50
submitted 5 months ago by abeorch@lemmy.ml to c/selfhosted@lemmy.world

Im sure this has been asked before i juat can't find where it has been - Maybe need to work on how to search Lemmy better. But...

Id like to eventually self host some sevices that require external access. While I have IpV6 addresses my IPV4 is dynamic.

Whats the best free way to be able to point some domains/ subdomains I have to my external dynamic IP and keep it updated. Im running OpenWrt on my router. - So possibly should be posting there.

Free Dyndns services seem to be a bit crap. Do I need to pay for a VPS? (seems to defeat the point of self hosting)

top 50 comments
sorted by: hot top controversial new old
[-] MehBlah@lemmy.world 12 points 5 months ago* (last edited 5 months ago)

I use afraid.org to keep my dynamic dns pointed at my routers ip. With afraid.org dns you only need a curl statement scheduled on the open~~dns~~wrt router to keep the dynamic ip updated.

load more comments (12 replies)
[-] Wolfwood1@lemmy.world 10 points 5 months ago

Self hosting doesn't mean you should host everything yourself at home, using a VPS you manage (so the data inside it is still yours) is also a viable option for selfhosting. I myself host some services at home and a few others in a VPS.

As for Dyndns, I've used a few providers over the years. DuckDNS is the one I've been using for 5 years or so and it's not failed me once. Pretty happy with it.

Maybe you could have a duckdns pointing to your dynamic IP and your domains / subdomains with a CNAME pointing to the dyndns address?

[-] loudwhisper@infosec.pub 9 points 5 months ago

Since you run already OpenWrt, you can check out https://openwrt.org/docs/guide-user/services/ddns/client

There is a list on this page of compatible services. If you don't want to use one more service (DNS), you can use a domain registrar with an API (like porkbun) and find online tools that work with that.

Be aware of the risks of hosting your websites publicly from home, make sure to run them in very isolated environments. Having your VPS compromised is bad, but having your home network compromised is much worse!

[-] abeorch@lemmy.ml 4 points 5 months ago

Be aware of the risks of hosting your websites publicly from home, make sure to run them in very isolated environments. Having your VPS compromised is bad, but having your home network compromised is much worse!

Agree - Not something I will throw myself into.

[-] bane_killgrind@lemmy.ml 4 points 5 months ago

That lists afraid.org as a ddns provider.

They are pretty great, I use them as my domain host.

[-] abeorch@lemmy.ml 3 points 5 months ago

Yes I use no-ip but have to confirm the domain name every month or so and cant use my own domain on the free tier. (Maybe im just being cheap) - Also I haven't been able to figure out how I would use / get SSL certificates.

[-] Willdrick@lemmy.world 4 points 5 months ago

Try duckdns, it doesnt nag you every month and it just works

[-] loudwhisper@infosec.pub 3 points 5 months ago

Yes, I have used it in the past and it was annoying...

You can get SSL certs with letsencrypt, but you need to use the http verification method.

[-] lorentz@feddit.it 2 points 4 months ago

Not anymore, it supports txt records now

[-] chiisana@lemmy.chiisana.net 8 points 5 months ago
[-] MangoPenguin@lemmy.blahaj.zone 7 points 5 months ago

Many DNS providers have an API and are supported by various dynamicDNS clients. I use Cloudflare and the built in client on my Opnsense router.

OpenWRT should have a client too that supports a bunch of services.

[-] BearOfaTime@lemm.ee 6 points 5 months ago* (last edited 5 months ago)

VPS with a tunnel between it and home services (Wireguard/Tailscale, etc)in my opinion is Best Way as it isolates your home gateway (no open ports, because you make outbound connections to your VPS), and let VPS handle Identity and Access Management

(Or an equivalent isolating architecture).

Alternatively, Tailscale has a Funnel feature which can route public traffic into your Tailscale network. Though I don't love this approach, it does work for low-volume connections.

[-] Zephyr@feddit.nl 1 points 4 months ago

+1 for using Tailscale funnel Don't use a lot of resources and easy to setup

[-] K3can@lemmy.radio 5 points 5 months ago

I'm using cloudflare as my nameserver and the free API seems to work just fine with ddclient.

[-] anzo@programming.dev 5 points 5 months ago

There are two options, one is tunneling (e.g. tailscale, cloudfare tunnels, or a VPS either with special software or plain old SSH port forward constant connection). The other option, the most popular answer (I think, influenced by how yoy asked) is Dynamic DNS or DynDNS (e.g. duck, hurricane, freedns, etc.) this second one is like the classic solution.

[-] Nomecks@lemmy.ca 5 points 5 months ago

Script that checks your external IP and updates your DNS provider via API.

[-] lemmyvore@feddit.nl 4 points 4 months ago

Get your own domain, find a free DNS service that provides an API, and it becomes a simple matter of updating a DNS A record whenever your IP changes.

Here's a starting point: https://community.letsencrypt.org/t/dns-providers-who-easily-integrate-with-lets-encrypt-dns-validation/86438

Don't use a DynamicDNS service, they're usually crap and they make you depend on a domain you don't own.

[-] revv@lemmy.blahaj.zone 4 points 5 months ago

You can get super cheap VPSs and use them just as a reverse proxy (with access via VPN). I host 11 servers using one single-core VPS as a reverse proxy. All data resides on premises, in house. I pay 10/yr for VPS. It definitely does not defeat the purpose.

[-] yatzy@lemmy.ml 2 points 5 months ago

From where can you get a VPS for that price?

[-] revv@lemmy.blahaj.zone 4 points 5 months ago

Check out low end box. I found coupons for racknerd. I have one VPS that's $10/yr, another that's $18/yr. I've had zero downtime in the 18 months I've used them. No complaints from me. YMMV of course.

[-] abeorch@lemmy.ml 2 points 5 months ago

Yeah maybe I need to consider this.

[-] TCB13@lemmy.world 3 points 5 months ago* (last edited 5 months ago)

Free Dyndns services seem to be a bit crap

Why do you say that? https://freedns.afraid.org/ and https://www.duckdns.org are very solid and if you're looking for something more corporate even Cloudflare offers that service for free.

[-] Toribor@corndog.social 1 points 4 months ago

DuckDNS is great... but they have had some pretty major outages recently. No complaints, I know it's an extremely valuable free service but it's worth mentioning.

[-] Charadon@lemmy.sdf.org 3 points 4 months ago

If you go down the VPS route, a headscale server on a cheap $3.50 VPS would be the way to go. Wouldn't even have to deal with IP addresses at that point, while still being able to self-host all your services, with the cheap VPS being a glorified switch/firewall.

[-] Kit@lemmy.blahaj.zone 3 points 5 months ago

Namecheap domains include a dynamic DNS application for free and it works well. Be aware that it only runs on Windows.

[-] Pika@sh.itjust.works 1 points 5 months ago* (last edited 5 months ago)

also keep in mind for people not on windows, namecheaps API only functions for business grade, and also is not clearly documented, there is a "dynamic dns setup page" but it isn't up to date. I find myself trying to use openwrt's DDNS pages for it but it still isn't accurate, I am likely going to transfer elsewhere when im closer to the end of my lease. This API restriction also prevents you from easily automating your SSL process using letsencrypt as you are locked down to subdomain based entries instead of wildcard domains.

[-] hendrik@palaver.p3x.de 3 points 5 months ago* (last edited 5 months ago)

I think you got enough recommendations for several tunneling solutions.

Apart from that (and free DynDNS) you could also use a regular paid DNS provider. Some of them also offer DynDNS or an API. I think I saw some regular providers in the list of my DynDNS client on my router, next to the super cheap or free ones.

[-] cizra@lemm.ee 3 points 5 months ago

How often does your IP actually change? Mine changes so rarely (during extended power outages, say) that I am able to just update my IP manually when it does.

I even used to run my own authoritative DNS server at home (the one offered by my registrar isn't configurable enough, think SRV and TXT records) - for that, I have a web UI at my registrar to set the IP addresses of the DNS server.

[-] phanto@lemmy.ca 3 points 5 months ago

I have dyndns, have since they were 10$ a year, and I've gradually realized that my ISP changes my IP on average less than once a year...

[-] fmstrat@lemmy.nowsci.com 2 points 5 months ago

I've used big names like ns1 and Cloudflare for free.

[-] Toribor@corndog.social 2 points 4 months ago* (last edited 4 months ago)

Cloudflare has an api for easy dynamic dns. I use oznu/docker-cloudflare-ddns to manage this, it's super easy:

docker run \
  -e API_KEY=xxxxxxx \
  -e ZONE=example.com \
  -e SUBDOMAIN=subdomain \
  oznu/cloudflare-ddns

Then I just make a CNAME for each of my public facing services to point to 'subdomain.example.com' and use a reverse proxy to get incoming traffic to the right service.

[-] Decronym@lemmy.decronym.xyz 2 points 5 months ago* (last edited 4 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
HTTP Hypertext Transfer Protocol, the Web
HTTPS HTTP over SSL
IP Internet Protocol
SSH Secure Shell for remote terminal access
SSL Secure Sockets Layer, for transparent encryption
TLS Transport Layer Security, supersedes SSL
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)
nginx Popular HTTP server

9 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.

[Thread #891 for this sub, first seen 27th Jul 2024, 19:35] [FAQ] [Full list] [Contact] [Source code]

[-] abeorch@lemmy.ml 2 points 5 months ago

Wow thanks everyone. I think I need to take another look at some of the DynDNS provides and digest all your great feedback.

Id like to go beyond personal self hosting stuff and maybe run some stuff that requires Federation. Im just thinking at the moment.

[-] cmnybo@discuss.tchncs.de 2 points 5 months ago

FreeDNS works pretty well as long as you don't need more than 5 DNS records.

[-] infeeeee@lemm.ee 4 points 5 months ago

Other free services I had good experiences with:

[-] KeepFlying@lemmy.world 1 points 5 months ago

Many registrars let you buy a domain and set up dynamic DNS for it within their system so you can own a domain and get dyndns on it.

Otherwise you could accomplish it with a VPS but you'd only need the smallest one available because it would just need to run nginx to forward to your home ip (and a small tool to update that IP when it changes). So you could probably get something for less than $5/mo.

[-] IsoKiero@sopuli.xyz 1 points 5 months ago

You can pay for dyndns service which should be more reliable than free ones. I don't have any experience with those, so I can't give any recommendations. What I'm running is that I use few of the free ones which are updated either from my router or from a linux VM and I've just pointed few easy to remember CNAME records from my own domain to those dynamic addresses. It's not the best thing in the world, but my dynamic IP tends to be pretty static as it usually changes only when my own hardware is down for a longer period of time (few hours or so, so a longer power outage or a hardware maintenance gone wrong).

[-] JRaccoon@discuss.tchncs.de 1 points 5 months ago

I've been using No-IP free plan for years without issues. Inputted the credentials to my routers DDNS client and then basically forgot about it. Free users need to confirm their account once a month via email but that's just one click.

If your domain registrar happens to have an API to update DNS entries, you could implement DDNS yourself by writing a simple automated script to check the external IP (e.g. via ipify.org) and if it's changed from the last check then call the API to update the DNS entries.

[-] abeorch@lemmy.ml 2 points 5 months ago

Yeah been using No-ip free but I worry that one day I will forget to confirm and ill ge cut-off.

[-] TCB13@lemmy.world 2 points 5 months ago

No-IP

Don't recommend that. There are plenty of better alternatives such as https://freedns.afraid.org/ and https://www.duckdns.org/ that aren't run by predatory companies that may pull the plug like DynDNS did.

[-] JRaccoon@discuss.tchncs.de 1 points 5 months ago

Sure. I'm not recommending anything, just stating what has worked for me. For simple use cases, I think most of the DDNS services are pretty much the same anyway and it's easy to switch to an another one if one stops working for some reason.

[-] possiblylinux127@lemmy.zip 1 points 5 months ago

Don't expose your services directly to the internet. Instead rent a VPS and the use Wireguard to bring the traffic back home. In your home network your services should be in there own VLAN and everything should be isolated and sandboxed. Everything has the potential to be compromised so always practice least privilege and defense in depth.

[-] lud@lemm.ee 2 points 5 months ago

Or just set up your home network and services properly. Ideally with reverse proxies and maybe a proper DMZ.

[-] bastion@feddit.nl 1 points 4 months ago

I use digital ocean as dns host. They have an API, so I check my IP with a script and update if needed.

load more comments
view more: next ›
this post was submitted on 27 Jul 2024
50 points (96.3% liked)

Selfhosted

40728 readers
359 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS