Local IP addresses in public DNS and OpenWRT rebind protection, fix address resolution First of all, I have noticed that I cannot resolve private IP addresses (RFC1918) defined in my CloudFlare DNS zone. While on the network served by OpenWRT router, I got this error: $ nslookup ****.prokop.dev *** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available for zt33.prokop.dev Server: OpenWrt.lan Address: fd**:****:****::1 And it of course works when using network in my Belfast’s home office, which is currently served by EdgeRouter 4 (to be soon replaced by custome OpenWRT built on RPi5)....

Certbot on Arch Linux In this post, I cover how to configure Let’s Encrypt DNS challenge with DNS-01 challenge. Setup Install the following packages (certbot and CloudFlare plug-in): pacman -S certbot pacman -S certbot-dns-cloudflare Navigate to https://dash.cloudflare.com/profile/api-tokens and create API Token. Then preserve that token in local file: $ vi .secrets/certbot-cloudflare.ini # Cloudflare API token used by Certbot dns_cloudflare_api_token = <YOUR_TOKEN_HERE> To avoid seeing Unsafe permissions on credentials configuration file: /root/....

Installation To install ZeroTier on OpenWRT, Execute the following from shell: opkg update opkg install zerotier restart You should see something similar to the below: Installing zerotier (1.12.2-2) to root... Downloading https://downloads.openwrt.org/releases/23.05.3/packages/mips_24kc/packages/zerotier_1.12.2-2_mips_24kc.ipk Installing libstdcpp6 (12.3.0-4) to root... Downloading https://downloads.openwrt.org/releases/23.05.3/targets/ath79/generic/packages/libstdcpp6_12.3.0-4_mips_24kc.ipk Installing kmod-tun (5.15.150-1) to root... Downloading https://downloads.openwrt.org/releases/23.05.3/targets/ath79/generic/packages/kmod-tun_5.15.150-1_mips_24kc.ipk Installing ip-tiny (6.3.0-1) to root... Downloading https://downloads.openwrt.org/releases/23.05.3/packages/mips_24kc/base/ip-tiny_6.3.0-1_mips_24kc.ipk Installing libminiupnpc (2.2.3-1) to root... Downloading https://downloads.openwrt.org/releases/23.05.3/packages/mips_24kc/packages/libminiupnpc_2.2.3-1_mips_24kc.ipk Installing libnatpmp1 (20150609-3) to root... Downloading https://downloads.openwrt.org/releases/23.05.3/packages/mips_24kc/packages/libnatpmp1_20150609-3_mips_24kc.ipk Installing libatomic1 (12.3.0-4) to root....

The needs This post describes how I’ve configured a Cloud Storage bucket to host a static assets (shared) for various websites across my domains. The aim is to have something like https://assets.prokop.dev to offer from single URL all assets, I might ever need to handle my WEB stuff. Using Google Cloud Storage The following is everything what was required to create fully operational, CDN powered, backed by object bucket asset distribution facility....

The needs This post describes how I’ve configured a Cloud Storage bucket to host a static assets (shared) for various websites across my domains. The aim is to have something like https://assets.prokop.dev to offer from single URL all assets, I might ever need to handle my WEB stuff. Using Google Cloud Storage The following is everything what was required to create fully operational, CDN powered, backed by object bucket asset distribution facility....