2022-10-29 08:12:05 +00:00
# local-ip.sh
2022-10-27 21:55:37 +00:00
2024-07-20 00:43:52 +00:00
[local-ip.sh ](https://local-ip.sh ) is a magic domain name that provides wildcard DNS for any IP address.
2023-12-14 00:07:15 +00:00
It is heavily inspired by [local-ip.co ](http://local-ip.co ), [sslip.io ](https://sslip.io ), and [xip.io ](https://xip.io )
2022-10-27 21:55:37 +00:00
## Usage
```sh
2023-12-14 00:07:15 +00:00
go run ./main.go # binds to :53 by default but you can override it by using the `-port` parameter
2022-10-30 17:54:07 +00:00
dig @localhost 10-0-1-29.my.local-ip.sh +short
# 10.0.1.29
dig @localhost app.10-0-1-29.my.local-ip.sh +short
# 10.0.1.29
dig @localhost foo.bar.10.0.1.29.my.local-ip.sh +short
# 10.0.1.29
dig @localhost 127.0.0.1.my.local-ip.sh +short
# 127.0.0.1
2022-10-27 21:55:37 +00:00
```
2023-12-14 00:07:15 +00:00
## How it works
local-ip.sh packs up:
- an authoritative DNS server that answers queries for the zone `local-ip.sh`
2024-07-20 00:43:52 +00:00
- a Let's Encrypt client that takes care of obtaining and renewing the wildcard certificate for `*.local-ip.sh` and the root certificate for `local-ip.sh` using the [DNS-01 challenge ](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge )
- an HTTP server that serves static files, including the certificate files
2023-12-14 00:07:15 +00:00
2024-07-20 00:43:52 +00:00
It answers queries with the IPv4 address it may find in the subdomain by pattern matching the FQDN.
2023-12-14 00:07:15 +00:00
It registers an account to Let's Encrypt's ACME server to obtain the wildcard certificate on the first run and then renew
2024-07-20 00:43:52 +00:00
it about a month before it expires. The account file and the associated key used to request a certificate under the `./.lego/accounts`
directory and the certificate's files are stored in `./.lego/certs` .
2023-12-14 00:07:15 +00:00
The certificate files are served by an HTTP server on the arbitrary port `:9229` that is intentionally not exposed to
the internet. [The website ](https://local-ip.sh ) is connected to the same private network as the service and serves
as a proxy to access the files securely.
## Self-hosting
2024-07-09 23:09:18 +00:00
I'm currently hosting [local-ip.sh ](https://local-ip.sh ) at [Fly.io ](https://fly.io ) but you can host the service yourself
2023-12-14 00:07:15 +00:00
if you're into that kind of thing. Note that you will need to edit your domain's glue records so make sure your registrar allows it.
You will essentially need to:
- replace any occurrence of `local-ip.sh` in `.go` files with your domain
- replace the hardcoded IP addresses in the `hardcodedRecords` map declared in [`xip.go:37` ](./xip/xip.go#L37 ), the important records to keep are:
- `A ns.local-ip.sh.` holds both IP addresses pointing to `ns1.` and `ns2.`
- `A ns1.local-ip.sh.` holds the first IP address pointing to the server hosting local-ip.sh
- `A ns2.local-ip.sh.` holds the second IP address pointing to the server, exists for redundancy
- `TXT _acme-challenge.local-ip.sh.` will temporarily hold the value to solve the DNS-01 challenge
- set your domain's glue records to point to the IP addresses you set for `ns1.` and `ns2.`
- retrieve the certificate files once the program is up and running
