or adgarud home)

example caddyfile:

# you must set 'http://' or caddy may error when getting a ssl cert
http://jellyfin.servername.local {
  reverse_proxy 192.168.1.100:8096
}

There are a lot of comments, and I didn’t feel like reading them all to see if someone said this, but you could use pi-hole to host a dns server on your network that forwards requests to a normal dns server but has a list of custom exceptions. This could be used for that as well as being a great ad blocker for any device that lets you change dns settings. (This includes a lot of smart tvs and things)