Comments (4)
This is a pretty big topic and very much depends on what router you are using and what you are comfortable doing in regards to DNS @home. You have some options, and even more than I can sum up here:
- Use your
/etc/hosts
and have a override for your local domains, then delete the entry from cloudflare so it's internal only. But this means all devices on your network need to have a host file with the same entries to access the services. - Use split-brain DNS on your router or pihole or whatever and have a host override for your domain so the traffic never leaves your home network, then delete the entry from cloudflare so it's internal only and only manage services you want to be external in cloudflare.
- Almost the same as above but use NAT reflection.
- Check out how I manage DNS @home
from cluster-template.
I am currently using Pi-hole as my DNS server at home. I have configured in dnsmasq a redirect from my domain to the Metallb traefik IP. Then I can configure the entry for any app to be external or not with an annotation to create the Cloudflare record, but it will be accessible from my local network either way.
Example dnsmasq config:
address=/public-domain.com/192.168.1.220
Example ingress config:
ingress:
enabled: true
ingressClassName: "traefik"
annotations:
hajimari.io/icon: "home-assistant"
cert-manager.io/cluster-issuer: "letsencrypt-production"
traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
external-dns.alpha.kubernetes.io/target: "${SECRET_DOMAIN}" # Only needed if external access is required
external-dns.alpha.kubernetes.io/cloudflare-proxied: "true" # Only needed if external access is required
There may be better ways to do it, but this one was easy and has worked for me so far.
from cluster-template.
@META-DREAMER I am going to re-open this issue and pin it. It's a pretty common topic for people to discuss.
from cluster-template.
With #288 and #287 implemented I am going to close this issue. The docs were updated to reflect these changes on how it works.
from cluster-template.
Related Issues (20)
- Make the config file more structured
- Cluster user secrets not removed from template HOT 1
- Sops decrypt: can't find file /home/<user>/.config/sops/age/keys.txt HOT 2
- Drop support for k0s HOT 1
- task: Flux already installed, precondition not met during flux:bootstrap HOT 1
- readme has old variables
- Networking with cilium 1.15.0 does not work HOT 3
- Talos config assumes gateway is on .1 address HOT 5
- Ciliums BGP options should be moved outside of the talos config since k3s can also use it.
- Revert allowing flux to be disabled
- Add Pull Through Image Cache HOT 4
- Talos secrets file is ignored due to incorrect name HOT 2
- Install kube-vip with the official Helm chart for k3s HOT 1
- Talos install error: "failed to verify certificate: x509: certificate signed by unknown authority" HOT 12
- Deploy wg-easy after setting up cluster
- Talos install error - couldn't get current server API group list: - tls: internal error HOT 14
- Fix UDP Buffer Sizes for cloudflared tunnel HOT 1
- RFC: Consider dropping support for k3s HOT 19
- flux cannot connect to ssh HOT 1
- Renovate now recommends `config:best-practices` HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cluster-template.