p-o 6 hours ago

That's really neat. I also had a similar need to dynamically manage DNS Record and decided to create a Kubernetes operator instead to manage it (https://github.com/pier-oliviert/phonebook).

I do like your approach, it's really refreshing. I'd probably want to split the API keys from the rest of the config files.

Great work!

  • kurokawad 5 hours ago

    Thanks! May I ask why would you split API keys from the rest?

    • p-o 5 hours ago

      API Keys are usually secrets and as such, if I wanted to commit those files to git, the API token would not leak to my repository.

      • kurokawad 4 hours ago

        Seems legit! Gonna add it

WhatsName 7 hours ago

Please explain to me why one would go this route instead of using cloud-flare tunnel, which are way more secure, by not exposing you to the outside?

  • motive 7 hours ago

    Cloudflare Tunnels only support exposing what mostly amounts to HTTP-based services. If you're using other protocols for e.g. a game server, or something else, it won't fly unless you are also running the WARP client locally.

    • one-more-minute 6 hours ago

      Even within HTTP services, (a) your TLS will not be end to end, so you have to be happy for Cloudflare to see your data and (b) they don't like you to use up all their bandwidth with media streaming or other large files. Tunnel is a great service but there are certainly reasons not to use it.

  • kurokawad 6 hours ago

    I like to host my own software because I am the owner of my server and my data. I believe there are two solutions where you have the absolute control of your setup in terms of addressing: 1. Set up a private VPN tunnel e.g Wireguard between a public VPS and your homelab. 2. Set up a dynamic DNS. I don’t like using propietary software where I don’t have the control. And I’m not sure if Cloudflare tunnels can route every type of traffic. Plus, should we trust Cloudflare?