This community VM and the scripts to set your own up are great, really. Amazing stuff, clearly a lot of work went into it all and they work beautifully.
However, I believe they would be greatly enhanced by having the option of a 'local network only install' with a local trusted CA and local DNS.
For example, we are self-hosting nextcloud on our charity's internal network and everyone in our organisation can access it, wherever they are, through our VPN (we use WireGuard).
I'm fairly surprised at how unusual this setup seems to be as it is significantly more secure and generally, for most services, much easier to set up. Anyway, the fact that we do things this way means a bunch of the scripts which are super useful and awesome don't run because they refuse to run if they can't open external ports and resolve external DNS etc. and I have to hack the files which download and then delete themselves after use in order to force things to work in a very janky way.
I think all that is needed is the ability to specify a CA (including a local one) and choose the local network IP as the one that matters for DNS instead of the external IP.
No idea if anyone else would find this useful, but we certainly would and I believe it would be fairly easy to implement!
This community VM and the scripts to set your own up are great, really. Amazing stuff, clearly a lot of work went into it all and they work beautifully.
However, I believe they would be greatly enhanced by having the option of a 'local network only install' with a local trusted CA and local DNS.
For example, we are self-hosting nextcloud on our charity's internal network and everyone in our organisation can access it, wherever they are, through our VPN (we use WireGuard).
I'm fairly surprised at how unusual this setup seems to be as it is significantly more secure and generally, for most services, much easier to set up. Anyway, the fact that we do things this way means a bunch of the scripts which are super useful and awesome don't run because they refuse to run if they can't open external ports and resolve external DNS etc. and I have to hack the files which download and then delete themselves after use in order to force things to work in a very janky way.
I think all that is needed is the ability to specify a CA (including a local one) and choose the local network IP as the one that matters for DNS instead of the external IP.
No idea if anyone else would find this useful, but we certainly would and I believe it would be fairly easy to implement!