I kind of want to set up my own domain for personal stuff and learning purposes. I was thinking of using it for a vpn for ssh-ing into my local devices and for hosting git repos and stuff. Maybe a phorge instance or something. It wouldn’t really be for public use so I don’t think I need to worry about high traffic.
I know when hexbear switched domain name services during the recent debacle that people seemed to really like the new one but I forget what it was called. As for server hosting, I guess aws is the obvious choice, but that and azure are the only choices I’m even aware of, so I don’t know if there’s something else out there that’d be better suited to my needs. Actually, do I even need server hosting at all? My friend mentioned that I could configure my router to forward requests on a certain port to one of my devices, so could I set up my own server that way? Wouldn’t that cause issues if the router restarts and I get a new ip address?
I use Alibaba Cloud DNS.
Cheap, Out of any worry of being taken down by the USA.
porkbun is the one yeah. There are other options but they all kinda suck and so far I haven’t seen anything bad with porkbun
don’t use the big 3 cloud providers (aws, google, azure), they’re ridiculously overpriced for what you need.
There are ways you could do it from your home internet connection, but it makes it slightly more complex especially if you want to be at all anonymous. Cloudflare, if you’re cool with using them, does offer this capability I believe. But of course you’ll be limited by the quality of your internet connection, stability of your power, and keeping your computer on at all times. But there’s advantages too (you could have full disk encryption, cost is lower, you’ll likely have a more powerful PC at home than the server you would rent, etc)
Others already have good recommendations for the provider so I will add some other notes.
First, please note that with the way DNS works, your home IP will now be recognizable as “the IP this domain points to” so make sure the chain of networking devices are secure, starting at your router. At minimum make sure the router firmware is up to date. The only way to avoid this kind of thing is to have a VPS as an intermediary, essentially a tunnel, though there are fancy new ways of making tunnels more powerful, like self-hosting tailscale-like services. But that has its own security downside, which is trusting the VPS provider. I think a DNS entry for your own home IP is generally better in terms of security vs. time invested but the VPS can be made theoretically superior by being careful with cryptographic strategy.
Second, yes you can, generally speaking, forward external requests on a given port to a local network IP and port. This is a decent way to slightly obfuscate ssh. By default it is port 22, so instead of opening 22 externally, you make some high-number (like 55342) port externally route to a server on port 22 locally. When sshing externally you just specify the high number port. Your router firmware may limit how well this works.
Third, yes the IP changing can cause DNS problems. You can set up a dynamic DNS service that changes your DNS records if your router external IP changes. If you run router firmware like OpenWRT the router itself can run this service. But you can also run dynamic DNS on a local server and have it do the same thing. Using a provider with a good API like porkbun makes this easier.
The DNS registrar Hexbear is using now is called: Porkbun
As for server hosting:
I use Digital Ocean for their most basic tier server, which costs me about $6 a month. However, I only use this server as a VPS (Virtual Privet Server) Gateway and Reverse Proxy. The server hosts a WireGuard VPN that connects back to a box I control that is stuck behind a CG-NAT. The VPS Gateway is necessary to pierce the CG-Nat and allow traffic to the box on the network I control.
On that box is where I host all the things I want to host. If you’re not behind a CG-Nat then your network should have a public facing IP address that you can tie to a domain… However, I’d still recommend using some kind of VPS Tunnel, to not expose your ISP provided IP address to the world.
If your network gets a new IP address, you’ll want some kind of DynDNS (Dynamic DNS) type service that can automatically update your DNS record with your new IP address. Though, again, if you’re using a VPS Tunnel, then that shouldn’t matter either, since your local machine will connect to your VPS as a VPN client, while your VPS acts as the VPN host.
i used to use hetzner for server hosting and it was very affordable at the time but i eventually got IP banned for not paying my bills anyway
I use porkbun for domain registration.
There are a bunch of budget cloud hosts: buyvm, vultr, linode, scaleway. You can also do port forwarding with cloudflare (but I’m not sure how it keeps track of your home IP).
I have a custom forwarding setup based on yggdrasil where my LAN machines connect to the forwarding host and each other, then the external traffic is routed over the VPN connection in the other direction. Its pretty nice, but I haven’t taken the time to document it very well.
I haven’t taken the time to document it very well
classic ops
There are some good server hosting options that allow Tor nodes here (also good for other uses): https://community.torproject.org/relay/community-resources/good-bad-isps/
I found 1984.hosting and bitfolk.com to be pretty reasonably priced.
I was considering using one of these to use as a WireGuard VPN to hide my IP at home when I self host at some point.
