This is it for me. I used to use caddy a few years ago because writing config files was a breeze. Now I “use” nginx because I can define everything in a few lines of nix and it’s configured automagically for me.

!opnsense@lemmy.world is the link of anyone else wants to follow (with minimal hassle)

It’s been a while since I use caddy but I use the dns for nginx, make sure you are using the correct api key, it does not like using a too permissive one.
So a zone token instead of an account token.

Adding a link to a poll would have been far easier/expandable/honest

Out of curiosity why are you replying to yerself so many times?

Could have included it all within yer original post.

I have both a Hetzner root server (it’s nicely beefy) where I host all my public stuff (website, api’s, Lemmy instance etc) and my homelab which is more personal media (Plex, 'arrs, Gitlab, wireguard, dydns)

The Hetzner box is configured using NixOS (config).

Homelab is mostly configured with docker compose, though I have plans to switch over to nixos to nail down the config. I am using cloudflare for my dns and created a smol cli tool to update a record there with my public ip address (homemade dydns). This is used by Wireguard to give me access to everything hosted there. Even though everything is hidden away from the Internet I still have https on everything thanks to dns verification.

(hastially typed up over breakfast so it may be a tad disorganised, feel free to ask any question if ye have any)

In my (our) case we use bind to run an authoritative resolver for our domain (I am sysadmin for a uni computer society, we have our own (physical) servers)

for better or worse it is, (though I don’t recommend newcomers to boot up a bind server to manage their dns, pihole is probally the best starting point)

Thank ye,

I wonder how much of an impact being in the EU will have on that.