DNS is what you're looking for. To keep it simple and in one place (your adguard instance), you can add local dns entries under Filters > DNS Rewrites in the format below:
192.xxx.x.47 plex.yourdomain.xyz
192.xxx.x.53 snapdrop.yourdomain.xyz
this post was submitted on 15 Mar 2024
2 points (100.0% liked)
Selfhosted
39962 readers
463 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 1 year ago
MODERATORS
Excellent news, at least I know where to start now. I wanna play with all the network things and learn, but I also wanna just have it sorted in 5 minutes of hacking
Its that simple to use different IPs just with DNS server:
DNS server
192.xxx.x.47 -> plex.yourdomain.xyz
192.xxx.x.53 -> snapdrop.yourdomain.xyz
But dont you have your services on the same IP and different ports? If thats the case you will also need reverse proxy like nginx. So DNS server will point your domain name (you can just make a name for local use) to your server IP. Then reverse proxy can point each name to a specific IP and port.
Reverse proxy
192.xxx.x.47:32400 -> plex.yourdomain.xyz
192.xxx.x.47:8080 -> snapdrop.yourdomain.xyz
I don't know why you were downvoted for this, you're right and I figured this out for myself last night when I decided to try figure it out at 1.30am after 3 beers.
I managed to get all my port 80 stuff sorted but my Arr stack for example needs something more, probably the dreaded nginx...
I'm having a look at Caddy now because I've never used it before, Nginx I didn't like when I used it and I've recently heard the original developer has left the project and started a new one.
Nginx is a lot less painful if you use Nginx Proxy Manager. You get a nice GUI and can easily get SSL certificates with Let's Encrypt, including wildcard certs. I'm running it in front of a docker swarm and 3 other servers, and in most cases, it takes me about 30 seconds to add a new proxy host and set it up with https using my *.domain.com wildcard cert. I also use it with Authentik as a forward proxy auth for SSO (since many containers out there don't have the best security).
If you dont fear using a little bit of terminal, caddy imo is the better choice. It makes SSL even more brainless (since its 100% automatic), is very easy to configure (especially for reverse proxying) yet very powerful if you need it, has a wonderful documentation and an extensive extension library, doesnt require a mysql database that eats 200 MB RAM and does not have unnecessary limitations due to UI abstractions. There are many more advantages to caddy over NPM. I have not looked back since I switched.
An example caddyfile for reverse proxying to a docker container from a hostname, with automatic SSL certificates, automatic websockets and all the other typical bells and whistles:
https://yourdomain.com {
reverse_proxy radarr:7878
}
I'll check it out. I suspect configuration would likely be a little bit more complicated in my case because I'm using Authentik for proxy forward authentication and had also been using access control groups in NPM (both a LAN group and a WAN group containing Cloudflare proxy IP addresses, since currently all my publicly accessible domains proxy through Cloudflare).
Caddy and Authentik play very nicely together thanks to caddy forward_auth directive. Regarding acls, you'll have to read some documentation, but it shouldnt be difficult to figure out whatsoever. The documentation and forum are great sources of info.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| DNS | Domain Name Service/System |
| Git | Popular version control system, primarily for code |
| HA | Home Assistant automation software |
| ~ | High Availability |
| HTTP | Hypertext Transfer Protocol, the Web |
| IP | Internet Protocol |
| Plex | Brand of media server package |
| SSL | Secure Sockets Layer, for transparent encryption |
| SSO | Single Sign-On |
| TCP | Transmission Control Protocol, most often over IP |
| nginx | Popular HTTP server |
9 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.
[Thread #605 for this sub, first seen 15th Mar 2024, 20:05] [FAQ] [Full list] [Contact] [Source code]
Yes, you can setup a DNS server to redirect these requisitions to the servers. However you'll have to make sure that every single device is using the DNS server you configured.
You can also configure avahi (on linux) or other zeroconf (you must find out what zeroconf each other system have, cause I don't know) to recognize local hostnames as mDNS
I use avahi to discover my octopi.local in my network and it works like a charm
I have my router point everything through my DNS servers, a main one and a backup on a pi3b, so that shouldn't be an issue.
Except for Wifey. She hates ad blocking with a passion, so I've set her phones to use Google DNS servers.
Wifey also does not care one jot for what I'm playing with, it's mainly my 13 year old ATM. Wifey likes having TV shows appear when they air in the States and that's it.
She's an odd one but I love her a great deal.
I shall have a look into avahi just because I've heard of it but never known what it actually does. Thanks
With AdGuard Home you can set your wife's devices to bypass protection. Just set her devices to static ip and set a custom rule like:
@@||*^$client=127.0.0.1
Where 127.0.0.1 must be changed for her ip address. This rule means:
@@|| = unblock
*^ = everything
$client = for this client
AdGuard Home supports static clients. Unless the instance is being used over TCP (port 53, unencrypted), it is by far the better way to use clientnames in the DNS server addresses and unblock the clients over that.
For DoT: clientname.dns.yourdomain.com
For DoH: https://dns.yourdomain.com/dns-query/clientname
A client, especially a mobile one, can simply not guarantee always having the same IP address.