• 0 Posts
  • 16 Comments
Joined 2 years ago
cake
Cake day: July 5th, 2023

help-circle



  • You mean the country that owns and has always owned .ml TLD, which states rules you must follow if you want to register a domain with that TLD, which states the penalties which include forfiet of your domain name, surpised people when they did what they said they would do?

    This is kind of interesting to see how the public views ownership. There seems to be an assumption that buying xyz.com is akin to buying a utility (we pay for water service to drink and drown or waterboard). This ain’t it. A domain name is a registration in a database on servers that need to be constantly online, it had costs, it has governance concerns and technical infrastructure that must be maintained. There isn’t a higher power here, no government owns the internet, but some governments do own their own TLDs. This makes it possible to have mali.ml vs visitbeautifulmali420.squarespace.com. It might feel like you have the power to buy fuckmali.ml and put turn it into goatse but mali can nuke your registration if they wanted to. How did these countries get the TLDs? ICANN. But don’t think ICANN is going to jump in and break their rules for you.

    This sucks but ICANN has a solution… there are many many TLDs out there now. They all work the same: it’s just a name, point it where you go and it works like any .com or .org. or whatever. Fun ones like .zip and .xxx. grab one you like but be sure to read the rules when registering. Some TLDs do NOT allow private registration. Most country based TLDs (ccTLDs) require that you live in that country and provide proof of citizenship.

    This has been around since the inception of the internet. There are alternatives to ICANN, but I am not positive you will want to use them because:

    • your visitors will need to use these alternatives on all devices or on the router in order to access your site.
    • legit domain holders may not have records on these alternate services but malicious actors might. If we change the IP to a malicious actor for apple servers at the DNS level because the TLDs arent using the root-servers.net, anyone using those TLD root servers could easily be hacked.

    It’s not great, but ICANN starts the chain of trust upon which the internet relies.






  • +1 for nginx, although there has been some concern because nginx is developed by a group of russians though it is open source and appears to still be widely used. If this worries you, look into traefik.

    Otherwise does your ProxMox setup run docker containers? If so you can use NginxProxyManager which has a web gui for configuring your virtual hosts.

    At a high level what you need is this:

    • all domains routed to your host (or home if self hosting) IP.
    • that IP needs to have a reverse proxy server like traefik or nginx listening on port 80 and port 443 if you want ssl/tls.
    • your app servers which run lemmy, nextcloud, etc can be anywhere on your network where your reverse proxy can access. You’ll need to create vhosts for each. The server uses the Host header to determine which IP to reverse proxy to, eithe lemmy.moorefam.net or nextcloud.moorefam.net
    • the reverse proxy will get the content from lemmy or nextcloud and serve it via that IP and port.
    • ensure your home router is port forwarded on 80 (and 443 if you want ssl/tls) if you want to access these instances from the public internet but beware, you might want to add a firewall in-between if you aren’t confident in your router’s firewall.