Ok so it is fully qualified then? I'm just confused because it sounded like you were saying I wasn't using the term correctly in your other comment.
qjkxbmwvz
joined 1 year ago
Hmm, my understanding was that FQDN means that anyone will resolve the domain to e.g. the same IP address? Which is the case here (unless DNS rebinding mitigations or similar are employed)
but it doesn't resolve to the same physical host in this case since it's a private IP. Wikipedia:
A fully qualified domain name is distinguished by its lack of ambiguity in terms of DNS zone location in the hierarchy of DNS labels: it can be interpreted only in one way.
In my example, I can run nslookup jellyfin.myexample.com 8.8.8.8 and it resolves to what I expect (a local IP address).
But IANA network professional by any means, so maybe I'm misusing the term?
TIL, thanks. I use namecheap and haven't had any problems (mikrorik router).
If you have your own domain name+control over the DNS entries, a cute trick you can use for Jellyfin is to set up a fully qualified DNS entry to point to your local (private) IP address.
So, you can have jellyfin.example.com point to 192.168.0.100 or similar. Inaccessible to the outside world (assuming you have your servers set up securely, no port forwarding), but local devices can access.
This is useful if you want to play on e.g. Chromecast/Google TV dongle but don't want your traffic going over the Internet.
It's a silly trick to work around the fact that these devices don't always query the local DNS server (e.g., your router), so you need something fully qualified
but a private IP on a public DNS record works just fine!
The network gear I manage is only accessible via VPN, or from a trusted internal network...
...and by the gear I manage, I mean my home network (a router and a few managed switches and access points). If a doofus like me can set it up for my home, I'd think that actual companies would be able to figure it out, too.
Add to that photo editing (as much as GIMP is great...). I would guess DAW and video editing would fall under that category, too...and good luck finding many AAA open source games.
I'm holding out for Aperture Science, if for no other reason than that their AI has a dry, dark sense of humor.
Just use your $200+ Fluke to check the batteries, problem solved.
It's mostly so that I can have SSL handled by nginx (and not per-service), and also for ease of hosting multiple services accessible via subdomains. So every service is its own subdomain.
Additionally, my internal network (as in, my physical LAN) does not have any port forwarding enabled
everything is over WireGuard to my VPS.
My method:
VPS with reverse proxy to my public facing services. This holds SSL certs, and communicates with home network through WireGuard link configured on my router.
Local computer with reverse proxy for all services. This also has SSL certs, and handles the same services as the VPS, so I can have local/LAN speeds. Additionally, it serves as a reverse proxy for all my private services, such as my router/switches/access point config pages, Jellyfin, etc.
No complaints, it mostly just works. I also have my router override DNS entries for my FQDN to resolve locally, so I use the same URL for accessing public services on my LAN.
But this is USPS, which isn't an American company, it's a US independent agency.
Their mandate isn't (AFAIK...) to make a profit, but rather to serve the mail requirements of a very large country.
Personally, my experiences with USPS have been generally positive, from passports for infants to free change-of-address forwarding service to tracking down quasi-scam products from Amazon. YMMV though.