Im sure this has been asked before i juat can’t find where it has been - Maybe need to work on how to search Lemmy better. But…
Id like to eventually self host some sevices that require external access. While I have IpV6 addresses my IPV4 is dynamic.
Whats the best free way to be able to point some domains/ subdomains I have to my external dynamic IP and keep it updated. Im running OpenWrt on my router. - So possibly should be posting there.
Free Dyndns services seem to be a bit crap. Do I need to pay for a VPS? (seems to defeat the point of self hosting)
Cloudflare has an api for easy dynamic dns. I use oznu/docker-cloudflare-ddns to manage this, it’s super easy:
docker run \ -e API_KEY=xxxxxxx \ -e ZONE=example.com \ -e SUBDOMAIN=subdomain \ oznu/cloudflare-ddnsThen I just make a CNAME for each of my public facing services to point to ‘subdomain.example.com’ and use a reverse proxy to get incoming traffic to the right service.
Many DNS providers have an API and are supported by various dynamicDNS clients. I use Cloudflare and the built in client on my Opnsense router.
OpenWRT should have a client too that supports a bunch of services.
VPS with a tunnel between it and home services (Wireguard/Tailscale, etc)in my opinion is Best Way as it isolates your home gateway (no open ports, because you make outbound connections to your VPS), and let VPS handle Identity and Access Management
(Or an equivalent isolating architecture).
Alternatively, Tailscale has a Funnel feature which can route public traffic into your Tailscale network. Though I don’t love this approach, it does work for low-volume connections.
Self hosting doesn’t mean you should host everything yourself at home, using a VPS you manage (so the data inside it is still yours) is also a viable option for selfhosting. I myself host some services at home and a few others in a VPS.
As for Dyndns, I’ve used a few providers over the years. DuckDNS is the one I’ve been using for 5 years or so and it’s not failed me once. Pretty happy with it.
Maybe you could have a duckdns pointing to your dynamic IP and your domains / subdomains with a CNAME pointing to the dyndns address?
FreeDNS works pretty well as long as you don’t need more than 5 DNS records.
Other free services I had good experiences with:
There are two options, one is tunneling (e.g. tailscale, cloudfare tunnels, or a VPS either with special software or plain old SSH port forward constant connection). The other option, the most popular answer (I think, influenced by how yoy asked) is Dynamic DNS or DynDNS (e.g. duck, hurricane, freedns, etc.) this second one is like the classic solution.
I’ve been using No-IP free plan for years without issues. Inputted the credentials to my routers DDNS client and then basically forgot about it. Free users need to confirm their account once a month via email but that’s just one click.
If your domain registrar happens to have an API to update DNS entries, you could implement DDNS yourself by writing a simple automated script to check the external IP (e.g. via ipify.org) and if it’s changed from the last check then call the API to update the DNS entries.
No-IP
Don’t recommend that. There are plenty of better alternatives such as https://freedns.afraid.org/ and https://www.duckdns.org/ that aren’t run by predatory companies that may pull the plug like DynDNS did.
Yeah been using No-ip free but I worry that one day I will forget to confirm and ill ge cut-off.
I’m using cloudflare as my nameserver and the free API seems to work just fine with ddclient.
ddclient paired with a supported provider.
Script that checks your external IP and updates your DNS provider via API.
Since you run already OpenWrt, you can check out https://openwrt.org/docs/guide-user/services/ddns/client
There is a list on this page of compatible services. If you don’t want to use one more service (DNS), you can use a domain registrar with an API (like porkbun) and find online tools that work with that.
Be aware of the risks of hosting your websites publicly from home, make sure to run them in very isolated environments. Having your VPS compromised is bad, but having your home network compromised is much worse!
That lists afraid.org as a ddns provider.
They are pretty great, I use them as my domain host.
Be aware of the risks of hosting your websites publicly from home, make sure to run them in very isolated environments. Having your VPS compromised is bad, but having your home network compromised is much worse!
Agree - Not something I will throw myself into.
Yes I use no-ip but have to confirm the domain name every month or so and cant use my own domain on the free tier. (Maybe im just being cheap) - Also I haven’t been able to figure out how I would use / get SSL certificates.
Yes, I have used it in the past and it was annoying…
You can get SSL certs with letsencrypt, but you need to use the http verification method.
Not anymore, it supports txt records now
Try duckdns, it doesnt nag you every month and it just works
Wow thanks everyone. I think I need to take another look at some of the DynDNS provides and digest all your great feedback.
Id like to go beyond personal self hosting stuff and maybe run some stuff that requires Federation. Im just thinking at the moment.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol SSH Secure Shell for remote terminal access SSL Secure Sockets Layer, for transparent encryption VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting) nginx Popular HTTP server
[Thread #891 for this sub, first seen 27th Jul 2024, 19:35] [FAQ] [Full list] [Contact] [Source code]
Namecheap domains include a dynamic DNS application for free and it works well. Be aware that it only runs on Windows.
Get your own domain, find a free DNS service that provides an API, and it becomes a simple matter of updating a DNS
Arecord whenever your IP changes.Here’s a starting point: https://community.letsencrypt.org/t/dns-providers-who-easily-integrate-with-lets-encrypt-dns-validation/86438
Don’t use a DynamicDNS service, they’re usually crap and they make you depend on a domain you don’t own.
