| 11 Sep 2025 |
 ghostbuster91 | hmm nice finding! I will look into this | 16:05:57 |
| ghostbuster91 | it does not help in my case unfortunately. With this setting you control domain on which you expect your devices to be available. By default it is local because all(?) esp devices support mdns and everyone uses it | 16:09:35 |
| ghostbuster91 | * it does not help in my case unfortunately. With this setting you control domain on which you expect your devices to be available. By default it is local because all(?) esp devices support mdns and everyone uses it like that | 16:09:44 |
 toonn | Katalin: I may have a utility that does that to proxy mDNS hosts with Nginx. | 16:15:10 |
 Katalin 🔪 | In reply to @toonn:matrix.org
Katalin: I may have a utility that does that to proxy mDNS hosts with Nginx. sorry, does what? | 16:17:33 |
| toonn | Responds to DNS queries with mDNS responses. | 16:25:05 |
| Katalin 🔪 | oh wow 🫠| 16:27:14 |
| toonn | Don't tell anyone though, wouldn't want to hurt my reputation. | 16:28:40 |
| Katalin 🔪 | new blackmail material acquired /j | 16:29:23 |
| ghostbuster91 | please share it or otherwise I will spread the word :P | 16:35:48 |
| toonn | I could upload it to Codeberg if you really want but it's a small pile of mostly commented out Haskell. | 16:42:03 |
| ghostbuster91 | yes, please, I am curious how it works actually | 16:44:30 |
| 12 Sep 2025 |
|  @jordanjoel1:matrix.org changed their profile picture. | 03:27:06 |
| @jordanjoel1:matrix.org left the room. | 03:34:46 |
| ghostbuster91 | Katalin 🔪: toonn what do you think about switching from tailscale to zerotier in this case? | 10:26:18 |
| toonn | Don't have experience with Zerotier. It sounds more open but I don't have reliable publically accessible hardware for relaying and such. | 10:35:03 |
|  Em Vee joined the room. | 12:47:05 |
| toonn | ghostbuster91: As promised my unicast DNS multicaster, https://codeberg.org/toonn/dns2mdns | 13:15:30 |
 Jassuko | Huh? Doesn't nginx support resolving through normal OS provided name lookups? | 13:32:35 |
| toonn | If you have a configuration for me that makes that utility redundant, I'm all ears. | 13:37:14 |
 magic_rb | @toonn:matrix.org some haskell review
- https://codeberg.org/toonn/dns2mdns/src/branch/trunk/src/Main.hs#L68 bytestring has
toStrict and fromStrict in the lazy module
- https://codeberg.org/toonn/dns2mdns/src/branch/trunk/src/Main.hs#L48 all toplevel bindings should have types
| 13:37:15 |
| magic_rb | You can enable mDNS in systemd-resolved and then nginx should use that. | 13:37:49 |
| Jassuko | I have that kind of setup somewhere. There's some shitty behaviors with the systemd-resolved mdns implementation relating to IPv6, but I don't remember what exactly was the pain point with that. It was something they specifically defined to do wrong and not care about, if I remember correctly. | 13:40:36 |
| Jassuko | I had this on one laptop where I absolutely needed to use network damager for managing WiFi due to reasons. Thus, the rather weird config on that.
# Enable Network Manager for WiFi networking
networking.networkmanager = {
enable = true;
connectionConfig."connection.mdns" = 2;
dns = "systemd-resolved";
# firewallBackend = "nftables"; ## Deprecated
};
networking.resolvconf.dnsSingleRequest = true;
services.resolved = {
enable = true;
llmnr = "false";
fallbackDns = [
# "8.8.8.8"
# "2001:4860:4860::8888"
"1.1.1.1#cloudflare-dns.com"
"1.0.0.1#cloudflare-dns.com"
"2606:4700:4700::1111#cloudflare-dns.com"
"2606:4700:4700::1001#cloudflare-dns.com"
];
extraConfig = ''
MulticastDNS=yes
Cache=no-negative
DNSOverTLS=opportunistic
DNSStubListenerExtra=::53
'';
};
| 13:44:51 |
| Jassuko | Firewall needs to be handled as well, like:
# Open ports in the firewall.
networking.nftables.enable = config.networking.firewall.enable || false ;
networking.firewall = {
enable = false;
allowedTCPPorts = [
"22"
];
allowedUDPPorts = [
""
];
extraInputRules = ''
ip6 daddr ff02::fb/128 udp sport 5353 dport 5353 accept
ip daddr 224.0.0.251 udp sport 5353 dport 5353 accept
'';
};
| 13:45:31 |
| Jassuko | so systemd-networkd is used to manage all other network things except WiFi, and systemd-resolved is used for all DNS lookups | 13:47:47 |
| toonn | Oh, you know what, I think I remember what the problem with systemd-resolved is in my case. It doesn't allow for subdomains of .local! | 13:51:57 |
 K900 | That's out of spec | 13:52:15 |
| Jassuko | /etc/nsswitch.conf might or might not need adjusting as well for the hosts: -line. Namely, the resolve needs to be there correctly at the correct place depending on your other setup:
hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns
| 13:52:23 |
| toonn | Yep, and working well for me : ) | 13:52:26 |
