@mistermanko The issue is that it isn't possible to set up the Fritz!Box (I have one too) to resolve the FQDN for the jail to the jail's IP address. You can set up the
local host file to resolve this.
Sorry, but how do you think this works?
Thats not how DNS works.
A DNS server just answers: This IP is the IP for this Domain.
Thats (in TLDR) all it does. As long as your domain points to your IP, your fritzbox/pihole/whatever-you-use is either:
A. Using the upstream DNS server
B. Having a local cached copy of the upstream DNS server/request.
For DNS the fritzbox doesn't know if a DNS requets for ABC.COM is your own domain, or someone else's.
When thats all said and done, in all cases you would just be left with an IP (and from this point onwards DNS is mostly irrelevant)
So you have an external IP now, great...
Now all you need is a port forward, for a port forward (which is perfectly possible with the fritzbox afaik) it is totally irrelevant if someone got that IP using DNS or you yourself just entered it in the adress-bar.
If a request comes in for (for example) 123.123.123.66 on port 80 and the forward is set to forward this to: 192.168.1.50 on port 80, on almost anyt consumer router it would do so regardless from which source (lan or wan) this request actually came from.
Remember on the WAN side of a forward, is the router ITSELF, it is never supposed to point to a local system.
So how would this work in practice?
- Create a A record pointing to your home IP
- Setup the required port forwards
Thats all thats needed for the sake of setting up a webserver and TLS.
There never was any requirement for DNS to resolve to a local IP from the LAN side, I've done a lot of setups, read a lot of guides... but no one ever had the idea to even suggest this as a requirement. I can't even phantom why it would be relevant for the way Letsencrypt works, it never even tries to connect to itself on the lan side afaik....
I might sound harsh, but I am serieusly flabbergasted about this...