If you're getting paid to manage these sites you should not selfhost their dns. Use a real dns provider like cloudflare.
this post was submitted on 26 Oct 2023
3 points (100.0% liked)
Self-Hosted Main
502 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
For Example
- Service: Dropbox - Alternative: Nextcloud
- Service: Google Reader - Alternative: Tiny Tiny RSS
- Service: Blogger - Alternative: WordPress
We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.
Useful Lists
- Awesome-Selfhosted List of Software
- Awesome-Sysadmin List of Software
founded 1 year ago
MODERATORS
Yes there are a number of solutions out there including running your own bind server. But that is probably a little more difficult than what you might actually want which is just to consolidate their name servers down to one centralized place. Another comment mentioned one, clouddns is another that does this, maybe slightly differently?
I use Technitium DNS for all my DHCP/DNS/Ad Blocking.
I tired it with about 400 domains and so far it is looking good but it needs a lot more work; someone will have to write a serious command line tool as we all know that GUI tools are good for a few clicks here and there but serious work needs a terminal.
Powerdns and powerdnsadmin works well. Do keep in mind you are assuming responsibility for keeping that server up, if it fails your domains could be impacted (depending on how secondary servers are set up)
Yes. Bind DNS is the perfect candidate for that because it supports DNSSEC and everything in between. For DNS NS you need at least two static IPv4 addresses if you want to host it yourself.
Why not just use Cloudflare? Redirect client nameservers to them. Also you can pay them if you ever need prioritized support. Free plan is solid usually.
DNS is scary to selfhost.
DNS and e-mail are really, honestly, truly easy to self-host.
I don't understand this sub sometimes. You are very right.
This sub's aversion to hosting email (and now DNS) is bizarre.
Can you make an example why selfhostig DNS is scary?
Externally. Why not take use of the good options out there and make it easier for yourself?
That’s not an example. Can you please make a technical example, thanks.
Basically letting Cloudflare take ownership over DNS. So much better then logging into x amount of different domain registrars web management panels. Its not really directly comparing to your BIND solution. But a lot better then what he/she currently struggles with.
CloudFlare is a quality DNS host with a solid control panel for managing your zones. However I will say that granting access to the domain owner or their other tech people is a giant hassle on CloudFlare.
Cloudflare is a solid solution. Better than hosting yourself IMO
This is the way
no it’s dnscontrol the dns way. sir
This, and manage it with Terraform.
If you do self host dns make sure you have at least 2 vm's on different subnets (not the same ip ranges) and if you really go smart about it have them hosted in separate cloud providers to mitigate the risk a bit. Then make sure you are aware of how hackers use dns servers for example dns amplification attacks with dns to prevent yours from being used. There is documentation and CIS guides on this. But overall it is not scary. Just a bit of initial admin to get going. As other have mention there is bind, powerdns and that other one that was mentioned Technitium or something (never heard of it before). But as others have mentioned before, Cloudfare really is a good option to selfhost without the infrastructure requirements.
Cloud flare offers an api which allows you to manage it yourself without much hassle.
Thanks, but I have had issues with clients with Cloudflare in the past. They tend to ban/block websites or traffic on subjective grounds. I am happy to spin off 5 VMs if needed.
The reason I like to self host is because I am kind of sick of these large companies acting like they own us.
this is a better solution
Thanks for the detailed post. I will keep these in mind.
I use PowerDNS and PowerAdmin. Supports pretty much everything (including BIND backend), has an API, and you can store the DNS records in a SQL database.
dnscontrol it via git actions and u will never go to gui :)
You can always use a Pi-Hole which offers DNS Hosting or if you have a Synology NAS
https://dnssimple.com is also a great cheap solution that will host your own NS servers.
Cloudflare + terraform is a good solution. It's not self hosted, but cloudflare managing the dns for you is much less headache. And you can manage all the records with IaC which makes it super simple to automate and take away the 'clickops'
I use Cloudflare. I just have the users add the Cloudflare nameservers to their domain. Once all is done, I can make DNS changes while the customer continues to pay for the domain using their preferred registrar.
I would use cloudflare and terraform to be honest, but bind would work just fine. You'd be able to keep all configs in git and have a pipeline deploy to the server and reload.
I do both bind and route 53, but this is self-hosted so bind would be my choice.
I'd advise to use DNSControl, combine that with Gitlab / GitHub and a ci/cd pipeline and you'll only have to commit you're changes and the ci/cd will do the rest.
I use it to manage DNS at Cloudflare, but anything else that DNSControl can communicate with will work.
I run coredns.io these days. Simple, many plug-ins available, can handle split brain, etc.
(Personally I just make a change in git and it auto updates my dns boxes)
Bind, powerdns, dnsmasq.... You COULD do it with windows DNS server or even something like a mikrotik router....
AWS has route53.. but depending on your clients someone would be paying money...
Id probably look for someone like digitalocean or cloudflare that has an API and use that.... DNS is pretty simple... Until it's not.
Cloudflare is the best choice!
I use three instances of CoreDNS (one main and two others) at three different providers. Setup is relatively easy and I manage all DNS zone files, keys for DNSsec with Git.
I'm using freeIPA and I'm happy
Thanks for the recommendation.
DNS is a must for self-hosting!
Since you're managing clients' DNS, you don't really want to self host it.
Take a look at OctoDNS: https://github.com/octodns/octodns
Yaml config for DNS, and it just interacts with all the providers your clients want to work with while letting you have everything in one place managed via IaC.