I have a bunch of services running on my LAN, mostly from a single Debian machine. I access them at URLs like http://devicename.lan:portnumber. I would like to change to http://servicename.devicename.lan.

How it works now: The router (openwrt) sets a static IP per device and the port number is selected by the application or system unit running it.

What is the absolute simplest way to accomplish this? I don’t mind if it is managed by the router or by the server machine itself. Hoping for something that can be configured with a text file or web interface or other basic mathod.

These sevices are private, just for me and I have no plans to ever access them externally. I have so far avoided any certificates or SSL or other stuff. I don’t use docker and would rather not get into it right now. I like my domain name setup how it is with fake local domains.

Hoping this could be possible without making a whole project out of it.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    12 hours ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    CA (SSL) Certificate Authority
    DNS Domain Name Service/System
    ISP Internet Service Provider
    NAT Network Address Translation
    TLS Transport Layer Security, supersedes SSL
    ULA Unique Local Address (non-routable local address, IPv6)
    nginx Popular HTTP server

    [Thread #52 for this comm, first seen 12th Jul 2026, 06:30] [FAQ] [Full list] [Contact] [Source code]

      • moonpiedumplings@programming.dev
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 days ago

        You can use local certs with nginx proxy manager as well. You can upload certs via the web ui.

        Rather than local certs though, I would recommend buying a domain and using it locally, with https. The problem with the local cert approach outlined in the video, is that importing a root cert opens up a big security hole to MITM attacks. If an attacker gets the root certificate, they can now MITM everything else your browser is accessing. You turn the browser from one of the most secure components of a modern OS, into only as secure as the server hosting the root certificates.

        The approach I would prefer, is to buy a domain, and use it locally, using DNS-01 challenges to get letsencrypt signed certificates even from within an internal network. Both Caddy and NPM have support for DNS-01 challenges.