alezmad/nuc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8b503a549ca08b531b8358e66e7dd8a8dc68d7db
nuc/docs/lan-dns-setup.md
Alejandro Gutiérrez 390eda1595 Initial commit - NUC server configuration and docs 
- CLAUDE.md: Server instructions and service reference
- docs/: Persistent documentation (architecture, guides)
- .artifacts/: Session-generated notes
- playwriter-browser/: Remote browser container config

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 20:49:20 +00:00

115 lines
3.0 KiB
Markdown
Raw Blame History

# NUC.lan DNS Configuration
**Date:** 2026-02-01 19:15
**Context:** Setting up friendly hostname for local NUC access via Tailscale
## Summary
Configured `nuc.lan` as a friendly hostname for accessing NUC services on the local network, working around macOS `.local` mDNS handling.
## Why .lan instead of .local?
macOS reserves the `.local` TLD for multicast DNS (Bonjour/mDNS). This means:
- `.local` domains bypass regular DNS and go to mDNS
- Tailscale split DNS cannot override this behavior
- `.lan` works correctly with standard DNS resolution
## Configuration
### 1. OpenWrt Router DNS Entry
```bash
ssh -i ~/.ssh/id_ed25519_nuc root@192.168.1.1 "
uci add dhcp domain
uci set dhcp.@domain[-1].name='nuc.lan'
uci set dhcp.@domain[-1].ip='192.168.1.3'
uci commit dhcp
/etc/init.d/dnsmasq restart
"
```
### 2. Tailscale Split DNS
| Setting | Value |
|---------|-------|
| **Nameserver** | 192.168.1.1 (router) |
| **Domain** | lan |
| **Type** | Split DNS |
**Dashboard:** https://login.tailscale.com/admin/dns
This tells Tailscale to forward all `.lan` domain queries to the router (192.168.1.1), which resolves `nuc.lan` to `192.168.1.3`.
## Verification
```bash
# DNS resolution
dig nuc.lan +short
# Returns: 192.168.1.3
# HTTP access
curl -s http://nuc.lan:8086
# Returns: NUC Portal (Homer dashboard)
```
## NUC Portal
| Property | Value |
|----------|-------|
| **URL** | **http://nuc.lan** (port 80) |
| **Alt URL** | http://nuc.lan:8086 (direct) |
| **Container** | portal-l44gcskok8c8wcocwswg08w8 |
| **Image** | b4bz/homer:latest |
| **Config** | /www/assets/config.yml |
The portal is routed through Traefik on port 80, making it accessible at the clean URL `http://nuc.lan`.
### Traefik Labels
```yaml
labels:
- "traefik.enable=true"
- "traefik.http.routers.nuc-portal.rule=Host(`nuc.lan`)"
- "traefik.http.routers.nuc-portal.entrypoints=http"
- "traefik.http.services.nuc-portal.loadbalancer.server.port=8080"
```
### Security: Local Only
This portal is **NOT accessible from the internet** because:
1. `nuc.lan` DNS only exists in local router + Tailscale split DNS
2. No Cloudflare Tunnel route exists for `nuc.lan`
3. Traefik only routes requests with `Host: nuc.lan` header
The portal provides links to all NUC services using `nuc.lan` URLs.
## Service URLs
| Service | URL |
|---------|-----|
| NUC Portal | http://nuc.lan:8086 |
| Coolify | http://nuc.lan:8000 |
| Homepage | http://nuc.lan:3000 |
| Snappymail | http://nuc.lan:8082 |
| Stalwart Admin | http://nuc.lan:8081 |
| Outline | http://nuc.lan:3080 |
| n8n | http://nuc.lan:5678 |
| NocoDB | http://nuc.lan:8084 |
| Gitea | http://nuc.lan:3030 |
| Uptime Kuma | http://nuc.lan:3001 |
| MinIO | http://nuc.lan:9001 |
| Vaultwarden | http://nuc.lan:8222 |
| Dozzle | http://nuc.lan:9999 |
## Requirements
- Must be connected to Tailscale network
- Works from any device on the Tailnet (Mac, iPhone, etc.)
- Router must be reachable from Tailscale devices
## Related
- NUC Portal artifact: Previous session
- Tailscale DNS: https://login.tailscale.com/admin/dns
- OpenWrt Router: 192.168.1.1
Reference in New Issue View Git Blame Copy Permalink