I’ve wanted to install pihole so I can access my machines via DNS, currently I have names for my machines in my /etc/hosts files across some of my machines, but that means that I have to copy the configuration to each machine independently which is not ideal.
I’ve seen some popular options for top-level domain in local environments are *.box or *.local.
I would like to use something more original and just wanted to know what you guys use to give me some ideas.
“.home.arpa” for A records.
I run my own CA and DNS, and can create vanity TLDs like: a.git, a.webmail, b.sync, etc for internal services. These are CNAMEs pointing to A records.
RFC 6762 defines the TLDs you can use safely in a local-only context:
*.intranet
*.internal
*.private
*.corp
*.home
*.lanBe a selfhosting rebel, but stick to the RFCs!
How do you get https on those though? A lot of random stuff requires https these days.
https is not a problem. But you’ll need an internal CA and distributed its certificate to your hosts’ trust store.
do not use
.local, as tempting as it may beuse
.homepersonallyManaged to buy a really sweet domain so using that for both mail and local domain
currently I have names for my machines in my /etc/hosts files across some of my machines
A better way is to set the DHCP server to resolve local too via DNS.
So in my case proxmox.mydomain.com and proxmox both resolve to a local IP…without any need to configure IPs manually anywhere.
On opnsense it’s under Unbound >> Register DHCP Leases
.local
Being a bit of a rebel myself. I use ONLY a tld, and where subdomains would be used, I use domain.tld
This has lead me to discover quite a few projects out there that don’t parse domain names correctly, especially when you want to use an email like admin@tld and it cries because you have no dot.
My TLDs are:
.lan = management/wired vlan
.mobile = primary wifi
.iot = locked down for iot/home automation devices .guest = guest wifiThe domain for each is my public .io domain.
.space is the only answer, have to buy that though
dot lan. I don’t need let’sencrypt. I just ceeate my own CA, my own (wildcard) certificates, and install the CA into all my boxes that I want or need to have certificate verification succeeding.
I bought a .casa domain Using it internally, but also routing one service to the outside with that domain
Everything at my house has a TLD named after the road I live on (a founding father last name). Everything at my offsite at my dads house uses TLD named after the road he lives on (a woman’s first name).
It’s both arbitrary and practical. A number systems exist at both such as proxmox. truenas. pihole. plex. So it’s a good way to tell them appart without having to differentiate them in the domain name.
I use >!.cunt!< for my local TLD. Stands for Can’t Use New Technologies from IT Crowd.
It makes it comnical when I let friends onto my wifi.
I mean… I use xtremeownage.com
But, ya know… I own it. Although, I use a few subdomains for my home-network, with a split-horizon DNS setup.
I use .lan for anything local and my public domain is .net for anything publicly hosted.
i have owned a .com since 1997. i use that.