If this isn’t the right place to put it please let me know. I am in the process of re-imaging pc running Ubuntu server to help clean up services. Before I had Openvpn Access server running on the server as well as docker running Nextcloud, Jellyfin, and NGINX Proxy Manager.

Computer Specs :

- Intel® Core™ i5-6500T CPU @ 2.50GHz
- 64gb DDr4 - 2133 MHz

I would like to run these services and currently am having difficulty with just docker.

  • DNS Server
  • Nextcloud
  • Jellyfin Server
  • Future Projects

Questions

  1. Would it be possible to use a DNS server and reverse proxy together?
    1. Can I have Internal and external DNS?
  2. Should I switch to running a bare-metal hypervisor?
  3. What should I use for a DNS Server?
  • I have been recommended using pfsence or pi-hole.

Thank you in advance for any recommendations, advice, and/or answers.

  • thekrautboy@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Internal DNS

    Please avoid using .local for things like that, its already used by mDNS (aka Apple Bonjour) and using it as standard TLD for your private hosts can cause weird issues, dont do it. Instead use TLDs that are assigned for that purpose, like .private or .home or .lan or .home.arpa etc.

    External DNS

    If you want to expose your Jellyfin (and possibly other services) with your reverse proxy, you better get started right away with using one domain for both, internal and external. As in, your local services are connectable under the same as the ones you open to the public. This does not mean you need to open everything for everyone. So completely forget about using private TLDs like .home and instead use your own domain (doesnt need to be a paid one, you can use free subdomains from duckdns or dedyn too for example). So if you have example.com as your domain, you simply add a subdomain to that like local.example.com and to make things easy, with a wildcard CNAME * record, like *.local.example.com. Then you can set your reverse proxy to get valid SSL certificates for *.local.example.com and you can set your local DNS (Pihole for example) to point portainer.local.example.com to the IP of your reverse proxy, which in turn redirects the access to the actual service, Portainer in this example. That way you have working, proper SSL inside your home network, without needing to open any ports to the public or even buying a domain, and fully selfhosted.

    This exact question has been asked sooo many times here already, i will not go into further detail, you can simply search this sub for more info.

    Would it be possible to use a DNS server and reverse proxy together?

    Together? You can run both, yes.

    Can I have Internal and external DNS?

    What does that mean? Do you mean running a DNS server inside your network as internal? Yes of course. And external means what? Another DNS server running somewhere else? Or in relation to the above, you mean that your domain resolves to one thing when youre inside your network, but the same domain resolves to something else for people on the outside? Of course thats possible too. You run your internal DNS with your Pihole, and external you manage for your public domain, whichever provider you pick for that.

    Should I switch to running a bare-metal hypervisor?

    To run VMs in addition to containers? Or instead? Easy answer, if you want to run VMs then yes you could, if you dont then whats the point? Using Proxmox would allow you to run VMs, LXC and you can also use Docker inside a VM or in a LXC… lots of options.

    What should I use for a DNS Server?

    Whatever suits your needs. Do you want just DNS and nothing else? Basic dnsmasq gets that done. Do you want a WebUI? Do you want adblocking/filtering? Pihole or Adguard Home, there is also Technitium and blocky and many more. Pihole would be my recommendation because its very simple to setup, its useful to most users, works very well and the dev team is top.

    But just as the question “what is the best distro or OS?” its silly and pointless. The choice depends entirely on the exact scenario and mostly upon yourself, your knowledge level, how much time youre willing to invest and learn, what features you want and which you dont need etc.

    I have been recommended using pfsence or pi-hole.

    They are very much not comparable. Pihole is a DNS-based adblocker, it does that very well but not much else. pfSense is a software firewall/router appliance, it does a lot more. Also, fuck pfSense. If you want to run something like that, consider /r/OPNsense instead or much lighter maybe ipfire or OpenWRT, again it all depends on your needs.

    Edit: Great that this subs “spam protection” is still garbage

  • Do_TheEvolution@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Would it be possible to use a DNS server and reverse proxy together?

    Sure, reverse proxy is a web server whos job is to be in charge of ports 80 and 443 and decide to what other webservers send traffic based on request url

    Can I have Internal and external DNS?

    Probably, who knows what you really means. Split dns maybe?

    Should I switch to running a bare-metal hypervisor?

    If you need it. Seems your needs are met with just docker.

    What should I use for a DNS Server?

    dnsmasq works and I used it for a time, then I moved to having opnsense as my firewall and use its unbound service.

  • Big_Atomic@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago
    1. Yes, you can use DNS server and , proxy manager
    2. You can have internal and external dns server.
    3. No, just use Ubuntu.
    4. Setup technitium dns server as docker container.