2·
7 months agoYeah porkbun is good.
To see how the glue records work, you can run dig +trace example.com
This answer goes into detail how it works behind the scenes.
https://superuser.com/questions/715632/how-does-dig-trace-actually-work
- 1 Post
- 23 Comments
Joined 1 year ago
Cake day: August 5th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
RFC 2606 is your friend ;-)
Their own doc, sure why not.
Any other context where there’s a giant with the same name. No, please at least write it out expanded once.
Two wrongs don’t make a right. I was scratching my head for a few seconds looking at the thumbnail and the title. And even the post body didn’t clarify things. 🤷🏻
I use porkbun.com for my domains, which is excellent, and also has glue record support.
https://kb.porkbun.com/article/112-how-to-host-your-own-nameservers-with-glue-records
The thing you want is “glue records” the upper level server would serve ns1.example.com (this is an approved domain for example use, better to use example.com than making your own example up) as the authoritative name server. Then provide the glue record which says “ns1.example.com is at IP address X”.
It should ask for IP addresses as well as hostname. Otherwise they only assumed people will “host” their domain in another hosted, as opposed to self-hosting.
In that case (and in any other case) change your registrar to someone else who supports glue records.
Check out this previous comment
Lots of people contributed really good answers, so I don’t have anything valuable to add to their answers. But I wanted to point out for your detailed question, you include what you have done, what is your understanding and what are your shortcomings clearly. As opposed to a lot of posts with vague, detail-challenged narratives, that’s a top notch post.
And the community delivered by giving good answers, so go community!
Also, you didn’t just ghost after the initial post and interacted.with the people who graciously donated their time, so another bonus point there, as well.
Yeah, that’s the key point. They weren’t trawling all the servers, they probably had a wiretap order for one specific server. As a legal business, you can’t just say no to police because you don’t like mitm.
I have been using porkbun.com as a domain registrar.
For email hosting, self-hosting is a lot of effort. If you just want the damned thing to work. I’ve heard good things about Fastmail, and personally I’m using migadu.com. it’s $19/year for micro.
Use any imap client, or if you want to keep using what you’re using Gmail and Outlook and Apple mail apps w all support your new personal account over imap as well
What kind of limitation did you run into? Lack of packages or speed?
6GB is more than enough for many desktop environments. Plus, a server wouldn’t have any anyway. not booting the Ubuntu installer seems like a bug, or other non-resource problem. if you try with a newer installer, or some other distro, that computer can host many things.
Lots of relevant comments in this post https://aussie.zone/post/4286731
in addition to “dedicated Nas + compute node” and “just use a desktop” suggestions, there’s the microserver option in between. Small, but has enough power to run stuff other than storage.
Hp proliant microserver is what I use, you can try getting a previous generation from second hand market.
“underpowered” routers are usually underpowered for multiple high bandwidth wireless connections. if you disable the wireless, shoving bits over copper would -usually- be efficient enough to not be the bottleneck.
Did you consider keeping the services closed to the outside world and using tailscale to access them? Doesn’t work well if you want to give access to a bunch of people, though.
Random idea, continuously ping the router from the laptop so it doesn’t “forget” that the laptop exists on the WLAN?
(I know you mention the laptop can still reach out when you try, but maybe the trick is to keep having traffic to-from the laptop continuously)
VPN software usually is built strong to begin with, and any vulnerabilities discovered will be promptly fixed as well, so updating frequently should suffice. (Why not automate it with
unattended-upgradespackage?Using a random high port number will probably hide it well enough for Internet-wide port scanners as well.
if you want to be extra paranoid, you can hide the VPN service behind a port knocker as well.
I recommend https://migadu.com. not free, but the lowest price tier has lots of features, unlimited mailboxes etc.
You would need to create a new torrent whenever new files are added or edited. Not very practical for continuous use.