Questions about private home server

Hi all,

I’m new here and I hope this is the correct category to post, since IT is more about networking hardware?
Anyway, I’d like to ask a few questions concerning a private home server. Networking is not really my strong suit, so please bear with me.

Some time ago I’ve already set up a Raspberry Pi 3B+ using node.js to establish a http server with some basic routing for a few pages or applications (I probably wouldn’t really call it RESTful though). Now we’ve used to access these pages at home with our phones or computers using the Pi’s host-name, rpi-server, along with the port number specified in node.js. So everytime you’d need to type “rpi-server:8080” into the adress bar.

Now my questions are:

  • Is there a way to privately use actual domain names as adresses to access different pages on the server? It feels more natural to type “mysite(dot)com” rather than the host-name plus port number.
  • Will our home server be actually private if I set up domain names, and probably use DNS for resolving (if at all, sorry, no clue)? To my current knowledge, the server I’ve set up is only accessible if you’re connected to our home network, so our router via WiFi. I would like to keep it that way. So even if the server would have internet access (for some services like weather for example) and DNS for our own private “websites”, it should still be only accessible when connected to our home wifi.

I’ve tried to find something for this (articles or tutorials), but so far I’ve only found Windows-centric solutions. That’s why I signed up here (after following nixCraft on Twitter for quite some time now).

Hi,

Welcome to the forum.

Is there a way to privately use actual domain names as adresses to access different pages on the server? It feels more natural to type “mysite(dot)com” rather than the host-name plus port number.

Yes. you can create something like lan.mysite(dot)com" and point to RPi static IP address. For example, 192.168.0.5.

Will our home server be actually private if I set up domain names, and probably use DNS for resolving (if at all, sorry, no clue)? To my current knowledge, the server I’ve set up is only accessible if you’re connected to our home network, so our router via WiFi. I would like to keep it that way. So even if the server would have internet access (for some services like weather for example) and DNS for our own private “websites”, it should still be only accessible when connected to our home wifi.

BY default anything behind your home/ISP router is private due to NAT and firewall. Some people open those ports and redirect traffic to internal. But that is not default.

I don’t use mobile but in /etc/hosts I added entry as on my Desktop and other system:

10.8.0.100 rpi.toms.lab 
10.8.0.101 mydesktop.toms.lab 

Now I can access them using:

ping rpi.toms.lab 
curl -I rpi.toms.lab 

Simple but it worked like a charm so far.

Thank you both for your answers!
Hm, this would mean I’d have to do this for every device/OS we’re using (if that’s possible at all on mobile).
Is this what @monk meant as well with “point to RPi static IP address”? If so, I was hoping for a server-side solution rather than having to configure this on each client.

And good to know that stuff is private by default, thanks!

@Wolf-64 Yes, point to RPi static IP address. It can be done using the domain registers control panel and set RPi IPv4.

Another option is to use DHCPd resolver in your router to assign the same IP to RPi and turn on domain name resolution inside router config. Not many home or ISP-provided routers have this option.

Although stuff is private by default, I strongly suggest installing a firewall on your RPi, and maybe a password protects web apps. Do not make attackers’ jobs easy. It will also help if the router is misconfigured or has a known security bug.


Linux sysadmin blog - Linux/Unix Howtos and Tutorials - Linux bash shell scripting wiki