• 0 Posts
  • 51 Comments
Joined 10 months ago
cake
Cake day: February 1st, 2024

help-circle

  • Hmm, my understanding was that FQDN means that anyone will resolve the domain to e.g. the same IP address? Which is the case here (unless DNS rebinding mitigations or similar are employed) — but it doesn’t resolve to the same physical host in this case since it’s a private IP. Wikipedia:

    A fully qualified domain name is distinguished by its lack of ambiguity in terms of DNS zone location in the hierarchy of DNS labels: it can be interpreted only in one way.

    In my example, I can run nslookup jellyfin.myexample.com 8.8.8.8 and it resolves to what I expect (a local IP address).

    But IANA network professional by any means, so maybe I’m misusing the term?



  • If you have your own domain name+control over the DNS entries, a cute trick you can use for Jellyfin is to set up a fully qualified DNS entry to point to your local (private) IP address.

    So, you can have jellyfin.example.com point to 192.168.0.100 or similar. Inaccessible to the outside world (assuming you have your servers set up securely, no port forwarding), but local devices can access.

    This is useful if you want to play on e.g. Chromecast/Google TV dongle but don’t want your traffic going over the Internet.

    It’s a silly trick to work around the fact that these devices don’t always query the local DNS server (e.g., your router), so you need something fully qualified — but a private IP on a public DNS record works just fine!



  • qjkxbmwvz@startrek.websitetoRisa@startrek.websitetopical
    link
    fedilink
    English
    arrow-up
    3
    ·
    14 days ago

    Open to discussion, but since 2008, the Democrats have won every election where the leadership didn’t “put their finger on the scale” in the primaries/picking the candidate. Obama, Obama; Clinton arguably shouldn’t have been the nominee and Sanders should have; Biden was (?) properly primaries; Harris was picked — obvious pick, but still, not primaried.

    Or the other reason, that the US is too sexist to elect a woman. It’s depressing either way of course.


  • qjkxbmwvz@startrek.websitetoRisa@startrek.websitetopical
    link
    fedilink
    English
    arrow-up
    9
    ·
    14 days ago

    The Democrats, in hindsight, fucked up with the economy and/or the messaging.

    Did inflation happen because of the groundwork that Trump laid down in his term (not to mention global pandemic)? Sure — but did inflation get really bad under Biden? Yes, absolutely. That doesn’t make it his fault, but it makes it a problem that the Democrats probably needed to address more aggressively, an all-out attack on rising cost of living.

    At the start of the pandemic, for me to carry $100 of normal weekly groceries home from the supermarket was a real challenge, but I could do it. Now, I carry $100 no problem, with a toddler on my shoulders. The money doesn’t really matter to me, but from what I’ve been reading, it really mattered to a lot of voters. Again: I think his will be worse under Trump (if it does get better, it’ll be due to some shady tax rebates to supermarkets or big ag or something, IMHO).

    So while the Dems are talking about first time home credits and whatnot, Vance is out there lying about the price of eggs — but it’s a lie that “feels” right to a lot of people, and anecdotally, has some truth to it in that inflation/cost of living increase is real. Nevermind that the R policy is…what, exactly? But they say they’ll fix it, and they point out that Dems are currently in power, and that’s enough for a lot of people.



  • My method:

    VPS with reverse proxy to my public facing services. This holds SSL certs, and communicates with home network through WireGuard link configured on my router.

    Local computer with reverse proxy for all services. This also has SSL certs, and handles the same services as the VPS, so I can have local/LAN speeds. Additionally, it serves as a reverse proxy for all my private services, such as my router/switches/access point config pages, Jellyfin, etc.

    No complaints, it mostly just works. I also have my router override DNS entries for my FQDN to resolve locally, so I use the same URL for accessing public services on my LAN.




  • Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.


  • I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

    So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.