Domain Name System
We need to configure a DNS service to handle the translation of our domain name into the Public IP address provided by your Internet Service Provider. There are three ways to accomplish this: one requiring a paid domain name, while the two others are free subscription services.
Using Cloudflare
This is the recommended method.
Cloudflare is a content delivery and cybersecurity services company that offers free basic-tier solutions for anyone running a web service. We will be using their DNS service and nameservers to direct traffic to our server. They offer protection from Distributed Denial of Service – more commonly known as DDoS – attacks as well as defensive tools in the event that you are targeted. They will provide another layer of security to our web services.
Nameservers
When purchasing a domain name through domain registrar, they will generally to use that registrar's web services. This includes an authoritative nameserver that serves as a directory of domain names they are providing service for. The Domain Name System powering the internet is decentralized and no one entity owns it explicitly. A recursive resolver is used to systematically search these disparate nameservers and find the desired domain.
We will need to configure our domain name provider to use the CloudFlare nameservers. This will enable us to leverage their free services. The process to configure your domain's nameserver will be different based on the registrar you used. We use redundant servers to ensure that at least one is always available even if their are outages.
When purchasing a domain through Cloudflare, they are pre-configured to utilize their nameserver and security services.
These can provide insights for a select few domain name registrars:
We will need to use the Cloudflare nameservers to leverage their services. They host an assortment of decentralized nameservers to split up the workload.
You will need to create a Cloudflare account. If you want privacy and anonymity, ProtonMail allows you to create separate email aliases.
When creating an account through Cloudflare, we will first need to add our site to their dashboard and then they will assign you two nameservers.
Nameservers generally update quickly (every ~15 minutes) but it may take up to 24 hours.
You will receive an email notification once this process is complete. After you have added their nameservers through your domain name registrar, you can complete the Cloudflare domain verification.
For enhanced security, you should follow the Cloudflare guide for enabling DNSSEC.
DNS Records
Once our domain is configured to use Cloudflare's nameserver, we will need to configure traffic received at our domain to be directed to the server located at our Public IP address. DNS records – much like a label on a filing cabinet folder – explains what can be found within. These can also be used to configure email addresses, social media handles or even store public notes.
If you pay your Internet Service Provider for a static Public IP address, you can direct the domain to your server and you'd be done. We need to create an A Record to direct traffic to our IP address using the Cloudflare dashboard.
This record should have the name '@' to signify we are setting the IP address for the root of our server – such as example.com – as opposed to a sub-domain. For the IP address, we need to add the Public IP address provided by your Internet Service Provider. If you are unsure, you can view your public IPv4 address by visiting a web service like What Is My IP?.
Dynamic Addresses
Most residential Internet service plans do not come with a Static Public IP address by default. This is generally restricted to commercial business internet plans for an additional fee. Home Internet connections generally use dynamic IP addresses that may change at any time.
There are open-source software options to automatically update our IP address within DNS records. LinuxServer.io maintains a Docker image for ddclient which can connect to CloudFlare through their API to ensure the IP address is always accurate. This will require creating an API key for Cloudflare, installing ddclient and configuring it with a text editor.
Using DuckDNS
DuckDNS is a free and proprietary service where you can reserve a sub-domain – such as example.duckdns.org. This domain can be directed to your server and configured to work with your individual services. You will need to make an account with the service by logging in using to Google or GitHub through their homepage.
Once you have logged in, you can register your sub-domain through the service and assign your IP address to it. On your account page, there is a private token that can be used to automatically update your IP using a DuckDNS Docker image.
Manufacturer Dynamic DNS
Many modern routers from Tplink, Asus, linksys and Netgear offer a dynamic DNS service. This allows you to create an account with your router manufacturer. This allows you to access your server while your router automatically keep your IP address up to date. This can be configured through your router.