Domain selection
Several approaches can be used to configure the domain for the local network.
This tutorial assumes that you have a domain, and that all applications will be accessible by using the value of this domain. It is also assumed that this domain will only be used on the internal network on which the NAS is located.
For example, if you own the example.com domain, then the grafana application would be available via grafana.example.com.
It is also possible to use a subdomain of a domain you own. In such as case the grafana application would be accessible as grafana.subdomain.example.com
Note
Throughout the documentation, the domain used will be example.com.
Top domain
The first approach is to own and use a domain such as example.com. While this involves a yearly cost, it can be as low as €5 per year. All services can then be hosted under this domain, such as nas.example.com, grafana.example.com, and so on.
With this approach, a valid SSL wildcard certificate can be obtained through Let’s Encrypt Certbot depending on which provider you bought the domain from.
It is possible to have public websites available with this domain name, and internal network applications using this same domain. With this configuration, there’s no separation of public / private accessible websites.
If you do not host public websites, then this point is irrelevant.
Warning
It is recommended to not use the same top domain for both public and internal resources.
Domain |
Usage |
|---|---|
example.com |
Used only for public resources, such as www.example.com |
example.net |
Used only for internal network resources |
Subdomain
It is possible to use subdomain of an owned domain. This is similar to the previous approach but relies on a subdomain, such as internal.example.com. All internal services would then be hosted under *.internal.example.com, while all public websites would be without the subdomain, such as www.example.com.
This method enables having a clear separation between public websites such as www.example.com and a local network application that would be hosted as nas.internal.example.com.
For this method, you need to own a domain where you can create a subdomain.
Subdomain |
Notes |
Example |
|---|---|---|
location |
Using an abbreviation of the physical location of the network, such as nyc for New York City |
nas.nyc.example.com, grafana.nyc.example.com |
ld |
Abbreviation of “local domain” |
nas.ld.example.com, grafana.ld.example.com |
int |
Abbreviation of “internal” |
nas.int.example.com, grafana.int.example.com |
corp |
Abbreviation of “corporation”, used in professional environments |
nas.corp.example.com, grafana.corp.example.com |
lan |
Abbreviation of “local area network” |
nas.lan.example.com, grafana.lan.example.com |
Reserved domains
It is possible to use a reserved domain without a top-level domain. The main disadvantage is that the SSL certificate must be self-signed. On the other hand, this approach is completely free.
Using such a domain may also require additional configuration of your DHCP and DNS servers.
Domain |
Notes |
Examples |
|---|---|---|
internal |
Recommended for use by ICANN since 2024. The abbreviation .int should not be used as it is reserved. |
nas.internal, grafana.internal |
ld |
Abbreviation of “local domain” |
nas.ld, grafana.ld |
lan |
Abbreviation of “local area network” |
nas.lan, grafana.lan |
local |
Used by with multicast DNS (mDNS) |
nas.local, grafana.local |
References