this post was submitted on 13 Nov 2023
39 points (93.3% liked)

Selfhosted

40159 readers
546 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

So I got hold of a domain that shows my exact full name. I thought it would be useful for showing up as "professional" when working in IT and sending resumes.

I got some mail forwarded using the domain registrar. I also made a small static website, which only has hello world for now but soon will get the contents filled up.

But then... what? I suppose I can host anything I want, but then there's the whole "real name - gotta look professional" aspect that makes me weary of hosting a Lemmy instance, for example, when the domain without my name attached wouldn't.

I suppose having personal domains were cool in the 90s where people were barely learning about "the internets". Not so anymore?

Is there a usefulness in having a domain name with your real name attached on this age?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 1 year ago (1 children)

I host some private stuff on mine, hidden behind an authentication service that is. But because I just use a wildcard no-one can really tell what I have hosted - the same login page occurs for every subdomain, regardless of whether it's actually wired up to something.

That doesn't help with services you wish to make semi-public (like a lemmy instance) though.

[–] [email protected] 2 points 1 year ago (2 children)

Interested in learning about the wildcard. How do you set up the DNS to accept that?

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

I'm using cloudflare as my DNS, and it's literally just:

  • Create an A record.
  • Set the name to *
  • Set the IP to the appropriate server
  • You may want to untick the proxy, depending on what you're hosting. If it's web stuff only it's fine, but if you're doing anything else as well it'll get in the way.

On the letsencrypt side, it's pretty similar. Create a certificate with domain.name and *.domain.name (if you want them to share a cert) and you're off.

[–] Perhyte 1 points 1 year ago

I have a similar setup.

Getting the DNS to return the right addresses is easy enough: you just set your records for subdomain * instead a specific subdomain, and then any subdomain that's not explicitly configured will default to using the records for *.

Assuming you want to use Let's Encrypt (or another ACME CA) you'll probably want to make sure you use an ACME client that supports your DNS provider's API (or switch DNS provider to one that has an API your client supports). That way you can get wildcard TLS certificates (so individual subdomains won't still leak via Certificate Transparency logs). Configure your ACME client to use the Let's Encrypt staging server until you see a wildcard certificate on your domains.

Some other stuff you'll probably want:

  • A reverse proxy to handle requests for those subdomains. I use Caddy, but basically any reverse proxy will do. The reason I like Caddy is that it has a built-in ACME client as well as a bunch of plugins for DNS providers including my preferred one. It's a bit tricky to set this up with wildcard certificates (by default it likes to request individual subdomain certificates), but I got it working and it's been running very smoothly since.
  • To put a login screen before each service I've configured Caddy to only let visitors through to the real pages (or the error page, for unconfigured domains) if Authelia agrees.