Domain setup

[itskando]

I recently registered a domain (through google domains).

I intend to use it for openVPN (guide) and also for
changing the freeNAS GUI from HTTP to HTTPS (guide).

• Is there a guide for what needs to happen to the domain to
prep it for use with these guides?

For example, should I:

.
.
.

• Change the nameservers?

We discussed changing the google wifi router default nameservers here.
Is there a similar rule of thumb for changing the google domain nameservers?

.
.
.

• Enable DNSSEC?

.
.
.

• Setup nas.mydomain.com (per requirement for this guide) - is there a good guide for this aspect?

Do I need to use registered hosts (glue records), synthetic records, or resource records?
What are typical applications of each?

I think glue record is correct, but then should I use a unique ipv4 address or one matching something else?

 

[danb35]

• Change the nameservers?

For obtaining the TLS cert using Let's Encrypt, DNS validation is preferred, as it means you don't need to open up your server to the outside world. acme.sh doesn't support Google Domains, as far as I can tell, so you might want to use Cloudflare for DNS instead.

• Enable DNSSEC?

That's really up to you--whether you do that or not has no direct effect on either of the things you're talking about doing.

• Setup nas.mydomain.com (per requirement for this guide) - is there a good guide for this aspect?

"Glue records"? Never heard that terminology before. But if you're wanting to use a hostname to connect from the outside (as you often would for VPN access), you'd want to configure an A record--point nas.yourdomain (or whatever other hostname you prefer) to your external IP address. I don't see any need for what Google's calling "synthetic records", and I have no idea what they mean by "resource records." If you use Cloudflare for your DNS as I suggest above, you'd make all these settings at Cloudflare rather than Google.

 

[itskando]

acme.sh doesn't support Google Domains, as far as I can tell, so you might want to use Cloudflare for DNS instead.

...

If you use Cloudflare for your DNS as I suggest above, you'd make all these settings at Cloudflare rather than Google.

Does that entail still using Google Domains for a domain registration and
switching domain DNS to Cloudflare? (Is this a paid service?)

(Does router DNS generally need to match domain DNS?)

.
.
.

That's really up to you--whether you do that or not has no direct effect on either of the things you're talking about doing.

Any rules of thumb for or against using this feature?

 

[Jailer]

I'm sure googles DNS servers are good although I've never used them. You can use any free DNS servers you want.

Cloudflare is free. You can sign up and just disable everything and use their DNS servers. That's what I do.

 

[danb35]

Does that entail still using Google Domains for a domain registration and switching domain DNS to Cloudflare? (Is this a paid service?)

Yes it does, and no it isn't--at least at this level. Cloudflare provides a number of paid services, but basic DNS is free.

(Does router DNS generally need to match domain DNS?)

I'm not sure what "router DNS" means in this context.

Any rules of thumb for or against using this feature?

Best I can tell you is to read up on DNSSEC and make your own decision.